#datahack

Old Art:

Over 30 lakh worldwide users affected by third party extensions of Google Chrome, Microsoft Edge

Malwares identified in around 28 third party extensions of Google Chrome and Microsoft Edge were found by the Threat Intelligence team of Avast Security that may have affected 30 lakh people across the world, which were connected with top and famous platforms like Instagram, Facebook.

It was possible to redirect the users' traffic to phishing sites and ads and thereby steal their private and personal information. Statistics from the app stores show a count over 30 lakh of downloads from the users, who likely got affected.

Avast also added that the extensions that help users download videos from those platforms also contain Video Downloader used by Facebook, Vimeo Video Downloader, and similar video downloaders including Instagram Story Downloader and various extensions on Google Chrome and some others on Microsoft Edge on Wednesday, suggesting it's users to either uninstall or at least disable extensions for the time being.

The malicious extensions are presently still available for downloads on the platforms.

Avast conveyed that they have contacted the teams of both the browsers and reported to them, to be confirmed and assured to take action against the happenings.

Reports of the Avast team revealed that the extensions contained JavaScript based malicious codes that were capable of making the browser of downloading furthermore malicious content.

Malware Researcher of Avast, Mr. Jan Rubin said that their hypothesis was either the extensions were either created deliberately with the malware built-in, or the author pushed it as an update after the extensions have become popular enough. He also added that there is a chance of the author selling them to someone else, who eventually infiltrated malware into the extensions.

As expected, there have been reports from users about being redirected to other undesired pages and about their internet actions being manipulated.

Though the Threat Intelligence team of Avast has initiated action against this, it's equally likely that they have been active since years without being noticed.

From the time when organizations shifted their business to remote operations because of the COVID-19 epidemic, the number of data breaches has dramatically increased. In the first half, there were reports of data breaches in 81 international companies from 81 countries!

Besides, a recent report from a security agency describes the impact on data breaches due to the pandemic where stolen credentials and power attacks alone caused 80% of the data breaches.

Currently, perpetrators are using the scourge of the epidemic to launch a highly sophisticated cyber-attack in every possible industry. During the first half of 2020, various companies of Fortune 500 faced big data breaches where the hackers sold the account guarantees, sensitive, confidential and financial information of the companies.

To date, approximately 16 billion records have been disclosed this year. To add to it, investigators say that 8.4 billion records have been disclosed only in the first quarter of 2020! This number has increased by 273% compared to the first half of 2019 when 4.1 billion records were disclosed!

These are the top 5 data breaches of 2020:

Twitter Attacked!

Whole world of internet was storm-struck when it had to face one of the most defiant cyber attacks in history! The data breach involved hackers getting access to the Twitter accounts of renowned personalities of the US like Barack Obama the former President, Elon Musk, Bill Gates and many others.

                                         From the 130 targeted accounts, hackers succeeded in resetting 45 user accounts’ passwords. Following that, they posted fake tweets from those accounts, offering a return of $2000 for every $1000 they can send to an unknown Bitcoin address. Reports have revealed that the breach was able to make the hackers a total of $121,000 in Bitcoin from about 300 transactions.

 Twitter Support says that the attack was targeted on a small number of employees through a phone using spear-phishing method, and that the attackers’ attempt was to mislead certain employees to later exploit human vulnerabilities and gain access to their internal systems.

Zoom Credentials Put For Sale

The COVID-19 pandemic made organizations across the globe to adopt work from home policy. In this regard, the Zoom application became the first preference for virtual meetings and also got famous among the cyber criminals.

    Within quick time, Zoom became vulnerable to different security threats and eventually fell victim of the data breach. April 2020 had the news of 500,000 stolen Zoom credentials being available for sale in dark web forums, frightening its users.

Login credentials of more than 0.5 million users were put to sale and some were even given away for free. To be frank, even some of the login credentials were valued for less than half a cent!

The personal meeting URLs & Host Keys of the victims were also available. The leaked accounts were of various financial institutions, colleges and organizations.

MGM Data Hack

MGM Resorts, in 2019, bore a massive data breach. The outbreak of breach started to spread in February 2020 when the attackers leaked the personal details of around 10.6 million guests to download for free. It was later found that the number rose by 14 times than what happened  in February 2020.

 The personal details including name, home address, phone and email contacts and birth details of the guests were published on the hackers forum. The list of guests also included Justin Bieber, Jack Dorsey CEO Twitter, and many more government officials.

 A person from MGM Resorts has reportedly confirmed that impacted guests were intimated about the data breach. It also said that they are confident that no data related to financial usages was involved in this matter.

Marriott Cyber Attack

The Marriott hotel chain, on the 31st of March 2020 agreed to have suffered a security breach impacting the data of more than 5.2 million hotel guests who made use of the company’s loyalty application.

Hackers acquired the login credentials of two accounts of Marriott employees whose access to customer information about the loyalty scheme of the hotel chain was granted. The information was used to take away the data about a month before the breach was acknowledged.

    The data breached had personal details such as names, birthdates, and contact numbers, information regarding their travel and the loyalty program.

As per Marriott’s statement, the credentials of their employees were obtained by hackers using credential stuffing or phishing. In the past, Marriott announced a data breach in the second half of 2018 where around 500 million guests bore the impact.

Magellan Health Data Breach

A member of Fortune 500 companies, Magellan Health was hit by a ransomware attack followed by data hack in April 2020. They confirmed by giving a statement that about 0.365 million patients were affected in the attack.

 Investigations revealed that the attack was launched according to a planned process in which the attackers first introduced malware to retrieve employee login credentials. Nextly they implemented a phishing scheme to obtain access to the company systems after sending a phishing email and impersonating as one of their clients before beginning the ransomware attack.

 The attackers stole the login credentials of employees, their personal information, employee IDs and sensitive details of patients such as W-2 information, their Social Security numbers, or Taxpayer IDs.

 Looking at the attacks, we clearly get the idea that we are never sure of being 100% safe how technologically advanced we might be. Following are some of the ground security measures  that can help our organization to stay safe in these unsafe conditions:

 · Educating our employees on security by training them in recognizing and fighting the cyber threats.

 · Implement phishing recognition tool to instantly report any suspicious-looking and unmonitored emails.

 · Safeguard our emails and domains from spoofing attacks by using protocols like DMARC, SPF, and DKIM.

When doing research for a project we often stumble upon charts that would be great to use but we are unable to find the data behind them to use in Excel. We discovered a neat tool which take the pain of of the process and let's you quickly convert chart images into usable data: Plot Digitizer.