Teenager hacks Apple and steals 90 GB of Data

Posted on August 29, 2018November 25, 2019 by Jamie Harrison

The world’s first trillion-dollar company, Apple, has suffered an embarrassing hack by an Aussie teen. The company is known to be highly security conscious, yet a teenager from Melbourne was able to hack into the company’s network’s and steal over 90 GB of data over the course of a year.

Investigators discovered the hacker had ‘authorization keys’ on his computer, stored in a folder called ‘hacky hack hack’, and bragged of his accomplishments on WhatsApp. He admitted to the investigators that his dream was to work for Apple.

Apple contacted the FBI after discovering the breach, who in turn contacted the Australian Federal Police. Working together they soon caught the teenager, whose name is being withheld as he is a minor and may be placed in danger if details were released.

The Australian Federal Police raided his home, finding a variety of Apple computers, mobiles and drives, which matched IDs from the attack. The teenager pleaded guilty in court and is now awaiting sentencing. The company claims that no customer personal data was compromised,

The attack follows the news that a group of hackers named Lazarus is said to be behind a crypto-coin stealing malware targeting Macs known as AppleJeus, adapted from a Windows virus. Lazarus is believed to have ties to North Korea.

The last time Apple faced serious security issues was in 2014 when four hackers admitted to using social engineering ‘phishing’ emails to steal female celebrities’ nude photos, including Jennifer Lawrence and Kin Kardashian, from their iCloud accounts. Known as the ‘Fappening’, hundreds of images were released on the 4Chan website and the hackers have all received between eight-month to 18-month sentences between them.

The latest incident shows that even the most security conscious company is not immune from determined hackers, who are increasingly using ever more sophisticated methods to bypass security. More than ever, it is imperative that business train their staff to recognise social engineering phishing attacks as a last line of defence and to have an effective recovery system in placeto reduce downtime and lost profits.

Most experts recommend that recovery tools and services make up at least 20% of your network security budget to quickly recover from any loss of data and to prevent downtime.

Globalnet works with businesses throughout London, Essex, Kent and Herts to ensure their data and networks are secure from all threats. Call us on 0203 005 9650 today to find out how we can provide the right protection for you.

Globalnet aims to be an integral part of your success, providing the best business advice, superior IT support and technology to help you reach your goals.

Find out more about Globalnet’s cyber security plans

Superdrug hack affects up to 20,000 customers

Posted on August 24, 2018November 25, 2019 by Jamie Harrison

The details of almost 20,000 online Superdrug customers have been hacked, the cosmetics retailer has confirmed. Payment card details are not said to be among the data stolen.

Superdrug boss Peter Macnab has emailed customers to inform them of the “possible disclosure of your personal data, but not including your payment card information.”

“On the evening of the 20th of August, we were contacted by hackers who claimed they had obtained a number of our customers’ online shopping information. There is no evidence that Superdrug’s systems have been compromised. We believe the hacker obtained customers’ email addresses and passwords from other websites and then used those credentials to access accounts on our website.”

The email explained that the hackers had “obtained information on approximately 20,000 customers but we have only seen 386.”

According to IT site, The Register, it seems that the hackers had “taken passwords and usernames stolen from one website and used them to log into accounts on other sites, exploiting the fact people reuse their passphrases across various online services and profiles.”

The Superdrug email also stated that customers’ names, postal addresses and “in some instances” dates of birth, phone numbers and points balances “may have been accessed”. Superdrug advises its customers to update their Superdrug.com password “now and on an on-going, frequent basis.”

Action Fraud and the police have been notified and it is believed the hackers contacted Superdrug to extort money from the business to keep the hack quiet.

Globalnet works with businesses throughout London, Essex, Kent and Herts to ensure their data and networks are secure from all antivirus, malware and ransomware threats. Call us on 0203 005 9650 today to find out how we can provide the right protection for you.

Globalnet aims to be an integral part of your success, providing the best business advice, superior IT support and technology to help you reach your goals.

