Anvendes med forsigtighed: 7 Fælles Alligevel Farlige Online steder i 2019
CYBER NEWS

Anvendes med forsigtighed: 7 Fælles Alligevel Farlige Online steder i 2019

1 Star2 Stars3 Stars4 Stars5 Stars (1 stemmer, gennemsnit: 5.00 ud af 5)
Loading ...

For et par år tilbage, i 2016, we decided to analyze the most dangerous online places, der var repræsenteret ikke kun af mistænkelige steder, men også af legitime websteder og tjenester.

I sandhed, things haven’t changed for the better since 2016, as we’ve been continuously witnessing some of the biggest and most devastating cyberattacks and data breaches, each surpassing the preceding one.

Where does this “backward evolution” leave us, brugere? We’re still as dependent on social media and digital services as we were a few years ago, and maybe even a tad more. This dependency on “the online realm” has created a very modern paradox. Despite knowing the cybersecurity risks and privacy pitfalls of, let’s say Facebook, we’re still there, voluntarily agreeing to sharing our personal experiences, fotografier, travels, placeringer.




Mentioning Facebook, the social platform has been through a lot, especially since the GDPR came into motion. A dozen of privacy breaches and scandals later, Facebook is definitely not the dreamland of online socializing anymore, and it has deserved a top spot in 2019’s most dangerous online places.

Facebook


Lige siden den berygtede Cambridge Analytica Scandal (for which the tech giant was fined a ₤500,000 in October, 2018), the platform has been treading more carefully. skandalen, sammen med passagen af ​​BNPR, tvang Facebook til at tilføje flere muligheder for at deres personlige oplysninger indstillinger, der giver brugerne flere valgmuligheder i, hvordan de ønsker deres personoplysninger skal indsamles og bruges.

Despite these actions, Facebook står en anden stor sikkerhedsbrist i september, when up to 50 million Facebook accounts were exposed due to a vulnerability in the ‘View As’ feature, which gave hackers access to users’ profiles. I modsætning til Cambridge Analytica begivenhed, this was a vulnerability within Facebook itself – one that allowed malicious actors to directly take over user accounts.

Mens Facebook indrømmede sin fejl og handlet hurtigt for at løse problemet, dens handlinger var mindre end gennemsigtig.
I stedet for direkte at advare brugerne om hack, Facebook simpelthen sendt berørte brugere en kryptisk besked på deres news feed, der læste ”Dit privatliv og sikkerhed er vigtige for os. Vi ønsker at lade dig vide om de seneste tiltag, vi har taget for at sikre din konto.”Desværre, budskabet lød som sædvanlig vi-pleje-om-din-privacy køje at Facebook feeds os hele tiden, our guest blogger Shachar Shamir wrote in a story on

the most dangerous digital conglomerates.

Desværre, things with Facebook’s misfortunes don’t end here. Being very popular on a global scale, Facebook continues to be abused by cybercriminals for the purpose of spreading malware and scams. Den såkaldte

denne virus represents a series of scams which have been circling on the social network. Users are flooded with fake ads which are usually trying to get them watch a video or visit a suspicious page. Clickbait techniques are usually in place when cyber crooks are attempting to plant malware on users’ machines through Facebook or other widely used social networks.




A security researcher known as Lasq recently published a proof-of-concept code about creating a fully functional Facebook worm. Den PoC kode er baseret på en specifik sikkerhedsbrist bopæl i den mobile version af Facebook-deling pop-up. Heldigvis, the desktop version of the platform is not affected but that does not make the issue less alarming. Ifølge forskeren, en clickjacking sårbarhed i den mobile deling dialog, der kan udnyttes via iframe elementer. Det er vigtigt at bemærke, at fejlen er blevet misbrugt i realtid angreb af en gruppe hackere, der distribuerer spam. Gruppen har været udstationering spam links på væggene i Facebook-brugere, and is yet another example of why Facebook is becoming more dangerous with each day.

Sociale medier, Tilsammen


En ny undersøgelse foretaget af Bromium og Dr.. Mike McGuire siger, at cyberkriminalitet via sociale medier (Facebook, Twitter, LinkedIn, Instagram) genererer i det mindste $3.25 milliarder i globale omsætning årligt. The report which was published in February is based on three key factors: “how revenues are generated and which revenues are the most lucrative at present; hvordan indtægterne bliver flyttet rundt eller hvidvaskes; and where revenues are spent or converted into other assets or activities”.

Relaterede: Hackere Make $3.25 Milliarder om året fra Udnyttelse Social medieplatforme.

The report also pays attention to the range of malicious services offered openly on social networks, såsom hacking værktøjer, botnets til leje, cryptocurrency svindel. Forbrydelser baseret på sociale medier er vokset markant, and so has the risk of using them. One in five organizations has been attacked by malware delivered through the means of social media.

