Telegram Founder: Crypto Mining Malware Not An App Flaw

 

 

There was a report by  that the attackers had discovered an exposed backdoor in Telegram Messenger, this vulnerability helped the attackers unknown to the owners turn computers into cryptocurrency miners.

These clandestine crypto mining operations had been going on since March 2017 reported Kaspersky Labs, the company that discovered and exposed the cyber attacks. Kaspersky also said a zero-day vulnerability in the Telegram messenger desktop app gave the attackers the ability to create and spread a never before seen the type of malware that could create a backdoor Trojan and also mine cryptocurrency.

 

A Kaspersky lab analyst said they had found quite a number of possible actions of the zero-day exploitation which asides from being spyware and malware, could also send unknown and unseen software for mining cryptocurrency, and that infections like that had become a global phenomenon.

Here is a little insight into the operation of the Telegram vulnerability; there is a way the Telegram Windows client deals with the RLO (right-to-left override) Unicode character (U+202E), in that process lays the vulnerability. However, that RLO Unicode Character is how languages are written from right to left (like Hebrew or Arabic) are coded. Kaspersky’s report states that a hidden RLO Unicode Character contained in the file name that flipped how the characters were ordered, thereby giving the file a new name was how the malware creators got access to computers. Like in this example, an attacker names a file “IMG_high_re*U+202E*gnp.js” and sends to someone using the Telegram messenger, the file seen at the User’s end will be “IMG_high_resj.png” (notice how a flip has happened to the file format), the user then clicks on the file thinking it is a picture file, then a JavaScript file containing the malware would be secretly downloaded.

                                                 Founder of Telegram

 

However, the founder of the Telegram application did not waste time in deemphasizing the allegations. He is of the opinion that antivirus companies always do the most at stretching the severity of their results, just to excite the public, and as such, should not be taken seriously. He also rebuffed Kaspersky’s claim by explaining that what they uncovered was nothing near a vulnerability of the Telegram messaging app, and also that there was no way cybercriminals could gain access to users’ computers without the users opening something malicious. He further assured Telegram users that they were safe and had always been safe.

According to Kaspersky, Fantomcoin, Monero, Zcash and other cryptocurrencies were acquired, and according to the evidence they had, Russians were behind the malware, and also that it could be used as a backdoor for hackers to gain access and silent control of users’ computers. Records of a Telegram local cache which most likely was stolen from victims was found in the process of doing their analysis of malicious servers.

One sure way to guard against such attacks is to avoid downloading and opening suspicious files from untrusted and unknown sources, as that suspicious file could be a portal for attacks.

Checkout Unique Finance and get a bonus from me.

The Impact of Cyber Attacks on the Banking Industry

 

There have been increasing numbers of cyber attacks reported in recent years across all industries and it is costing the United States an absolute fortune in cyber security. Obama announced that $19 billion  was to be dedicated to the ongoing fight against cyber criminals, highlighting the gravity of the threat it now poses to businesses and even households.

In 2016 there were widely reported attacks on PayPal, Twitter and Spotify to name a just a few of the big companies that have been targeted. The number of cyber attacks across the world is increasing and businesses are spending more and more money in deterring the crime.

Banking Sector Most at Risk

Of course, the banking sector is one of the industries that are most at risk, given the nature of the data that they hold. This means that banks have had to dedicate significant funds on developing their digital infrastructure to strengthen their cyber security. The banking world has long been seen as a very profitable industry and for many banks that still remains to be true. Investment banking experts like Fahad Al Rajaan demonstrate that the banking sector can still be a very effective way of making money. It is therefore vital that banks are protected from cyber-attacks.

Preventing Cyber Attacks

As well as spending more on software to reduce the chances of an attack, companies now spend more on resources dedicated to preventing cyber-attacks. This means that extra IT personnel are required, extra training for all staff and more resources allocated to analyzing their cyber security and performing risk assessments.It also means that more robust policies and processes must be introduced. This can vary from developing and delivering online training for staff to raise awareness about the risks of cyber security, to employing a whole team of experts to audit the processes. It is certainly becoming a very costly affair.

Cyber attacks not only cost businesses from the initial financial sting, they are also impacted by the reputational damage that the attacks can cause for years to come. If somebody feels that their money isn’t safe with a bank, then they are likely to close their account and go to another one that they feel will protect their money better. The more publicity that a cyber attack attracts, the higher the reputational damage will be.As mentioned before, the government is committed to driving down and eventually eradicating the threat of cyber attacks. Greater cyber security laws are being ratified and harder punishments will be a deterrent for many would-be cyber criminals.

 

Finding a Solution

It is unfortunate that such huge amounts of money are being spent on cyber crime, both by the government and by businesses. Until a solution is found, it looks like this trend will continue and the threat of cyber attacks will dominate how businesses setup their IT structures and policies.

 

 

 

 

Checkout Unique Finance and get a bonus from me.

WannaCry Attack is Actually Good for Cyber Security Stocks

Consumers and companies had a rude awakening recently. They’re all at risk of cyber attacks. One of the biggest cybersecurity developments recently was the WannaCry attack. Now, WannaCry is ransomware, which is a type of malware that blocks users access to their data until a ransom is paid to the hackers to regain access. On May 12, 2017, WannaCry began to infect Windows-based computers across the globe, primarily through phishing email scams and a worm feature in the ransomware.

