Weekly Email Security News Recap #2 [October 2022]
Statistics show that 1 in 5 phishing emails reach workers’ inboxes, which is alarming.
This week’s email security news and cybersecurity news cover topics such as Facebook users being targeted by mobile apps, sensitive documents of ICO being breached, and Binance Bridge losing $566M.
Let’s move forward to discover the details of these news headlines.
Facebook Users Targeted by Over 400 Mobile Apps
Meta security researchers recently discovered 400+ malicious mobile apps out for grabs on Google’s Play Store and Apple’s App Store.
On Friday, Meta announced that these apps aim to steal Facebook login credentials, allowing cybercriminals to hijack user accounts.
These malicious apps include:
- Photo editors
- Business utility
- Phone utility apps
- Lifestyle apps
As you can see, the applications target apps that ordinary users download for everyday tasks. Imagine the applications’ impact on users if the investigators weren’t determined to remove them from the stores. Meta also reached out to people whose accounts may have been compromised by these apps.
The company announced that the malicious apps were available in third-party app stores, so they encouraged people to be cautious when downloading a new app that requires social media credentials.
These are the malicious apps that Meta listed in its report:
- Dress up Charming
- Bamboo VPN
- Candles VPN
- Cartoon Face Photo Editor
- Teana Music Player
- Apex Race Game
The developers of these apps published fake reviews to convince users that they were legitimate and to balance out bad reviews. The credential-harvesting scheme started as soon as the user installed the malicious apps. As it usually goes, after requiring the victim’s login credentials, attackers would gain full access to a person’s account and access private data.
In addition to the store swiping action, Meta advised its users to take some security measures like:
- Deleting the malicious app
- Resetting Facebook login credentials
- Using a secure password for Facebook
- Enabling the two-factor authentication on Facebook
- Logging out of all the devices and authorizing every further login attemp
Home Office Warned by the ICO After Sensitive Documents Were Breached at London Venue
After some sensitive documents were found at a public London venue, the Information Commissioner’s Office (ICO) issued a legal reprimand to the Home Office.
The venue staff members gave the documents (that contained two Extremism Analysis Unit Home Office reports and a Counter Terrorism Policing report) to the police last year. The documents also included personal data, such as Metropolitan Police staff lists.
After a thorough investigation, the government concluded that the Home Office was the most probable source of the documents and blamed the Secretary of State for the Home Department.
As the investigation showed, the Home Office didn’t provide proper security for personal data, even though the data was classified as ‘Official Sensitive’ and didn’t have a sign-out process for terminating documents from the premises.
The reprimand set the further necessary actions, which include a review of the following:
- Handling instructions around ‘Official Sensitive’ data
- A sign-out process when documents exit the office
- Activity provided to staff around handling records containing personal data.
- After the incident, the Home Office has taken steps to prevent such breaches.
Cybercriminal Exploits Binance Bridge Vulnerability And Steals $566M
Let’s move to our next cybersecurity news and email security breach news of the week, and talk about 2022’s second major cyberattack in cryptocurrency.
On Friday, Binance, the world’s largest cryptocurrency exchange in daily trading volume, announced a breach had occurred. An unknown cybercriminal exploited a vulnerability on its native cross-chain bridge and stole two million Binance Coins (BNB)(about $566 million).
According to a blog post published later, a total of two million BNB was stolen, and the hacker got the BSC Token Hub to send them one million BNB twice; then, they quickly traded the loot for other crypto assets.
A researcher at Paradigm explained that there was a bug in the way that the Binance Bridge verified proofs which could have permitted the hackers to generate random messages.
Luckily, the attacker forged only two messages, and the damage didn’t end up being worse.
Before the breach, the hacker filled their wallet using the account-free crypto exchange company, ChangeNOW.
ChangeNOW stated that the hacker also moved funds through other crypto exchange platforms, including.
- Curve Finance
- Alpaca Finance
ChangeNOW explained that the hacker’s activity didn’t trigger alarm bells on its system as they used a new address.
Changpeng Zhao, the CEO of Binance, announced that user funds are safe with Binance at this point. An investigation is continuing, and the company promised to share more details with all parties later.
These were our email security news and cybersecurity news of the week.
We’ll be back with a new email security breach news batch next week. In the meantime, make sure you start authenticating your email today!