Week in review 1 August 2014
This week saw the darker side of cloud, a sophisticated banking phishing scheme and a lack of proper encryption. We also saw a simple but effective scam using bluff, and a new malware that is (as yet) undetectable for many antivirus programs.
To kick off the week, we saw the darker side of cloud based providers: Amazon Web Services scored top in terms of malware being on the site. For those who aren’t aware, Amazon allows you to build virtual servers for free; once you reach a monthly access threshold you get charged. It looks like some of these virtual servers are being used for malicious purposes namely hosting malware. In the category of breathtakingly simple (but effective) lies a scam perpetrated by Mr Sharron Laverne Parrish Jr. Business Insider has the full details. Suffice it to say that he used four cancelled debit cards and a sizeable amount of bluff.
Enough bluff to scam Apple out of $US300, 000. A malicious phishing campaign targeting customers at several Finnish banks was one of the big stories this week. The technique employed by the phishers was to send an email purporting to be from the bank, claiming that an invoice is overdue, and providing a link to the bank’s website. The website is a bogus one, allowing the criminals to capture the user credentials. The scheme resulted in a loss of around $USD670, 000. The other big story revolved around encryption, Facebook and Instagram. A researcher running WireShark (a free and widely used packet sniffer) found that not all the packets from Instagram were encrypted.
It seems Facebook are aware of the issue and will issue a fix, but no date has been set as yet. Friday kicked off with alert from US-CERT about a new type of malware called “Backoff”. “Backoff” affects Point of Sale (POS); to date 600 businesses have been affected in the US. This type of malware is particularly malicious, as it slips under the radar of most antivirus software. More details are set out in the magazine article.