The WannaCry attack spread to 150 countries, and targeted approximately 200,000 organizations. The WannaCry ransomware exploited a flaw in Microsoft’s Windows software, which was discovered by the U.S. National Security Agency and leaked by hacker. Although WannaCry affected millions of users and hundreds of thousands of organizations, it’s good news for the cyber security industry.

 

Highly Publicized Cyber Attack

Now, when there is a highly publicized cyber attack, it tends to be good news for cyber security companies, and stocks tend to rise off of this news. For example, Sophos Group PLC, which is a UK-based cyber security company, saw its stock rise over 7% and set a record high. This was primarily due to the company’s guidance raise.

In the event of a cyber security attack, traders price these events in, as this could mean more potential business for publicly-traded cybersecurity-related companies. In turn, this should drive revenues and earnings higher, which should cause cybersecurity companies’ stock prices to rise.

According to trader Jason Bond, “We’ve seen cybersecurity stocks run higher following some cyber attacks on companies, such as the attacks on Yahoo, Target and Home Depot. The idea behind is this move is quite simple. When hackers attack companies or users, those companies and users may look to increase their defense against another attack. To defend against cyber attacks, these companies will look to leverage the technology of well-established cybersecurity firms.”

We saw this in some cybersecurity stocks, such as FireEye Inc (NASDAQ: FEYE),  an enterprise cybersecurity company that provides products and services in an attempt to protect against cyber attacks and threats. After the news of the WannaCry attack was released, FEYE closed up over 5% that following day. Here’s a look at FEYE on the 15-minute chart, after it hit a high above $16.

 

Source: TradingView

Now, that wasn’t the only cybersecurity-related security that gained that day. Traders may use HACK as an investment vehicle to gain exposure to the overall industry, rather than just one cybersecurity-related company. The PureFunds ISE Cyber Security ETF ultimately closed up over 3% on the trading day following the WannaCry reports. The PureFunds ISE Cyber Security ETF (NYSEARCA: HACK), the world’s first cybersecurity exchange-traded fund (ETF), shares also saw a rise following the WannaCry attack. The PureFunds ISE Cyber Security ETF offers investors away to gain exposure to the cybersecurity industry, and the fund is comprised of companies offering consulting, software, hardware and services to defend against cyber attacks.

 

Here’s a look at the ETF following the WannaCry reports, on the 15-minute chart.

 

 

                                                              Fight Cyber Crime

Checkout Unique Finance and get a bonus from me.

5 Things That You Should Look for When Selecting the Best VPN

 

A VPN, or Virtual Private Network, is a service  allowing  a company or indicudual.to connect directly to the internet via a server operated by a ultra high quality  VPN PROVIDER. All data traveling between your  phone computer, or even your tablet, and even the new glass screen hand held devices.  and the  “VPN SERVER” is securely encrypted.

Cyber Crimes, Hacking, Malware Attacks

With the increasing cases of ransom ware infections, cyber-crimes, hacking attempts and malware attacks happening today, increasing your privacy levels while online is crucial. Using an active Virtual Private Network will modify your virtual location and give you an extra security layer. Furthermore, it will give you access to blocked or restricted websites. Here are qualities to look for in the best VPN service.

Speed

Speed is one of the major aspects that separate the best VPNs from the ordinary ones. Nobody likes to deal with a slow connection, especially if you have a busy lifestyle. Go for a virtual private network that provides a fast and stable access. It is best to opt for VPNs that have different offer options so that you can always have the speed you need for different services.

Ease of use

You need a VPN that is easy to use and should not require tech expertise. You need to go for a service that offers you the protection that you need and does not compromise on user experience. Good VPNs should be hassle-free and intuitive to ensure that you do not waste your time on them. You should not bother with a VPN service that does not deliver within a few minutes.

Solid security

Various encryption protocols will deliver different security levels. You must determine the type of encryption that is used by the VPN service that you are considering. Most VPN providers will also use security measures such as firewalls, secure VPN nodes, security audits, dedicated servers, PCI compliance and more. Solid security is important because your privacy while online should be protected at all times. For excellent security, check out FastestVPNGuide’s website.

Different server locations

A good VPN service offers servers or IP addresses from different global locations. This is crucial, especially for users who need IP addresses for specific countries. For example, if you want to access content that is only available to US audience, then you will have to use a US IP address. You should ensure that your service provider allows for IP switches, especially if you want to use multiple IPs from several countries.

Tech Support

Knowing that your queries will be answered promptly and in detail is an important thing, particularly for those who are not experts in this field. You need a VPN service that will be there for you whenever you need assistance or are stuck. Readily-available and helpful customer service is crucial for any client. Go for companies that have a detailed FAQ segment and committed customer care representatives.

The pricing of VPN services should not be taken for granted. This is because there are tremendous price variations between various VPN service providers. When buying a VPN service, you should avoid the cheapest deals in the industry. This is because quality service is never cheap and you will get what you pay for. Take time to compare available VPN plans to choose one that fits your budget and has all the features that you need. With a little research, you will find the best VPN services that will protect your transactions and activities online.

