Cyber Security Today: Sept. 21, 2018 — Another e-comm web site hit, mobile bank app warning, digital currency theft

Newegg e-commerce site victimized, a warning about phone mobile bank apps and a digital currency theft from an exchange.

Welcome to Cyber Security Today. It’s Friday September 21st. To hear the podcast click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Have you bought anything online from the electronics retailer Newegg in the last couple of weeks? There’s a chance credit card information you entered when making a purchase was captured by criminals. That’s according to two security vendors who said this week they found evidence the Newegg web site was compromised with malicious code. The technique used was the same in the British Airways hack I told you about last week: The code skims off information from web site forms and sends it to a web site controlled by hackers. Consumers who bought something from between mid-August and September 18th should watch their credit card statements for suspicious purchases. Meanwhile e-commerce site administrators need to tighten their web site security to keep attackers from infiltrating their pages.

Mobile banking through your smart phone is convenient, but watch out where your banking app comes from. Security researchers at ESET have discovered fraudulent banking apps in the Google Play Store masquerading as legitimate apps from banks in Australia, New Zealand, Britain and other countries. Phony apps steal your passwords and money. Only download a bank app from a bank web site.

Digital currencies like Bitcoin and Etherium are attracting a lot of people who think they make buying and selling things online easier than using government-backed currencies. Investors think they can make easy money buying cryptocurrencies that are leaping in value. But digital currencies are also attractive to criminals. Recently they’ve been raiding digital currency exchanges. Yesterday it was revealed that hackers stole the equivalent of $60 million worth of cryptocurrencies from a Japanese digital currency exchange. So far this year over $1 billion has been stolen from exchanges, including $580 million from another Japanese exchange. I’m not a fan of digital money, but if you feel you have to buy make sure you put it in a secure digital wallet that isn’t always connected to the Internet – what’s called a hot wallet. Hot wallets may be good for making fast sales, but they are open to being hacked. Offline wallets, also called cold wallets, are safer. And don’t give away your passwords.

Finally, more good news from U.S. courts: After pleading guilty and co-operating with the FBI, three Americans who created the Murai botnet have been fined, forced to give up cryptocurrency and sentenced to five years probation. As part of their sentence the three have to continue co-operating with law enforcement. The Murai botnet assembled a huge number of Internet-connected consumer routers and home digital video recorders to spread malware. Unfortunately one of the group posted the source code for the Murai botnet, so criminals have copied it to set up their own versions and continue spreading malware.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast