CyberAttacks More Sophisticated

The attackers are getting better, they are not sitting still.

If you are hoping no one will notice you in your personal world … not likely, everyone is a target.

In this post lets connect a few dots:

SCmagazine story:“Social Media and Engineering Used to spread tempted cedar spyware”

So a fake Facebook profile method is infecting unsuspecting Facebook users (also called social engineering) using a fake app called kik. This app is actually designed to steal information from unsuspecting users that click on links or download the app.

So what do the criminals actually want? In the articles about this particular spyware is that the targets were in the middle east. So the criminals are looking for information – which can be used to make money with other information that they already have. I.e. if for example they stole a database  with partial information, then would want to fill in the blanks.

(Image from hackread.com)

As the phones get more powerful with more apps and capabilities we have more information stored everywhere. So it should not be a surprise as health data will be more important (here is a picture of the new Samsung S9 unveiled in Spain Mobile World Congress 2018):

How about when you go to major newspaper like Los Angeles Times? Did you ever wonder if you could get hacked just by going to a website? Yes it can happen. Apparently cryptojacking code was found on the website by a security researcher. The cryptominer was based off Monero Cryptocurrency, which is an open source Cryptocurrency.

This hack at LA times was more sophisticated (than some others) as they kept the miner from taxing the visitor phones(sometimes can be set to use 100% of resources) so as to stay unnoticed.

Apparently the LA Times had a misconfigured  website setting allowing anybody to upload code to a section of their cloud account on Amazon Web Services (AWS).  So why not upload some crypto mining code and make some extra Monero’s when you can, that is what the criminal said?

 

So, now there are fake Facebook profiles, just like fake Twitter accounts. When you go to some websites it may unknowing to you download some software that uses your CPU, the idea is to find information about certain individuals so as to make more sophisticated attacks.

Notice the IRS hacks have become more sophisticated: KrebsOnSecurity has a story “IRS Scam Leverages hacked Tax preparers, Client bank accounts”.

So if you have a specific profile that the criminal is looking for, then there are a variety of ways that the criminal can get to you to make more and more money.

Here is a unique attack scenario:

“We’re having customers getting refunds they have not applied for,” Dodd said, noting that the transfers were traced back to a local tax preparer who’d apparently gotten phished or hacked. Those banks are now working with affected customers to close the accounts and open new ones, Dodd said. “If the crooks have breached a tax preparer and can send money to the client, they can sure enough pull money out of those accounts, too.”

Tax preparers and accountants are going to be targeted by  criminals, especially in the next couple of months (March-April 2018). If your security is not up to par, then you will get a visit from a criminal in ways you have not thought of – including social media ‘friends’ videos and links to click on.

There are also Fake IRS websites that criminals have set up and if you find yourself on them, enter any of your personal data now the criminals can create your tax return and take your money.

Remember some of these attacks can be put together to target somebody that criminals want (accountant at a prominent company for example). We must prepare ourselves mentally and in other ways.

How about this – If you are wanting services from a tax preparer have they done the security audits to ensure as much as possible to reduce chances of hackers succeeding?

Ask them when doing your taxes – have them contact us.

Advertisements

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.