Criminal online network smashed, watch out for this Microsoft scam and return this key
Welcome to Cyber Security Today. It’s Friday May 17th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com.
To hear the podcast click on the arrow below:
Police in several countries including the FBI have now charged people who ran an organized criminal malware distribution network believed to have infected some 41,000 computers around the world. Security researchers called it the GozNym network, after the malware that was installed to steal bank login credentials of victims. It is believed the gang got away with millions of dollars. Five Russian nationals have been indicted by a U.S. grand jury and are believed to be on the run. Criminal prosecutions have also been initiated in Moldova, Georgia, and Ukraine against several others. One gang member from Bulgaria was extradited to the U.S. in December 2016 to face prosecution. Typically victims were stung by clicking on phishing email. By the way, the gang was partly helped by an email hosting service often used by cyber criminals, a service dismantled in late 2016. The administrator of that service is now being prosecuted in Ukraine.
Criminals who want to trick you with a Microsoft Windows support scam often use phone calls to get victims, saying their computer has a serious problem that needs to be fixed — for a price. However, according to a report from Bleeping Computer, criminals are also using Microsoft’s Azure hosting service as a platform for these scams. They take advantage of people’s eagerness to try out or buy mobile or web apps, which Azure hosts. So bad guys create malicious apps. When a victim goes to a web site hosting the app, they get a message saying their computer has been infected with spyware or a virus. By the way, Mac users can also get these fake warnings.
Beware of screens that suddenly popup and say you have a virus alert from Microsoft. Be suspicious of a warning not to close the popup window. Ignore messages saying ‘Call this toll free number.’
I’ve talked before about the importance of two-factor or multi-factor authentication. One type is a special four or six digit code that gets texted to your smartphone. You have to enter it in addition to a user name and password for certain logins. Another is using a special fob like a Yubikey or Google Titan key. Well, this week Google said users of some its T1 and T2 Titan keys with Bluetooth have to send them back for a new one because of a bug. So do those who use a security key made by a company called Feitian. The key communicates by Bluetooth to a device, like a laptop. Unfortunately, a nearby hacker could connect their device under certain circumstances. Versions of security keys that plug into USB ports aren’t affected. Until you get a new key, one protection is make sure you use it only if other people aren’t close.
Finally, this week Microsoft released its monthly patches, so make sure your Windows system has the latest fixes. They include some important fixes for computers with certain Intel processors. And Apple rolled out fixes for iPhones and iPads, Macs, Apple Watches and Apple TVs.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon