·         PayPal has acknowledged that its Vancouver-based online and mobile bill payment subsidiary, Tio Networks (TIO), suffered a data breach. The attack potentially exposed personal information of 1.6 million of its customer base, which covers Canada and the U.S.

·         The announcement comes after PayPal suspended operations of Tio Networks on Nov. 10 “to protect customer data as part of an ongoing investigation of security vulnerabilities.” The examination revealed that vulnerabilities may have already been taken advantage of, with user information potentially compromised

·         A review of TIO’s network had discovered customers’ personally identifiable information may have been compromised. A PayPal spokesman said that information possibly included customer names, addresses, Social Security numbers and login credentials. The breach purportedly happened on TIO Networks in July, before PayPal bought the company

·         TIO Networks currently has about 14 million customer bill pay accounts for utilities and telecommunications

·         There were no details of how many exposed accounts were Canadian customers. PayPal emphasized that its data is held separately from Tio Networks’ and was not affected

·         Paypal is offering credit monitoring services to hopefully ameliorate the worst of potential problems that could hit as a result

Source:
https://www.itworldcanada.com/article/paypal-canadian-division-says-breach-may-have-affected-1-6-million/399560

In 2014, Yahoo announced that it had suffered a massive data breach in which 500 million user accounts containing emails and passwords were stolen.  The company only got to know about the breach in September 2016, and labeled it as work of a ‘state-sponsored actor.’

On Tuesday 28th, Karim Baratov, a Canadian citizen, appeared in a San Francisco federal court and pleaded guilty to hacking and claimed the whole feat was carried out with the assistance of people representing The Federal Security Service of the Russian Federation (FSB).  Baratov claimed upon stealing half-billion user accounts he sent their passwords to Dmitry Aleksandrovich Dokuchaev, an alleged FSB officer who is already on FBI’s (Federal Bureau of Investigation) wanted list in connection with compromising at least 500 million Yahoo accounts.

Other than Dokuchaev, Alexsey Belan and Igor Anatolyevich Sushchin (also Russian citizens) are also wanted by the FBI in connection with Yahoo breach.  It is however impossible that the three agents will ever get caught by US authorities.  Unlike Roman Seleznev, the 32-year-old Russian hacker who was arrested in Maldives in 2014, and extradited to the United States for $50M Hacking Scam, where Roman pleaded guilty to identity theft and wire fraud charges.

According to a now-deleted press release from The United States Department of Justice:  “This case is a prime example of the hybrid cyber threat we’re facing, in which nation states work with criminal hackers to carry out malicious activities,” said Executive Assistant Director Paul Abbate of the FBI’s Criminal, Cyber, Response, and Services Branch.  “Today’s guilty plea illustrates how the FBI continues to work relentlessly with our private sector, law enforcement, and international partners to identify and hold accountable those who conduct cyber attacks against our nation, no matter who they’re working with or where they attempt to hide.”

In a March 2017 press release, the 22-year-old Baratov alleged to receive money from FSB for officials to hack at least 80 accounts.  However, his attorneys claim their client had only hacked 8 accounts without any knowledge that he was working for Russian intelligence agency agents linked to the large-scale Yahoo cyber attack.  Baratov who is also known as a “hacker-for-hire” was arrested in March from Hamilton, Ontario and he is scheduled for sentencing on February 20th.

Source:
https://www.hackread.com/canadian-hacker-behind-500m-yahoo-hack-reveals-russian-connection%E2%80%8B/

From the ABC News article:

The federal investigators looking into the breach that exposed personal information maintained by the Equifax credit report company are used to dealing with high-profile hacks and the challenges they present.

The U.S. attorney’s office and FBI in Atlanta have prosecuted developers and promoters of the SpyEye and Citadel malware toolkits, used to infect computers and steal banking information. They’ve helped prosecute a hack into Scottrade and ETrade that was part of an identity theft scheme, and aided the international effort that in July shut down AlphaBay, the world’s largest online criminal marketplace.

