Go Back

ShadowTalk Update – Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown on RAT Spyware

December 9, 2019
ShadowTalk Update – Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown on RAT Spyware

Viktoria invites Stewart Bertram to kick-off this week’s episode around new cybercrime research we put out on the Modern Cybercriminal Forum and how the rise of alternative technologies hasn’t spelled the end of forums, which seem to be prospering against all odds. You can check out the research findings here.

Next Adam Cook joins to discuss the weekly highlights including the Mixcloud Breach and an international crackdown on RAT spyware.

Finally, our Intelligence team gives a wider analytical piece on the topic of social media exposure and security standards in this week’s intelligence summary report (INTSUM), so make sure to check out that piece in this week’s report.

Listen below 👇👇👇

Updates from this week’s Intelligence Summary

  • In the spotlight: The Digital Shadows Intelligence Team discusses the risks of information exposure by Internet users, challenging contemporary thinking about standard security practices.
  • Weekly highlights include: ongoing activity attributed to the “Tick” threat group, an Android vulnerability exploited in the wild, and the exposure of location data from smart watches used in China.

 

Staying safe with an ever-expanding digital footprint

Consistent developments in the cyber-threat landscape, including advanced techniques used to crack passwords and the use of social media as a primary source of open-source intelligence, has made the process of staying safe online increasingly complex. Internet users are becoming more aware of the risks of using certain platforms―including inadvertent and intentional information exposure―and are accordingly adopting the recommended security practices that seek to protect them and their online presence. However, even increasingly vigilant users are not, arguably, doing enough to protect themselves: The security of the platforms they use requires continual efforts from the account owners, as well as input from security teams, employers, and vendors to educate them about evolving “best practices” and digital footprints.

 

Asian organizations bugged by Tick

The persistent cyber-espionage group Tick has been observed conducting new campaigns against Japanese and Chinese organizations. The group initially compromised a Japanese research company and used legitimate email accounts to deliver malware to aerospace and defense companies via phishing messages. Tick has been highly active throughout 2019 and has shown a propensity to target entities in Japan; more cyber-threat activity will likely be attributed to the group in the next six months.

 

Android vulnerability runs wild

Security researchers identified a new Android vulnerability, named StrandHogg, which has been actively exploited in the wild. The vulnerability affects all existing versions of Android and could grant attackers access to a user’s SMS messages, location data, and login credentials. There are currently 36 malicious apps actively exploiting StrandHogg, with approximately 60 financial institutions already targeted. Android device users should validate any app before choosing to download.

 

Smartwatch could expose children’s location details

A smartwatch designed for children reportedly puts the wearer’s location data at risk of exposure. Sold primarily in China, the watch helps parents track their child’s location, but researchers revealed that it could allow attackers to access location data, phone numbers, photos, and conversations on devices linked to the watch. Internet of Things devices continue to fall short of the measures that security researchers have deemed necessary, leaving them open to exploitation and information leaks.

 

For more details, read the full Weekly Intelligence Summary here:

Weekly Intelligence Summary 28 Nov - 05 Dec 2019

And to stay up to date with the latest from Digital Shadows, subscribe below.