Cybersecurity news headlines for 1-15 April, 2019

Cybersecurity news headlines for 1-15 April, 2019

The first half of April has been rather quiet, but we do have three stories to report on in this edition of cybersecurity news headlines. We report on Julian Assange being arrested after almost seven years in Ecuador’s embassy, and 540 million Facebook records being publicly accessible on Amazon servers. We also discuss the new sextortion spam emails that have been landing in users’ inboxes.

Sextortion scams are changing their tactics

Since last year, sextortion scams have been on the rise. If you’re not familiar with what they are, sextortion scams are basically spam emails claiming that people have been filmed watching pornography, and they need to pay money if they want to avoid the video being sent to all their contacts. You can find variations of this spam email but they’re all fundamentally the same. And it goes without saying that they’re nothing more than scams.

Previously, in order to make the emails more convincing, cyber crooks would insert users’ passwords into the email. Those passwords would usually be correct, not because the email is legitimate but because the passwords are taken from data dumps. So if users used the password and it was part of some data breach, crooks could easily gain access to it.

A new variant of the sextortion email was noticed by MyOnlineSecurity, and while it’s contents are basically identical to all other attempts, this one also attaches “proof”. A password protected .zip file is attached to the email, and it supposedly contains the pornography video the user was watching, a list of the user’s contacts, and a video of the user masturbating taken via the web cam. The files cannot be accessed unless the user purchases the password, which is sold for either $50 or $100. This is supposed to convince the user that the whole thing is legitimate and encourage him/her to pay the requested sum. However, while the emails may seem alarming at first, they are nothing more than scams. The senders didn’t actually film anyone doing anything, nor did they implant malware onto adult websites. Users who pay only end up wasting their money. Instead, those emails should be deleted without a second thought. However, the fact that scammers are still sending such emails means that some users do end up paying.

WikiLeaks founder Julian Assange arrested

WikiLeaks founder Julian Assange has been arrested after almost 7 years of living in Ecuador’s embassy in London. Ecuador granted Assange political asylum in 2012 but had withdrawn it earlier this month. Ecuador’s president Lenin Moreno has explained that Assange’s asylum was withdrawn because of his continued involvement with WikiLeaks, as Ecuador’s political asylum rules prohibit asylum seekers from taking part in any activities that could be considered political.

The US has been trying to detain Assange since 2010, when he leaked top secret documents via WikiLeaks, provided to him by Chelsea Manning, a former US Army intelligence analyst. The same year, an international arrest warrant was issued for Assange by Sweden based on allegation of sexual assault and rape. Assange denied the allegations and claimed they were merely a pretext to detain and extradite him to the US. He surrendered to UK police in 2010 but was released on bail soon after. He later breached his bail conditions and sought political asylum in Ecuador. The investigation in Sweden has since been dropped, but UK police has been actively trying to detain Assange for breaching his bail and failing to appear in court.

For almost 7 years, Assange had lived in Ecuador’s embassy in London, but political asylum was withdrawn and he was arrested by UK police. U.S Department of Justice has confirmed that an extradition request for Assange has been filed for his role in the “conspiracy to commit computer intrusion for agreeing to break a password to a classified U.S. government computer”.

540 million Facebook records were publicly accessible on unprotected Amazon servers

Security researchers from UpGuard have discovered two easily accessible Amazon cloud servers storing over 540 million Facebook records. The records were reportedly collected by two third-party companies, an online media platform Cultura Colectiva and “At the Pool, a Facebook game.

The first server, belonging to Cultura Colectiva, stored 146GB worth of records. It reportedly contained 540 million records about Facebook users, including account names, Facebook IDs, likes, reactions, comments, etc. The second server, belonging to “At the Pool”, contained information like a list of Facebook friends, user IDs, photos, groups, likes, interests, as well as 22,000 passwords (presumably for the At the Pool app rather than Facebook). According to UpGuard, “each of the data sets was stored in its own Amazon S3 bucket configured to allow public download of files”.

“At the Pool” seems to no longer be operation, but its exposed data was taken down without notification from UpGuard. However, UpGuard contacted Cultura Colectiva about the situation but received no response. Only after the researchers contacted Amazon Web Services directly numerous times and Bloomberg contacted Facebook for comment was the data finally secured.

The incident just goes to show that despite implementing stricter rules when it comes user data collection, Facebook is still not in control.