March 24, 2020
Facebook Messenger may ban mass-forwarding of messages
By Lisa Vaas
Facebook Messenger may ban mass-forwarding of messages in an effort to lasso the runaway forwarding of COVID-19 fake news and rumors, it confirmed on Sunday.
Facebook has done this before when its other messaging services have gone berserk with forwarding hysterical misinformation – misinformation that led to people getting lynched in the fake-news crisis that seized India, Myanmar and Sri Lanka in 2018.
India was torn apart as rumors spread virally on social media sparked dozens of mob lynching’s. Over the period of 18 months, 33 people were killed and at least 99 injured in 69 reported lynching’s. At least 18 of those incidents were specifically linked to WhatsApp.
In July 2018, the Facebook-owned company said that it would limit forwarding to everyone using WhatsApp, with the limit being most restrictive in India, where people forward more messages, photos and videos than any other country in the world. In India, WhatsApp tested a lower limit of 5 chats at once and removed quick-forward button next to media messages. WhatsApp also imposed a larger limit globally of 20 recipients.
In January 2019, WhatsApp applied the lower limit of five forwarded chats on a global scale.
On Saturday, Jane Manchun Wong, a hacker who reverse-engineers apps, spotted Facebook’s test of a new feature in Messenger: a 5-chat forwarding limit. She tweeted an example of how it might work that she’d found hidden inside the app.
Read more at https://nakedsecurity.sophos.com/2020/03/24/facebook-messenger-may-ban-mass-forwarding-of-messages/
Russia’s FSB wanted its own IoT botnet
By Danny Bradbury
If you thought the Mirai botnet was bad, what about a version under the control of Russia’s military that it could point like an electronic cannon at people it didn’t like? That’s the prospect we could face after the reported emergence of secret Russian project documents online last week.
The documents, which come from hacking group Digital Revolution but haven’t been verified, suggest that Russia’s Federal Security Service (in Russian, the FSB), has been working on an internet of things (IoT) botnet of its own called Fronton.
Mirai was a botnet that infected IoT devices by the million, taking advantage of default login credentials to co-opt them for attackers. They then pointed it at DNS service provider Dyn, mounting a DDoS attack that took down large internet services for hours.
That happened in late 2016. Shortly after, the documents suggest, the FSB decided to get in on the act by commissioning its own botnet that would infect and control connected small footprint devices. The evidence apparently shows a procurement order from unit 64829, an internal FSB department, for a project put together in 2017 and 2018. They reference Mirai, suggesting that the FSB could develop something similar.
BBC Russia, which saw the 12 documents in the dumped cache first hand, said they refer to three variations of the project: Fronton, Fronton-3D, and Fronton-18. Each describes a botnet of infected IoT devices under the FSB’s control.
Read more at https://nakedsecurity.sophos.com/2020/03/24/russias-fsb-wanted-its-own-iot-botnet/
Feds shut down bogus COVID-19 vaccine site
By Lisa Vaas
A free coronavirus vaccine from the World Health Organization (WHO), for only $4.95 to cover shipping costs?!?
Nah, we didn’t think so, either. On Sunday, the US Department of Justice (DOJ) announced that it shut down what it called a wire fraud scheme being carried out by the operators of a site in order to squeeze profit from the confusion and widespread fear surrounding COVID-19 – by promising to ship coronavirus vaccine kits that don’t actually exist.
Let us state the obvious, or, rather, quote the DOJ’s statement as it states the obvious:
There are currently no legitimate COVID-19 vaccines and the WHO is not distributing any such vaccine.
The site – now offline but available as an exhibit attached to the DOJ’s civil complaint – was offering consumers access to WHO vaccine kits in exchange for a shipping charge of $4.95, which consumers would pay by entering their credit card information on the website.
Per DOJ request, US District Judge Robert Pitman issued a temporary restraining order requiring that the registrar of the scam site – listed as NameCheap in its Whois Record – immediately take action to block public access to it.
The DOJ says that this is its first enforcement action taken against COVID-19 fraud. Dollars to donuts says it won’t be the last, given that we’ve seen plenty of cyberscum trying to make money off of people’s misery and uncertainty.
Read more at https://nakedsecurity.sophos.com/2020/03/24/feds-shut-down-bogus-covid-19-vaccine-site/
WhatsApp “Martinelli” hoax is back, warning about “Dance of the Pope”
By Paul Ducklin
If you follow @NakedSecurity on Twitter, you’ll have noticed that we warned last week about an old WhatsApp hoax that suddenly reappeared.
The bogus news is generally known as the “Martinelli hoax”, because it starts like this:
If you know anyone using WhatsApp you might pass on this. An IT colleague has advised that a video comes out tomorrow from WhatsApp called martinelli do not open it , it hacks your phone and nothing will fix it. Spread the word.
When we last wrote about “Martinelli”, back in 2018, we noted that the hoax was given a breath of believability because the text above was immediately followed by this:
If you receive a message to update the WhatsApp to WhatsApp Gold, do not click!!!!!
This part of the hoax has a ring of truth to it.
Back in 2016, hoax-checking site Snopes reported that malware dubbing itself WhatsApp Gold, was doing the rounds.
The fake WhatsApp was promoted by bogus messages that claimed, “Hey Finally Secret WhatsApp golden version has been leaked, This version is used only by big celebrities. Now we can use it too.”
So, WhatsApp Gold was actual malware, and the advice to avoid it was valid, so the initiator of the Martinelli hoax used it to give an element of legitimacy to their otherwise fake warning about the video.
Read more at https://nakedsecurity.sophos.com/2020/03/23/whatsapp-martinelli-hoax-is-back-warning-about-dance-of-the-pope/