A caution to Orvibo device owners, adware in Android apps and arrests in cryptocurrency exchange scam

Welcome to Cyber Security Today. It’s Wednesday July 3rd. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com.

Cyb er Security Today on Amazon AlexaCyber Security Today on Google PodcastsSubscribe to Cyber Security Today on Apple Podcasts

I’m back from a week’s vacation to bring you more news about cyber attacks and how to protect yourself.

Do you have home or business security products from a company called Orvibo? Well, you should change the passwords to the devices. According to researchers at security firm vpnMentor, someone at the Chinese company left a database open on the Internet. Anyone with the right amount of knowledge can see customer usernames, email addresses, scrambled passwords, account reset codes and other sensitive data. With a reset code an attacker could lock a user out of their account. It isn’t clear how many people’s information could be seen, but Orvibo claims to have 1 million customers. Researchers said they could see logs from customers from China, Japan, Thailand, the U.S., the U.K., Mexico, France, Australia, and Brazil. Researchers have been trying since June 16 to tell Orvibo to shut the door on this database. It isn’t clear if as of today the database is still open online. Orvibo makes a wide range of products including all-in-one panels to control multiple smart devices, smart door locks, video surveillance cameras and smart Wi-Fi electrical sockets.

This is another example of a company not watching its systems or employees carefully enough.

Google tries hard to keep bad software out of the Android Play Store, but it isn’t always successful. Security company Trend Micro said this week it discovered 111 apps that were fronts for hiding malicious advertising on the Google Play Store. By now all have been removed, but not before they had been downloaded over 9 million times. These were fake games or camera apps. They would run as expected for a short period of time. Then the app’s icon disappears, and ads start popping up on the screen. Victims want to get rid of the app by deleting the icon, but can’t because the icon has disappeared. Instead they have to go into the Settings section, go into the apps section and delete it from there. Part of the con is that the criminal gets money from an advertising network when the ad is shown. Clicking on the ad may also lead to downloading malware.

So remember, before downloading any app do some research: Is it created by a reputable company? How new is it? How many reviews does it have? Just because an app is in the Google or Apple store doesn’t mean it’s safe.

I don’t talk much about cryptocurrencies like bitcoin, monero or ether because they can be speculative. But if you do hold digital money be careful how and where it’s stored. This comes to mind with the arrests in Europe last week of six people who allegedly stole about $27 million dollars worth of cryptocurrencies from victims in 12 countries. They did it by creating a look-alike web site of the currency exchange called Blockchain.com. When customers logged in, they unknowingly gave up their passwords to the gang. The gang did it by spoofing the Internet address to look like Blockchain.com. There may have been clues like a small spelling mistake, or the address is .net instead of .com, or one of the letters didn’t look right because it has a tiny mark beside it. However, many victims missed them. Criminals try this against banks, credit unions and other financial services companies, often by first sending an email with a link they want you to click on. So whether you have money in a cryptocurrency exchange or some other financial institution, be careful when going to an online site. Make sure it’s the real one.

If you’re an Android user be on the lookout in the next weeks for the July security patches. Those with Pixel devices will get them first.

Finally, because tomorrow is Independence Day in the United States. I hope American listeners have a relaxing holiday and long weekend.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.



Related Download
Cybersecurity Conversations with your Board Sponsor: CanadianCIO
Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA
Download Now