Finansielt drevne motivationer repræsenterer den vigtigste enkeltfaktor drivkraft for både form og spredning af cyberkriminalitet, ifølge rapporten. Men, det "cyberkriminalitet som en forretning” definition is no longer adequate to capture its complexities. Here’s where the so-called “Web of Profit” comes into play – “en hyper-forbundet række økonomiske midler, økonomiske forhold og andre faktorer nu i stand til at generere, støtte og opretholde kriminelle indtægter på hidtil uset omfang".

Kort, sociale medier-aktiveret cyberkriminalitet genererer $3.25 milliarder årligt. Hvad angår antallet af berørte individer, 1.3 milliard sociale medier brugere er blevet berørt i de seneste fem år. Det er også meget sandsynligt, at nogle 50 procent af ulovlige data handel med 2017-2018 fandt sted på grund af sociale medier hacks og brud på datasikkerheden.

Your Inbox


Malware infections often begin with opening a single phishing email, or more likely – its malicious attachment.
Let’s see how a phishing email eventually compromises a user’s computer.

I 2017, security researchers at Wordfence detected a highly effective and massively spread phishing technique

stealing login credentials for Gmail og andre tjenester. Alt i alt, it’s your average phishing scam where the attacker would send an email to a Gmail account. E-mailen kan synes at blive sendt af en person målet kender, og det er fordi deres konto er blevet hacket. E-mailen kan indeholde en vedhæftning af et billede. Ved at klikke på billedet for at se det, en ny fane vil åbne op og brugeren vil blive bedt om at logge ind på Gmail igen. Placeringen bar viser følgende adresse: accounts.google.com, så selv den erfarne øje kan blive vildledt.




Når sign-in afsluttes, den målrettede konto er kompromitteret. Hele processen sker meget hurtigt, og det er enten automatiseret eller angriberne er på standby, behandling af kompromitterede konti. Når der opnås adgang til en konto, angriberen har fuld adgang til alle offerets emails, og er også adgang til andre tjenester tilgængelige via nulstilling af adgangskode mekanisme. Dette omfatter andre e-mail-konti, software-as-a-service, etc.

Phishers are constantly improving their tactics. Ifølge seneste rapporter by security vendors, phishing websites are increasingly using security certificates (HTTPS) in their attempt to fool users. A bothersome trend is that the payment sector is subject to phishing scams more than ever before. Mere specifikt, this sector was the most targeted in Q3 2018, followed by SAAS/webmail and financial institutions.

We’ve created a 2019 phishing guide which we regularly update with the most recent phishing scams.

Relaterede: Sådan fjernes Phishing-svindel i 2019.

BEMÆRK. Alle populær 2019 phishing scams are deployed via email messages. Recipients will be sent messages that are disguised as legitimate notifications from a service, program, product or another party, claiming that a certain type of interaction is required. De fleste af de gange de scams er relateret til regnskab aktivitet, transaktioner svig eller adgangskode reset påmindelser.

Alle disse kan være legitime grunde til at sende ud aktivitet budskaber og som sådan kan nemt forveksles med de virkelige meddelelser. I næsten alle tilfælde lignende klingende domænenavne og sikkerhedscertifikater (selvsigneret, stjålet eller hacker-udstedt) vil blive gennemført i de destinationssider for at forvirre modtagerne, at de besøger et sikkert sted. The legitimate design layout, elements and text contents can also be copied from the legitimate sites. Så, be extremely careful with any convincingly looking but unexpected email that shows up in your inbox, especially when “urgent activities” are required.

Google Play Store, Third Party App Stores

Third Party App Stores

Nogle ondsindede apps er værre end andre, and such is the case with a battery optimization that is designed to steal money from users’ PayPal accounts. The app was detected in December, 2018, and it didn’t affect Google Play Store. Ikke desto mindre, security researchers have detected similar apps lurking in the Play Store as well. Mere specifikt, 5 such apps were found in the official store targeting Brazilian users.

Relaterede: Ondsindet Android App stjæler penge fra PayPal, og det kan ikke stoppes.

As for the battery optimization app that drained PayPal accounts, it was hiding an Android Trojan inside it, and it is the Trojan that has the capabilities to initiate PayPal money transfers without the user‘s knowledge. Dette er muligt på grund af et automatiseret system, der også gør det umuligt for den offer brugeren at stoppe uønsket transaktion.

Under installationen, den app anmoder om adgang til Android Accessibility tilladelse, som gør det muligt for apps at automatisere skærmen haner og OS interaktioner. En meget alarmerende tilladelse, Ja. Men, note that the app won’t do anything until the user opens their PayPal. For at fremskynde denne aktivitet, the Trojan may trigger notifications to push the user into opening PayPal on their device.

Google Play Store

I januar, Trend Micro researchers reported a number of

malicious beauty camera apps for Android på Google Play Store, hvoraf nogle downloadet millioner af gange. De apps kan få adgang til eksterne annonce konfigurationsservere, der kunne bruges til skadelige formål, forskerne sagde.

