Cybersecurity Report #12

The first week of February was quite busy in the cybersecurity sector, with news about outrageous scams involving deepfakes and supposed infected toothbrushes.

Unlike other periods, however, the last few days were also marked by the implementation of new and welcome protection mechanisms by large companies such as Google and Microsoft. Also, Carnival is coming, but don’t forget: you can’t let your guard down when it comes to your digital protection.

Top 6 cybersecurity news of the week

1. Scammers steal more than R$125 million from a company in a fake meeting generated by AI

A multinational company in Hong Kong was the victim of a scam worth more than US$25 million carried out via deepfake. Criminals tricked an employee responsible for financial transfers using a “digital clone”.

Scams using virtual clones are expected to become increasingly common.

Scams using virtual clones are expected to become increasingly common.Source: GettyImages

The victim was deceived when joining a video conference with only AI-generated people, including automatically generated audio and a person with the face of the company’s financial manager digitally superimposed. The employee only discovered he was the target of scammers after contacting the corporation’s headquarters.

In a parallel development, YouTube announced that it will implement a tag system to identify videos created or edited via AI. The Google platform will also combat deepfakes with greater intensity, especially during election periods.

2. Electric Toothbrush Botnet Didn’t Really Happen

Earlier this week, a story originally published in the Swiss newspaper Aargauer Zeitung reported a large-scale attack. The article cites a botnet made up of 3 million electric toothbrushes, supposedly programmed in Java. They would have been hacked and used to take down systems and websites via DDoS attacks.

However, the story began to be denied this Wednesday (7). Initially, cybersecurity experts questioned the veracity of the case, especially due to the lack of details. These toothbrushes didn’t even seem smart and connected, being just electric – and the “hijacking” of that quantity would have to involve malicious firmware and a very complicated process.

Some toothbrushes are even connected to the internet, but with limitations.Some toothbrushes are even connected to the internet, but with limitations.Source: GettyImages

Security company Fortinet, cited as the source in the original text, says it used the case during an interview only as “an illustration of a type of attack” and not a real “research-based” case.

The journalist responsible for the article insisted that the story was presented as real. It is more likely that a translation or interpretation error occurred somewhere in the process.

3. Ransomware ransom payment set record in 2023

After the study that showed an increase in ransomware attacks and victims in 2023, another study now shows that ransom payments from affected companies have also increased. The report is from Chainalysis and suggests that, for the first time, more than US$1.1 billion was paid to cybercriminals of this type.

The evolution of ransomware payments in recent years.

The evolution of ransomware payments in recent years.Source: Chainalysis

The number is almost double what was recorded in 2022 and represents a new record for the category, especially due to the entry of new groups into the sector and the spread of specialized tools. However, as happens almost every year, it can be revised to an even higher value as new victims are discovered over time.

Furthermore, the total loss for companies is usually much greater: the report does not take into account other expenses after these attacks, such as closing vulnerabilities, problems resulting from the temporary closure of servers and expenses with investigations, for example.

4. Google Play Protect will automatically block malicious apps on Android

Google has taken an important step to prevent Android users from falling for financial scams and accidentally installing malware. The novelty is a filter in Google Play Protect which prevents consumers from downloading potentially malicious applications.

Google's new app filter.

Google’s new app filter.Source: Google

With this new feature, the threat detection service now analyze apps released for download based on the requested permissions – such as access to SMS messages and notifications to intercept access codes, for example. For now, the mechanism is only in the testing phase in Singapore.

5. Microsoft launches new, faster, more secure facial recognition for businesses

Microsoft revealed on Tuesday (6) a new security mechanism. It’s Face Check, an advanced form of facial recognition that will be incorporated into the Microsoft Entra Verified ID service.

This feature should be used mainly in educational institutions and companies and not in place of Windows Hello, already used on personal computers.

Face Check uses AI resources and the Azure cloud platform to pair a selfie just taken by the user in almost real time with a document previously registered to log in. At the same time, it prevents scams using generative AI and identity theft.

6. Fake app pretending to be Last Pass is found on the App Store

The password management service Last Pass issued an alert to the entire community this Wednesday (7). The company itself found a fraudulent app pretending to be the cybersecurity platform on the App Storebut it is actually a clone.

The fake app in the iPhone store.

The fake app in the iPhone store.Source: Last Pass

The big evidence of the fraud is that the fake service is called “LassPass” and is listed as being owned by Parvati Patel instead of LogMeIn, the company that owns the service. There are still no details on how this app works, but it is possible that it can be used to steal stored passwords, steal accounts and carry out other scams.

These were the main cybersecurity news this week. Now, you are up to date on the subject and know everything that is happening in the sector.

Leave a Reply

Your email address will not be published. Required fields are marked *