Find out more about Globalnet’s cyber security plans

UK companies may lose .eu domains

Posted on August 21, 2018November 25, 2019 by Jamie Harrison

The European Commission has announced that it will cancel all 300,000 domains under the .eu top-level domain that have a UK registrant, following Britain’s departure from the European Union.

The document states, “As of the withdrawal date, undertakings and organizations that are established in the United Kingdom but not in the EU and natural persons who reside in the United Kingdom will no longer be eligible to register .eu domain names, or if they are .eu registrants, to renew .eu domain names registered before the withdrawal date.”

The EC had also suggested that existing .eu domains might be cancelled the moment Brexit happens in March 2019 with no right of appeal.

“As a result of the withdrawal of the United Kingdom, a holder of a domain name does no longer fulfil the general eligibility criteria… the Registry for .eu will be entitled to revoke such domain name on its own initiative and without submitting the dispute to any extrajudicial settlement of conflicts.”

EURid, the company responsible for granting .eu domains has claimed on its website that it was not consulted or informed before the news was made public, “Yesterday afternoon, EURid, the registry manager of the .eu TLD, received the link to the European Commission’s communication concerning Brexit and the .eu TLD.”

It is estimated that there are 317,000 .eu domains registered in the UK – roughly 10% of all registered .eu domains. Cancelling them would have a huge impact on EURid, and on the EU which receives millions of euros every year from the registry.

There is a glimmer of hope for those in the UK that have registered .eu domains, however. The announcement states that its decree is “subject to any transitional arrangement that may be contained in a possible withdrawal agreement” – meaning that it could form part of a large Brexit agreement between the UK government and EU.

Read more about this story on The Register

Globalnet is a managed servicer provider for a wide range of businesses throughout London, Essex, Kent and Herts. Call us today to find out how we can improve your IT infrastructure and increase productivity.

Globalnet aims to be an integral part of your success, providing the best business advice, superior IT support and technology to help you reach your goals.

New sextortion phishing scam revealed

Posted on August 13, 2018November 25, 2019 by Jamie Harrison

There’s a new phishing scam doing the rounds using blackmail techniques to make susceptible users hand over their hard earned cash. Known as sextortion phishing, criminals are targeting users by threatening to expose porn viewing by claiming to have webcam footage of the victim using porn. Even more simsiter is the fact the hackers often have users’ passwords.

Typical sextortion phishing email

One example, shared on Twitter by programmer Can Duruk , says:

I’m aware that XXXXXXX is your password.

You don’t know me and you’re thinking why you received this e mail, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google) .

BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT8V72

(It is cAsE sensitive, so copy and paste it)

Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email

Hacked password

The scary part is that they actually use a password that the user recognises. It has been suggested that these may have come from any of the recent large data breaches, such as Uber, Carphone Warehouse, and so on.

While your spam filter will probably stop you receiving these phishing emails, there is still a chance of them getting through and hitting your inbox. It’s important that you and any employees know about the scam, recognise it for what it is, and do feel ashamed or pressured into paying the scammer.

How to deal with this phishing scam

Do not pay the scammer. Paying shows that you’re vulnerable and you may be targeted again. The police advise that you do not pay criminals.
Change your password immediately and reset it on any accounts you’ve used the same one for. Always use a strong and separate password. Whenever possible, enable Two-Factor Authentication (2FA).
Do not reply to the email
Always keep your anti-virus software and operating systems up to date
Cover your webcam when you’re not using it
Report the crime to Action Fraud

Action Fraud reports that over 110 victims have reported receiving emails like the one above in July – adding that having their passwords shown to them is a “nasty twist” on the traditional phishing scam.

Globalnet works with businesses throughout London, Essex, Kent and Herts to ensure their data and networks are secure from all antivirus, malware and ransomware threats. Call us on 0203 005 9650 today to find out how we can provide the right protection for you.

Globalnet aims to be an integral part of your success, providing the best business advice, superior IT support and technology to help you reach your goals.

Find out more about Globalnet’s cyber security plans