Reading Time: ~ 2 min.
Cryptominers Found in Audio Files
Researchers have recently found that both cryptominers
and backdoors are being deployed within WAV audio files on targeted systems.
Using steganography, attackers can include components for both loading and
executing malicious scripts, while still allowing some audio files to play
normally. Along with the malicious software, Monero cryptominers were launched
simultaneously to begin generating cryptocurrency.
Vermont School District Monitoring Students Online Activity
A Vermont school district recently hired the
cyber-monitoring software company Social
Sentinel track the social media and email accounts of enrolled students.
The purported purpose of the software is to stop problems such as bullying and
self-harm among students by scanning for specific keywords, while supposedly
respecting the privacy of the district’s thousands of students. Unfortunately,
most of the posted alerts are currently being triggered by searches for a
locally-made beer.
Darknet Child Porn Distribution Site Shutdown
Officials in the U.S. and South Korea collaborated to shut down
a darknet
site thought to be the largest distribution site of child porn. More than
300 individuals were arrested in connection with the site. By monitoring new
Bitcoin addresses created when users made an account, the officials were able
to find not only hundreds of users, but also the site’s administrator, who has
since been charged in South Korea. Most alarmingly, amongst the 250,000 videos
found on the server, nearly half were previously unknown to law
enforcement.
Fake Account Reporting Leads to Facebook Lockout
Many Facebook
users have been locked out of their accounts after reporting fake or spam
accounts, some for nearly a week. Following the lockout, users were shown a bugged
verification screen that left users even further from regaining access. Luckily,
Facebook responded to the many requests to reinstate user accounts, resolved
the issue, and fixed the authentication process.
Payment Card Marketplace Re-leaks Stolen Cards
One of the largest online
marketplaces for stolen payment card info has been breached, leading to
nearly 26 million payment cards stolen in prior breaches being reintroduced to
hackers. By accessing the binary data stored in the magnetic strips, hackers were
able to create fake cards and make fraudulent purchases. At least 8 million
unique cards had been uploaded to the marketplace since the start of 2019.
The post Cyber News Rundown: Cryptomining WAV Files appeared first on Webroot Blog.