Security summary – February 2019

Our short monthly review summarises important news and blog posts, which focus on IT security, cloud computing and privacy protection.

1. Crypto exchange can’t repay 190 million US dollars to clients

The Canadian crypto exchange QuadrigaCX cannot repay most of 190 million US dollars it owes to its clients after its founder, Gerald Cotton, unexpectedly died at the age of 30. QuadrigaCX has filed for creditor protection because it cannot access the majority of the funds since the deceased was the sole person responsible for handling the funds and coins. Although his widow, Jennifer Robertson, has his laptop in her possession, neither she nor a technical expert hired by the company, has been able to access the password-protected funds.

Source: gizmodo.com

2. Penetration testers find ships at sea easy to hack

According to an analysis from security service company “Pen Test Partners” it is a trivial matter to capsize ships at sea. A malicious cyber-criminal would likely be able to take down a ship, estimates researchers Ken Munro from Pen Test Partners. One of the imminent threats at sea is the fast that critical ship control systems are not properly protected.

Source: threatpost.com

3. Darknet: more than 250 million accounts on sale

The price point for hundreds of millions of user emails and passwords is 20,000 USD in Bitcoin. The huge collection of stolen data is sold on the black market of the internet via a website called Dream Market. According to the online tech publication “The Register” samples of the data indicate it is authentic.

Source: heise.de

4. Chinese surveillance data left completely unprotected

In the Xinjiang region, specialized surveillance cameras register the whereabouts of 2,5 million Chinese using facial recognition technology. Recently, a Dutch security expert found that this highly personal data was stored on an unprotected server. For months, the data (including name, date of birth und IDs) was complete open for anyone to access.

Source: inside-it.ch

5. PDF phishing attack affects hundreds of companies

According to researchers with Deep Instinct, a phishing campaign has successfully stolen login data from more than 200 companies globally since the attack was started January this year. The attackers use PDFs sent by email to infiltrate victim’s computers and continue to upload new, stolen data underlining the effectiveness of their approach.

Source: threatpost.com

6. Google Play Store app designed to steal crypto currency

A malicious app posed as a version of the browser addon “Metamask”. Metamask is designed to enable the usage of blockchain web services. However, the fake app version was designed to steal crypto currency from the unknowing victims as security researchers from Eset discovered. The app tricked users into sending their crypto currencies to an account controlled by the attacker rather than their own.

Source: heise.de

7. Data privacy breaches: Instagram, OKCupid and Mumsnet

Three major websites make headlines due to essential data privacy concerns. Instagram attackers created a shadow database collecting millions of personal data sets accessible to hackers. Numerous OKCupic users report having their accounts taken over with a password reset while user logins on parent forum “Mumsnet” were switched so users could access the wrong account leaving personal data exposed.

Source: threatpost.com

8. Children’s smartwatch enables strangers to track its wearer

The European Commission has recalled the smartwatch Safe-KID-One by means of a RAPEX customer warning because of serious security deficiencies. Due to security vulnerabilities in the server backend and in the accompanying app, the watch enables strangers with hacking skills to track its wearer with a 500-meter accuracy.

Source: heise.de

9. Japan's government openly hacks its own citizens

The Japanese government is openly hacking citizens with connected devices that fall into the category of Internet of Things (IoT). The aim is to evaluate risks of outside cyberattacks up to the Olympic Games of 2020. According to The National Institute for Information and Communication Technology (NICT) the focus is primarily on hacking devices using weak passwords such as "123456".

Source: heise.de