The apps were grouped into two categories. Some of them were variations of the same camera app that beautifies photos, and the rest offered photo filters on users’ snapshots. Heldigvis, apps er nu fjernet fra Google Play, men det kan komme lidt for sent, da de allerede var hentet af millioner af brugere.




kompromitterede websteder


Websites get compromised, and there’s hardly a website that’s a hundred percent secure against attacks. These attacks usually have one thing in common – they are not carried out by highly knowledgeable hackers but mainly by the so-called “script kiddies”, or inexperienced crooks that download automated toolkits and attempt to crack websites with easily exploitable vulnerabilities.

Dybest set, der er ten types of dangers for websites and web applications that enable various attacks:

  • SQL injektion
  • Broken authentication
  • Exposure of sensitive data
  • XML external entities
  • Broken access control
  • Security misconfiguration
  • Cross-site scripting (XSS)
  • Insecure deserialization
  • Using components with known vulnerabilities
  • Insufficient logging and monitoring

We have seen thousands of websites fall victims to these attacks. Let’s have a look at a recent example. A stored cross-site scripting (XSS) flaw was recently patched in version 5.2.0 of a popular WordPress plugin called Abandoned Cart Lite For WooCommerce. What was the attack about? Cybercriminals created a cart with fake contact information, which was then abandoned. The applied names and emails were random, but the requests followed the same pattern: the generated first and last name were supplied together as billing_first_name, but the billing_last_name field contained the injected payload. The purpose of these attacks was to drop two backdoors on victims’ systems.

Relaterede: Abandoned indkøbskurven for WooCommerce WordPress Plugin udnyttes angreb.
WordPress og Wix, blandt andre, were also found to contain serious XSS flaws.

Magento-Based Online Stores


Thanks to the Magecart criminal group, websites running on Magento are constantly in danger. Sidste år, the respected security researcher Willem de Groot unearthed an extremely successful skimming campaign, at the center of which was the MagentoCore skimmer. Prior to the discovery, the skimmer already infected 7,339 Magento stores, thus becoming the most aggressive campaign of this sort.

Beware that victims of this skimming malware are some multi-million, børsnoterede selskaber. I sandhed, it is the customers of these companies that have their cards and identities stolen.

"Den gennemsnitlige restitutionstid er et par uger, men i det mindste 1450 butikker har været vært for MagentoCore.net parasit under fuld fortid 6 måneder. Gruppen har ikke færdig endnu: nye mærker er kapret i et tempo på 50 til 60 butikker om dagen i løbet af de sidste to uger", forskeren

sagde dengang.

Senere, the same researcher discovered that the Magecart malware is capable of re-infecting the website even after it’s been cleaned up. The researcher tracked infections similar to Magecart on at least 40,000 domæner for de seneste tre år. It appears that during August, September and October last year, his MageReport scanner came across Magecart skimmers on more than 5,400 domæner. Nogle af disse infektioner viste sig at være ganske vedholdende, bruge op til 12.7 dage på inficerede domæner.

As for the re-infections, the reasons are the following:

  • Operatørerne af Magecart ofte droppe bagdør på hackede butikker og skabe slyngelstater admin konti;
  • De malware operatører bruger effektive geninfektionsraterne mekanismer som database-triggere og skjulte periodiske opgaver;
  • Operatørerne bruger også formørkelse teknikker til at skjule deres kode.
  • Operatørerne bruger ofte zero-day exploits at hacke udsatte steder.

Så, you should definitely pay attention to your online shopping habits, as Magento is perhaps the most popular ecommerce platform at the moment.

Porno Websites


We won’t be talking about the general risks of visiting adult websites. Instead we will refer to statistics once again. According to a recent report by Kaspersky Lab, the number of malware strains prowling for login credentials on porn websites has tripled in 2018. The number of advertisements that sell access to hacked accounts on adult websites has doubled.

I 2018, the number of attacked users doubled, reaching more than 110,000 PCs across the world. The number of attacks almost tripled, til 850,000 infection attempts.

The most active malware found on adult portals was the so-called Jimmy Trojan. The preferred method of distribution of this malware strain is via email spam, forskerne sagde.




Pornhub and XNXX were the two adult portals where criminals mostly focused on stealing credentials. Sammenlignet med, in previous years login stealing malware was focused on more websites such as Brazzers, Chaturbate, Youporn, X-videos.

Kaspersky researchers also analyzed the top 20 Dark Web marketplaces and found more than 3,000 offers for credentials to porn portals. The researchers also found 29 websites hosting more than 15,000 packages for accounts on various adult portals, which is twice as much as compared to 2017.


Selvfølgelig, this article doesn’t cover all the risks that the various online locations hide. Men, it does highlight the top threat trends of which users should be fully aware. Whatever you do online, do it with caution.

Avatar

Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum for 4 år. Nyder ’Mr. Robot’og frygt’1984’. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler!

Flere indlæg

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...