On Monday (6th of November), Android users community on Reddit discovered and analysed fake WhatsApp application that was on the market for quite some time. In fact, it was there long enough so over a million users managed to download and install it. “I’ve also installed the app and decompiled it. The app itself has minimal permissions (internet access) but it’s basically an ad-loaded wrapper which has some code to download a second apk, also called “whatsapp.apk”. The app also tries to hide itself by not having a title and having a blank icon”. After the thread went viral on Reddit, Google immediately paid attention and removed fake WhatsApp application from Google PlayStore. Also, the account of publisher was suspended. More at: Reddit.com.
On Tuesday (7th of November), we have announced that it is possible to purchase a copy of Gibon virus on criminal forums. It turns out that for as low as $500 anyone can purchase a software copy of Gibon virus, spread it and try to steal money from users. However, the ad for Gibon virus was up for 7 months and during the time we have experienced only 1 attempt to spread this ransomware. That indicates the fact that not many users were interested in buying a malware and trying to operate it. More at: 2-viruses.com.
On Wednesday (8th of November), Parity Technologies issued a Security alert about hundreds of millions of frozen digital currency. This error was caused by an ‘accident’ by one of the users who just triggered vulnerability in the crypto currency wallet. We are talking about very poplar crypto currency called Ethereum. “However that code still contained another issue—it was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the initWallet function. It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library” – as published in the post by Parity Technologies. Until this vulnerability is fixed, around $250 million remains frozen. More at: ParityTech.io.
On Thursday (9th of November), TheHackerNews published a blog post about Russian hackers taking advantage of Microsoft Office DDE Exploit. Reportedly, various cyber criminals and state-sponsored hackers exploited Microsoft Office vulnerability while Microsoft doesn’t see this as a security related problem and is not going to patch it anytime soon. More at: TheHackerNews.com.
On Friday (10th of November), cyber security experts Charlie Miller and Chris Valasek said that IoT (internet of things) is definitely not a secure phenomenon, however, users and developers can adjust to treat it the right way. “We write code and we are not perfect. The problem is, great security is expensive. You can’t just keep looking for vulnerabilities. You need to ship product and accept the fact you can’t solve security” – said Charlie Miller. Not only developers, but also all users have to take responsibility for the security of IoT in order to make it safer place. More at: Threatpost.com.