The crypto-supported bot scam discovered in May has now increased and expanded the scope of its target cryptocurrency users. The way it works is that scammers monitor each tweet on Twitter for specific keywords, such as encrypted platform names “MetaMask”, “Phantom”, “Yoroi” and “Trust Wallet”, as well as other words such as “support”. “Help” and “Help”. When such a tweet is detected, the scammer’s bot will immediately reply to the user, offering false help and urging them to click on the link. If the user falls into it, the scammer will operate on the user and use social engineering to obtain the recovery phrase for the user’s encrypted currency account. Once the crooks get it, they will steal the user’s cryptocurrency.
“Cryptocurrency is the currency of choice for cybercriminals today,” said Avast security evangelist Luis Corrons. “Although traditional phishing scams are carried out on users’ online banking credentials, the process is messy, with low anonymity, and requires money mules. However, with cryptocurrency, everything becomes simpler and more anonymous. If they master the wallet recovery phrase, they can steal it and return it immediately, and the real owner cannot get his money back.” For more information on this story, please see Beep computer.
Messenger Kids upgrade
Meta announced that the child-friendly version of Meta Messenger, designed for children aged 6-12, will get some new features in the coming weeks, including dark mode and voice effects. Since 2019, the regular version of Messenger has provided dark mode, but it is now available for Messenger Kids. The new voice effects feature allows users to use audio filters to play after recording voice messages, allowing them to choose to sound like a robot, ghost, gorilla, mouse, or as if they are talking to a shell.For more information about this story, see edge.
Instagram “take a break” feature will be launched next week
In the same week, when Instagram CEO Adam Mosseri appeared in the U.S. Senate to answer questions about online security, the company announced its “Rest” function It will be launched in the United States, Canada, United Kingdom, Ireland, Australia and New Zealand next week. This feature will prompt any users who have scrolled for a certain period of time to leave the platform to rest, and it is recommended that they also set reminders for future rest. Teen users will also be prompted to turn on the rest reminder, and a new feature launched in March 2022 will allow parents to see how much time their children spend on the app.For more details, see BBC News.
A year later, Nobelium hackers are still using powerful TTP
It is observed that hackers related to the SolarWinds hacking incident last year continued to use the same strategies, techniques and procedures (TTP) to invade a large number of private databases as quickly as possible. The SolarWinds hacker is a Kremlin-based operation that targets the network management provider SolarWinds, thereby gaining access to the network belonging to its 100 most well-known customers (including US federal agencies). Microsoft named the hacker group Nobelium. Some of its members are still active and are now attacking cloud solution providers (CSP) to gain access to their customer networks.For more information, see Ars Technica.
Life360 home app sells location data of its users
according to mark, The popular home security application Life360 sells accurate location information of its 33 million users. “Through interviews with two former employees of the company and two individuals who had worked for location data brokers Cuebiq and X-Mode, The Markup discovered that the app served as a data fire hose for a controversial industry that has been Operating in the shadows,” the report said. It went on to say that the raw location data captured by the app is very valuable information and sold to about a dozen different data brokers. Life360 has been selling data since 2016, but CEO Chris Hulls stated that the company will not sell data to government agencies or law enforcement agencies.
take an examThis week’s “must read” on the Avast blog
Throughout this year, cybercriminals continued to take advantage of the Covid-19 pandemic, using the habits that people formed during the lockdown period to spread scams.Join us and let us see The most prominent security threats in 2021.
