While we are all glued to our couches watching our favorite football teams crush one another, let’s direct our attention a bit towards some important IT security news and alerts for this week.
An Embarrassing Password Revelation
No example of irony can match what the security team of the FIFA World Cup did in its latest tweet. The team recently tweeted a photograph of their security center. In the photo, Federal Police’s head of international co-operation Luiz Cravo Dorea is posing with a calm and poised stature, as if sending out a message, “We have got everything under control.” But what Luiz conveniently forgot was that the big screen behind him had the center’s Wi-Fi SSID and password for the entire world to see. Read more on this here.
Database of Domino’s Pizza Hacked
A hacker group has claimed to have hacked the database server of pizza delivery corporation Domino’s. The group that goes by the name Rex Mundi, has claimed to have stolen details of more than 600K customers. Reportedly, the hacker group has demanded a ransom of €30,000 to keep the data from going public. The data includes addresses, names, phone numbers, email IDs and passwords. The France and Belgium website of the company seems to have been hacked. Read more on this here.
Beware of the HijackRAT Malware
A new Android malware is now scampering out in the wild. It goes by the name ‘HijackRAT’, and it is purported to go after mobile banking apps. This malware can not only steal the victim’s banking information, but also allow the hacker to gain remote access to the infected mobile device. One scary feature of this malware is scanning the infected device for mobile banking apps, and replacing these apps with fake ones. And once the victim uses these fake apps to conduct any banking transaction, the information can easily be stolen by the controller of the malware. Reportedly, eight banks in Korea are being targeted by this malware.
Malware Sits in your Browser and Waits Until you Visit a Banking Website
A malware is being circulated via spam messages that infects the victim’s Internet browser and waits until the user visits a banking website. Once a banking website opens up, the malware starts stealing the information provided by the user. As mentioned, this malware is being spread via spam messages that look like they are from a legit company. The messages simply try to trick the user into clicking a link embedded in the message, and that initiates the download of the malicious code. Users are advised to have a reputable anti-virus software on their computer, and be careful of unwanted and unsolicited emails and text messages.