Apple double standards, collection of biometrics in the Russian Federation and other cybersecurity events

We have collected the most important news from the world of cybersecurity for the week.

Key

  • Apple has been accused of collecting user data without notice.
  • The White House is alarmed at the impact of vulnerabilities in Microsoft Exchange.
  • The media reported that the Russian authorities are going to intensify the collection of biometric data.

Europol reported a hack of the Sky ECC encrypted messaging platform. The latter denies everything

Law enforcers in Belgium, France and the Netherlands, together with Europol, reported on the hacking of the Sky ECC encrypted messaging platform.

#Breaking
MAJOR INTERVENTIONS TO BLOCK ENCRYPTED COMMUNICATIONS OF CRIMINAL NETWORKS: #Europol and @Eurojust have supported in a major international operation, disrupting #SkyECC , an encrypted network used by criminals. Read more: https://t.co/NeWio8bICP

– Europol (@Europol) March 10, 2021

According to Europol, they also managed to access “hundreds of millions of messages exchanged between criminals.” This allowed law enforcement officers to obtain information about “more than a hundred planned large-scale criminal operations.”

“By mid-February, the authorities were monitoring the information flows of approximately 70,000 Sky ECC users,” Europol said.

At the same time, Sky ECC claims that law enforcement officers have hacked a fake version of their platform, no investigating authorities have contacted the company and “not a single Sky ECC authorized device” has been compromised.

Sky ECC also vehemently denies any claims that it is “the platform of choice for criminals.”

“The platform exists to prevent identity theft and hacking, protect privacy rights, and securely conduct legitimate personal and business transactions,” the company said. 

Sky ECC bills itself as “the most secure messaging platform you can buy” with end-to-end encryption. The provider offers subscriptions and Android and iOS phones that are paid in bitcoin and are shipped worldwide, writes ZDNet .

Alleged operators of FluBot botnet arrested in Catalonia

Catalan law enforcement officers have arrested four suspects in running the FluBot botnet, which has infected at least 60,000 devices.

FluBot, also known as FedEx Banker or Cabassous, has been in effect since late 2020. The malware is a banking Trojan for Android devices.

To spread among new victims, the malware used SMS spam among the contacts of already infected users. Catalan authorities said they have identified at least 71,000 such messages. 

Despite the arrests, cybersecurity experts note that FluBot is still active. 

Looks like it isn’t dead after all. Even after succesful police intervention #Flubot campaing is still going, eh? @ B0rys_Grishenko @ 500mk500 @CERT_OPL @PPiekutowski

– Piotr Kowalczyk (@pmmkowalczyk) March 7, 2021

It is not yet clear whether the botnet is being controlled by other members of the hacker group or whether the malware servers are operating “by inertia.”

The Russian Federation wants to intensify the collection of biometrics

The Russian authorities want to stimulate citizens to submit biometric data. As reported by “Kommersant” with reference to the participants of the meeting in the Ministry of Digital Science, devoted to this issue, the ministry is considering the possibility of closing remote access to a number of public services without providing biometrics.

Trend Micro: Malware, Phishing, and Credential Theft Attacks Rise Significantly in 2020

Trend Micro detected and blocked 16.7 million email threats in 2020. Their number has grown by almost a third since 2019, company representatives told Hodlmonks.

Also in 2020, there was a double-digit increase in the number of malware attacks, phishing attempts, and theft of user credentials.

In France, Apple was accused of collecting user data without their consent

The France Digitale, which represents the majority of French IT entrepreneurs and start-ups, accused Apple of violating EU legislation on the protection of user data.

While mobile apps ask iPhone owners for permission to collect data for targeted ads, the default settings allow Apple itself to run ad campaigns without asking prior user consent, France Digitale says.

Under European law, all organizations must request permission from users to collect data using trackers or other tools.

France Digitale also claims that Apple’s tracking feature allows it to share collected data with affiliated companies without informing users in advance.

Apple called the accusations false.

The White House expressed concern about vulnerabilities in Microsoft Exchange 

The vulnerabilities in Microsoft’s Exchange mail product “could have far-reaching consequences,” said White House spokeswoman Jennifer Psaki.

In early March, Microsoft  released unscheduled fixes for four zero-day vulnerabilities found in the Exchange code. The company noted that the bugs are already being exploited by the hacker group Hafnium, which is allegedly sponsored by China.

With their help, hackers could gain administrator rights and steal user data. 

It is reported that tens of thousands of organizations have already been affected.

The US Cybersecurity and Infrastructure Protection Agency (CISA) has called on “all organizations in all sectors” to follow best practices for remediation of vulnerabilities in Microsoft Exchange.

CISA urges ALL organizations across ALL sectors to follow guidance to address the widespread domestic and international exploitation of Microsoft Exchange Server product vulnerabilities; see CISA’s newly released web page for details. https://t.co/VwYqAKKUt6 . #Cyber #InfoSec

– US-CERT (@USCERT_gov) March 9, 2021

Ryuk Ransomware Attacks Spanish Government Systems

Spanish State Employment Agency (SEPE) systems were shut down following a Ryuk ransomware attack that affected more than 700 SEPE offices across the country.

SEPE chief Gerado Guitérrez stressed that the confidential data is safe and the attack will not affect payroll or unemployment benefits.

Also on Hodlmonks:

  • Roskomnadzor began to slow down the speed of Twitter in the Russian Federation and threatened to block it.
  • Hackers gained access to 150 thousand video cameras at Tesla factories, prisons and hospitals.
  • The media reported that the United States will conduct a series of retaliatory cyberattacks against Russia .
  • Telegram began to remove bots for “breaking through” data after the request of Roskomnadzor.
  • Several thousand CCTV cameras with publicly available data have been identified in Russia .
  • The Czech Republic extradited two members of a hacker group from Ukraine to the United States .

Leave a comment