February 4, 2019

Chrome’s hidden lookalike detection feature battles URL imposters

By Danny Bradbury

Most of us have suffered from fat-fingered browsing before, mistyping website URLs and getting taken to the wrong place. Some of us have fallen victim to hyperlinks that look like legitimate websites at first glance but which are deliberately misspelled. Now, Chrome will try to save us from lookalike sites by detecting them and flagging up a warning.

Google has given its web browser a new feature that checks before it sends you to misspelled versions of popular sites. The feature, first called “Navigation suggestions for Lookalike URLs”, reportedly appeared in the Canary release of Chrome 70. Canary releases test new features on early adopter users so that Google can refine them before releasing them into the mainstream.

When activated, the security measure checks for misspelled sites, where it’s likely that the user intended to visit a popular url. It will display a link to the site that it thinks the user might have wanted to visit.

Sometimes, users intentionally mistype websites. The letter o on your keyboard is close enough to the zero that typing g00gle.com could be a legitimate mistake. More often, criminals deliberately register misspelled versions of websites for phishing or malware attacks, in an process known as typosquatting. By substituting a 1 for an l, or by transposing characters, attackers can create domains – and sites – that look real, using them for phishing attacks.

Read more at https://nakedsecurity.sophos.com/2019/02/04/chrome-can-now-detect-lookalike-urls/

FBI burrowing into North Korea’s big bad botnet

By Lisa Vaas

The US has infiltrated, mapped, and poked a stick into the spokes of Joanap: what it claims is a botnet of hijacked Microsoft Windows computers operated by botnet masters in North Korea.

The Feds are also continuing to mess with the globe-spanning network by notifying the owners of the commandeered systems Joanap still controls, years after it was first discovered and in spite of antivirus software being able to fend it off.

The US Department of Justice (DOJ) announced on Wednesday that the effort follows charges, unsealed in September 2018, against a North Korea regime-backed programmer, Park Jin Hyok.

The botnet behind some big baddies

The complaint against Park alleged that he and his co-conspirators used a Server Message Block (SMB) worm commonly known as Brambul to gain unauthorized access to computers, and then used those computers to carry out a mess of big, nasty cyberattacks.

Among them were the global WannaCry ransomware attack of 2017, the 2014 attack on Sony Pictures, and the $81m cyber heist from 2016 that drained Bangladesh’s central bank.

The complaint alleged that Park, a North Korean citizen, was a member of a government-sponsored hacking team known as the “Lazarus Group” and that he worked for a North Korean government front company, Chosun Expo Joint Venture (aka Korea Expo Joint Venture or “KEJV”), to support cyber actions on behalf of the Democratic People’s Republic of Korea (DPRK).

Read more at https://nakedsecurity.sophos.com/2019/02/04/fbi-burrowing-into-north-koreas-big-bad-botnet/

Selling fake likes and follows is illegal, rules New York

By Lisa Vaas

Last week, a year after the New York Times reported that an obscure company called Devumi was making millions by selling fake likes, followers and retweets to celebrities, businesses or anyone who wants to puff themselves up online, the New York Attorney General announced a groundbreaking settlement that for the first time has declared that fake social engagement from imposter accounts is illegal.

The settlement, announced by New York Attorney General Letitia James, is the first in the US to find that selling fake followers and likes is illegal deception, and that fake engagement via stolen identities is illegal impersonation.

The settlement bars Devumi LLC and its offshoot companies, including Disrupt X Inc., Social Bull and Bytion – collectively referred to as Devumi – from ever again engaging in this type of business. According to the New York Post, Devumi owner German Calas Jr. pleaded no contest to the charges and agreed to a $50,000 fine.

Calas’s company had been grossing $15 million a year until it folded in August or September, following negative publicity in the wake of reports that the AG was investigating.

Read more at https://nakedsecurity.sophos.com/2019/02/04/selling-fake-likes-and-follows-is-illegal-rules-new-york/

Credential dump contains another 2.2 billion pwned accounts

By John E Dunn

How many user credentials have fallen into the hands of criminals during a decade of data breaches?

Earlier this month, the Have I Been Pwned? (HIBP) website offered a partial answer to that question by uploading something called Collection #1, a database of 773 million unique email addresses discovered circulating on a criminal forum.

Now researchers at Germany’s Hasso-Plattner Institute (HPI) have reportedly analysed a second cache that was part of the same discovery. This cache consists of four collections named, unsurprisingly, Collections #2-5, that they think contains a total of 2.2 billion unique pairs of email addresses and passwords.

Collection #1 consists 87GB of data cobbled together from more than 2,000 individual data breaches going back years.

Collections #2-5, for comparison, is said to be 845GB covering 25 billion records.

It’s a dizzying volume of data, which, despite the hundreds of millions or more people it must represent, is still small enough to fit on the hard drive of a recent Windows computer.

The obvious measure of these breaches is how much new data they represent, that which has not already been added to databases such as those amassed by HIBP or HPI.

Have I Been Pwned? estimated the unique data in Collection #1 at around 140 million email addresses and at least 11 million unique passwords.

HPI, meanwhile, estimates the number of new credentials at 750 million (it isn’t yet clear how many new passwords this includes).

Read more at https://nakedsecurity.sophos.com/2019/02/01/credential-dump-contains-another-2-2-billion-pwned-accounts/

Hacker talks to baby through Nest security cam, jacks up thermostat

By Lisa Vaas

If the internet’s army of creeps isn’t busy blasting bogus warnings about fake nuclear warhead missiles through people’s Nest security cameras, they’re trying to parboil kids by jacking up the Nest thermostat.

A smart-home aficionado in the US state of Illinois told NBC News that he and his wife haven’t slept well in days, after a stranger accessed his Nest home security cameras and thermostats.

Arjun Sud – whom NBC described as an “avid” user of smart-home technology – told the station that shortly after he and his wife put their 7-month-old baby boy to bed on 20 January 2019, they heard a strange noise coming out of the room. When Sud went to investigate, he said, he heard a deep, male voice coming from a Nest security camera that was installed in the nursery – one of 16 he owns, in addition to a security system and two Nest thermostats.

In addition, Sud found that somebody with a) too much time on their hands and b) the password to his Nest gadgets had remotely tinkered with the thermostat, jacking up the temperature to a balmy 90 degrees Fahrenheit (32°C).

Google, which owns Nest, told NBC that it’s aware of similar reports about customers using compromised passwords that were exposed on breaches on other websites.

Read more at https://nakedsecurity.sophos.com/2019/02/01/hacker-talks-to-baby-through-nest-security-cam-jacks-up-thermostat/

ACS

Advanced Computer Services of Central Florida

Centrally located in Winter Haven, we serve residential and business clients in and around Polk County.

9 Camellia Drive
Winter Haven, FL 33880
863-229-4244

Our Promise to You

Plain language, no tech-talk

We will never try to over-sell you a product you don't need.


Advanced Computer Services of Central Florida is your local, hometown computer service and repair company that can do more than just fix your PC.  We offer highly skilled professionals who can be counted on to give you sound advice on upgrades, software and hardware, commercial & residential networks, hardwire or secure wireless.

No trip charges within Polk County

No after-hours or weekend fees

$45.00/hr Residential

$65.00/hr Commercial - free system evaluation