Reading Time: ~2 min.

WhatsApp Exploited to Install Spyware through Calls

A serious flaw has been discovered in the messaging app WhatsApp
that would allow an attacker to install spyware on a victim’s device by
manipulating the packets being sent during the call. Further disguising the
attack, the malicious software could be installed without the victim answering
the call, and with access to the device the attacker could also delete the call
log. Fortunately, the Facebook-owned app was quick to respond and quickly
released an update for affected versions. 

SIM Swapping Group Officially Charged

Nine men in their teens and 20s have been arrested and charged
for a SIM-swapping
operation that netted the group over $2 million in stolen cryptocurrency. The
group operated by illicitly gaining access to phone accounts by having the
phone swapped to a SIM card in their control. The group would then fraudulently
access cryptocurrency accounts by bypassing 2-factor authentication, since login
codes were sent to devices under their control. Three of the group were former
telecom employees with access to the systems needed to execute the scam.

Web Trust Seal Injected with Keylogger

A recent announcement revealed that scripts for the “Trust
” provided by Best of the Web to highly-rated websites were
compromised and redesigned to capture keystrokes from site visitors. While Best
of the Web was quick to resolve the issue, at least 100 sites are still linking
customers to the compromised seals. This type of supply chain attack has risen
in popularity recently. Hackers have been seen injecting payment stealing
malware into several large online retailer’s websites since the beginning of
the year.

Fast Retailing Data Breach

The online vendor Fast
is currently investigating a data breach that gave attackers
full access to nearly half a million customer accounts for two of the brand’s
online stores. The attack took place within the last three weeks and targeted payment
information with names and addresses for customers of UNIQLO Japan and GU
Japan. Fast Retailing has since forced a password reset for all online
customers and delivered emails with further information for those affected by
the attack.

Data Leak in Linksys Routers

Last week researchers discovered a flaw in over 25,000
Linksys routers
that could give attackers access to not only the
device’s MAC address, but also device names and other critical settings that
could compromise the security of anyone using the router. Additionally, by
identifying the device’s IP address, attackers could even use geolocation to gauge
the approximate location of the exploited device, all without authentication.

The post Cyber News Rundown: WhatsApp Vulnerability Could Install Spyware appeared first on Webroot Blog.