Malicious attacks on websites continue to make the news. Whether it’s Anonymous exposing a whole country’s control and data systems or hackers stealing huge amounts of data last weekend from Zappos, the pace of malicious activity on the web has certainly not slowed down. While these big-news attacks generally use rather traditional hacking methods, the nasty people on the web have also been busy developing new attack vectors, and you might want to be aware of them.
- Developer sneaks fake apps into Android market (SecurityNewsDaily/Matt Liebowitz) “Behind their innocent facade, the cloned apps hid a secret weapon – they compromised customers’ smartphones by using them to send premium-rate text messages to the tune of about $20. ‘The texts are notifications that the user has been charged around $5, but you end up getting 3-4 of them in one shot,’ DroidGamers wrote. ‘A free download just became a $20 purchase.’”
- Hackers spread malware via children’s gaming websites (BBC News) “‘I believe that children’s computers are more vulnerable to attacks because they are usually in worse shape – in other words the owners are less likely to have the latest security updates installed,’ said Mr Vlcek [AVAST Software chief technical officer]. ‘The child may also be less suspicious that something wrong is happening than an adult would be.’”
- Cyber-criminals target mobile devices with QR codes (SecurityWeek/Brian Prince) “‘This is the first time we have seen a QR code used in an active spam campaign,’ Patrik Runald, senior manager of security research at Websense, told SecurityWeek. ‘Because QR codes are the ultimate URL obfuscator, with the right social lure, QR codes can become increasingly more successful in driving users to websites hosting malware targeting the mobile device.’”
- Security flaw in printers could expose businesses to hackers (Huffington Post/Janean Chun) “Keith Moore, HP’s chief technologist, also disagrees that the threat of security breaches through printer hacking could already be widespread. Moore points out that the researchers didn’t use passwords on the printers they tested and adds that no consumers have reported similar incidents. ‘There has been no data at all that any of this has been exploited. So we’re looking at the theoretic possibility, in a lab, to see if that can ever occur in a real world situation.’”
Cyber attack fact:
This sobering 11-minute video of a TED talk by Ralph Langner reminds us that cyber attacks may not always come from criminals.