 

 

Checkout Unique Finance and get a bonus from me.

WannaCry Malware Is Gone But Still Leaves A Lasting Impression

 

Over the past few years, ransomware has become an enormous problem throughout the United States and abroad. It is also a unique problem that is far different from other types of computer viruses. Unlike other malicious software, ransomware is specifically designed with the intent of forcing the victim to hand over their money. On May the 12th, the world was hit with a cyber-attack unlike anything it had ever seen before. The primary weapon of the attack was the WannaCry ransomware. On the Friday of the attack, the nefarious software infected an estimated 230,000 computers in more than 150 countries.

 

Affected by These Attacks are Groups like The National Health Service in Britain

Of course, most onlookers were more surprised by the groups that fell victim to the attack. The National Health Service in Britain experienced major disruptions. Simultaneously, Deutsche Bahn, Telefonica and even FedEx became victims of the hackers. When these companies found out they have fallen prey to the hackers, they received a warning screen on their computers demanding ransom ranging in price from 300 to 600 dollars. All of the files on the computers were encrypted. While workarounds were eventually discovered, it was originally believed that paying the extortion money was the only way to obtain the decryption code to unlock their files.

A Lasting Impression left Behind.

While the WannaCry ransomware attack has ended, it has undeniably left a lasting impression behind. For starters, the vulnerability, which allowed hackers to install the malicious software on the victims’ computers, was previously identified and utilized by the United States National Security Agency. The NSA used the vulnerability to their advantage and did not alert Microsoft. A hacking collective, The Shadow Brokers, gained access to the NSA’s tools and documents late last year. Originally, the group attempted to auction off the tools used by the NSA. Microsoft became aware of the problem after leaks from the hacking group. This gave the technology company plenty of time to release patches, but obviously not everyone installed the patch in time.

The Impact

After the attack, Kaspersky Lab analyzed the impact and confirmed that Russia, India, Ukraine, and Taiwan were hit harder than other companies. However, the National Health Service were disrupted the most. Vape technology, tablets and smartphones were generally invulnerable to the attack. In fact, it only impacted older Windows computers that had not been upgraded to the Windows 10 operating system and the latest patch. While experts concur that the impact of the attack was relatively low, it could be a sign of things to come in the near future.

For instance, security experts agree that the results could be far direr had the attacked targeted something more dangerous, such as nuclear power plants or railway systems. At the end of the day, WannaCry might be finished, but it could easily return in the future. The Wall Street Journal and others believe the attack could be linked to North Korea. Whether or not that is true, one thing is certain. Cyber security firms will need to take steps to address these security risks and flaws as quickly as possible. Failing to do so could result in something far worse in the future.

 

How Technology is Changing Security Procedures

 

 

In an age where technology is beginning to take over the world, security is becoming a huge factor. Security procedures are needing to adapt in order to ensure that people are continually protected at all times, whether that’s at the airport, online or visiting the hospital, and there are a number of new technologies that are being implemented in order to adapt and change security procedures. Here, we’re taking a look at how technology is changing security in a number of different sectors around the world.

Online Security

One of the biggest concerns that people have when it comes to going online is whether or not their personal details are able to be stolen. When it comes to filling out personal, financial details on sites like Wizzcash.com or other financial institutions, there is a lot of personal information that could be taken by hackers. However, new technologies like cloud-based systems and biometric scanners can help to ensure that a person’s identity is protected and personal data cannot be stolen without legitimate identification processes. While this is not in practice yet, with huge hacks around the world like the NHS ransomware attack, it is highly likely that stronger security measures will be put in place to protect data in mind.

Airport 3D Scanning Systems

In the US, a company called Analogic uses a 3D scanning system suited to scanning hold luggage, based on the idea of a CT scan. The concept behind this technology is to stop people from having to take out things like liquids and laptops from their hand luggage as it is able to be put through the scanner with any threats indicated quickly and officially. These scanning systems could one day also be rolled out on a larger scale, meaning countries all over the world won’t have to see toiletries being stuffed into plastic bags and left out to put on the trays separately.

Biometric Iris Scanners

The E-passport gates in some UK airports not only allow queues to be reduced in the airport when trying to get through passport control, but they also help to heighten security levels without the added hassle and stress. The rise in biometric iris scanners in airports mean that people who may swap their passport with someone they look similar to will get caught instantly, and the gates won’t open. Facial recognition technology is also slowly coming into play, meaning the airport is able to understand and monitor the profile of every traveler trying to go through the gates, further increasing security measures.

Patient Identification

One of the biggest issues behind patient identification is the lack of privacy and easily accessible documentation. Data isn’t quite as secure in healthcare as many people tend to think, but a number of new technologies are beginning to be introduced in order to reverse this. Biometric patient identification processes are just one example of how these types of processes can be improved, to ensure that data and patient identification documents remain as secure as possible. This will include strengthened security and compliance, locking medical records to ensure there are no mix-ups and also accurately identifying patients to prevent fraud and human error.