Security Summary19-02-2021 Author: DSwiss
Our short monthly review for January summarizes important news and blog posts, which focus on IT security, cloud computing and privacy protection.
1. “Emotet" malware taken down
According to Europol, the infrastructure of "Emotet," the world's most dangerous malware network, has been dismantled. Thus, international investigators from eight countries have eliminated the criminal network, the agency said. As for the next steps, it is known that the Dutch police, who has access to two primary Emotet servers, will deploy an Emotet update containing a time-bomb-like code to all infected hosts. This update will then uninstall the malware. The planned date for this is April 25.
2. North Korean attack on IT security researchers
With considerable effort, North Korea has launched an attack on IT security researchers using a Chrome vulnerability, Google reports. The aim was to get in touch with real IT security researchers in order to spy on them, presumably to obtain information about security vulnerabilities that are not publicly known.
3. Grindr faces fine in the millions
The Norwegian data protection authority has accused the dating app Grindr of violating the GDPR and intends to fine the company the equivalent of nearly 10 million euros. Grindr is alleged to have shared user data with a number of third-party providers without a legal basis.
4. Speedchecker apps collect data
The online magazine Mobilsicher.de discovered that many speedchecker apps not only check the speed of an Internet connection, but also collect data about users. Of 14 apps tested, only two were rated as recommendable.
5. Google takes over Fitbit
Google has finally acquired the smartwatch manufacturer Fitbit. However, the data from the devices obtained by the Google acquisition will be strictly separated from that collected by Google itself, according to the company. In the run-up to the acquisition, it had been warned that users might be harmed in matters of health insurance, medical care or the job market. This deal is exclusively about devices, not data, according to a statement. Residual doubts still remain.
6. ECJ expert report strengthens data protection authorities' power over Facebook
From now on, charges for violations of the GDPR can be initiated not only by the data protection authorities of the countries in which a company has its EU headquarters, but also by authorities of other countries. This affects predominantly Facebook, for which GDPR violation charges will no longer be limited to Ireland, where Google has its EU headquarters.
7. Apps collect more data than specified
At the end of last year, Apple introduced so-called privacy labels, intended to clarify in the App Store what type of data the respective apps collect and pass on. Apparently, however, the information is based on trust, because as Washington Post journalist Geoffrey Fowler discovered during a random check of a few dozen apps, many programs collect far more data than indicated.
8. DuckDuckGo records more search queries
The search engine DuckDuckGo, which focuses on privacy and does not create user profiles, has reached more than 100 million search queries per day for the first time. Compared with Google's approximately 5 billion daily search queries, this figure may seem small, but nonetheless shows that users are looking for an alternative. Privacy appears to have become more important to many users – DuckDuckGo reached its milestone in the same week that both Signal and Telegram announced significant growth.
9. SolarWinds attacks
Also in January, the attack on SolarWinds, a company specializing in network management software, kept the world on tenterhooks. The attacks penetrated computer networks on an unprecedented scale. Around 250 American authorities and companies were known to have been affected by the attacks by the end of 2020. During the last few weeks, it became clear that authorities and companies in other parts of the world were also among the victims. Germany, for example, reported that the compromised software was used in numerous government agencies, and IT security providers Mimecast, Palo Alto Networks, Qualys and Fidelis have now also confirmed that they too were targeted.
10. Telegram bot sells Facebook phone numbers
On request and for a small fee, it is possible to buy phone numbers that users have stored on Facebook via a Telegram bot. Several hundred million accounts are affected. All that's needed to obtain the numbers is the respective Facebook ID, which can easily be determined. The data presumably comes from data leaks dating back to the beginning of 2020 and the end of 2019, but it is not yet clear who exactly is behind it.