The U.S. Attorney’s office has confirmed that, along with the FBI, it is investigating the breach at Atlanta-based Equifax, which the company said lasted from mid-May to July and exposed the data of 145 million Americans. Neither agency would discuss Equifax, but the leaders of their cybercrime teams shared insights about the difficulties of cybercrime cases.

“They are challenging, and the success stories are rare,” said prosecutor Steven Grimberg, who leads the Atlanta U.S. attorney’s office cybercrime unit, created last year to fight the growing threat. For every conviction there may be 10 times as many that don’t end successfully, he said.

Atlanta has become a hub for cybercrime prosecution in large part because of a proactive and aggressive local FBI team, and because U.S. attorneys have committed the necessary resources in recent years, Grimberg said.

Successful CyberCrime investigations, let alone successful prosecutions, are exceedingly difficult because it is often difficult if not impossible for law enforcement to determine who is responsible. In addition, challenges such as resource limitations, skill deficits, jurisdictional complexities, involvement of foreign nation states compound the complexity of these investigations.

 

 

Sources:

http://abcnews.go.com/US/wireStory/atlanta-cybercrime-experts-investigating-equifax-hack-51096177

While reading messages he received on the anonymous app Sarahah, YouTuber Lonnie Randall notes “it’s kind of like an ego-destroying hate machine.”  The Canadian Centre for Child Protection and police departments across several U.S. states and in New Zealand are warning parents about Sarahah, an app that lets users send messages to each other anonymously.

Sue Scheff, a cyber-safety expert and author based in Florida, said the anonymity feature is what can enable online harassment among children and teenagers.  “They’re able to speak without looking at people face-to-face, which makes it easier for them to judge and criticize without having to see the reaction,” Scheff told Global News.  Sarahah, which means “frankness” or “honesty” in Arabic, was developed in Saudi Arabia.  It’s been available for download in Canada since the spring. Since then, the app has soared in popularity, with hundreds of millions of users worldwide.

Sarahah CEO Zain al-Abdin Tawfiq initially created the app for use in a workplace setting.  On its website, Sarahaha is described as a tool for users to discover their strengths and weaknesses by “receiving honest feedback from employees and friends in a private manner.”  In practice, however, Sarahah has been gaining traction among youth.  Although the app store says users must be at least 17 years old, many are younger and therefore more vulnerable to bullying.  Scheff, who was cyberbullied as an adult, said vicious comments can emotionally devastate the victim.  “Words hurt.  It’s just that simple,” she said.  She counsels parents to have an ongoing conversation with their children about their cyber life.  “There’s always going to be an app,” Scheff said.  “It’s not the app — it’s our social behaviour. It’s our parenting.”  Cracking down on cyberbullying in anonymous messaging apps is no easy feat, but leaving users to comment freely without constraints can end up backfiring.

……. Global News reached out to Sarahah for comment, but Tawfiq declined an interview.  He told the BBC in August that Sarahah does have “features such as blocking and filtering and many other techniques” in place to prevent online harassment.  Sarahah has already received several complaints about cyberbullying from users on Twitter and Facebook, but experts point out the issue of online harassment is not limited to any one channel or platform.  Scheff said there will always be another new app where cyberbullying can emerge.  Instead of targeting specific apps, she encourages parents to focus on changing their children’s social-media behaviour.  “Empathy and kindness starts offline, and we need to bring it online,” Scheff said.

 

Source:

Police warn parents about anonymous commenting app Sarahah

A phony WhatsApp app was removed from the Google Store. However, it appears the app was downloaded over 1 million times. According to a thread on Reddit (linked below) the fake app was full of adware and was apparently calling to to download additional apk’s.

Google has taken steps to protect it’s users by removing the app and suspending the developers account. It’s probably just a matter of time before this type of app pops up again in the store. As is usually the case, caveat emptor when downloading and installing apps.

There are a number of good resources online with helpful hints on what to look for. Link below has a quick video on how to screen before installing:

https://www.forbes.com/sites/adriankingsleyhughes/2012/11/15/how-to-check-if-an-android-or-ios-app-is-safe-to-install/#4f556369c30e

 

Sources:

https://threatpost.com/1m-downloads-later-google-pulls-phony-whatsapp-from-google-play/128778/