The proliferation of mobile phones and their accompanying app store ecosystems have made mobile applications an enticing target for malicious developers. Researchers at Lookout discovered the Igexin advertising library contained a backdoor, allowing Igexin to execute arbitrary code.
The advertising library was used by over 500 applications on the Google Play store which were downloaded over 100 million times. The affected applications allowed Igexin to surreptitiously steal call histories, GPS location, and other phone metadata.
In an age where there (apparently) needs to be an app for everything, developers are heavily relying on third party libraries to quickly publish an application. This approach of bolt-on development means there’s plenty of un-vetted code running on users’ devices.
The developers of the affected applications were likely unaware of the backdoor functionality hidden in the Igexin advertising library. In a different case, two malicious apps were spotted on the Google Play store which abuse the Accessibility features to install mobile malware.
Take the following steps to protect yourself:
The servers of Crystal Finance Millennium (CFM), an accounting software firm in Ukraine, were hacked to serve up a malware dropper. This discovery comes on the heels of a notification sent out by the Ukraine Central Bank of an impending attack.
The notification sent out by the Ukraine Central Bank pointed towards emails containing Microsoft Word document attachments as the infection vector.
As always, users should be cautious when receiving unsolicited emails:
There’s no creative limit when it comes to digital grifting. Hackers managed to seize control of Engima’s Slack group, mailing list, and domain in order to post a fake initial coin offering (ICO) pre-sale which scammed users out of almost $500k USD in Ethereum coins.
This isn’t the first-time hackers targeted ICO events and it’s unlikely it will be the last. In this instance, the Enigma CEO’s password was compromised in a previous data breach, and the lack of two-factor authentication meant hackers could track down the password and reuse it everywhere until they found success.
Ironically, Enigma proposed a solution to hackers hijacking ICO events by hardcoding the address of the token sale contract. It just goes to show that the security of blockchain technology has a critical weak point that vexes all technology: humans.
In response to the security incident, Enigma has implemented a stronger authentication policy to include:
All of those measures, with the possible exception of the weekly/daily password rotation, should be standard security methods for every organization, of any size, in any industry.
We can dream, right?