12 10 - 23July 2019 [email protected]
Q
Are crypto-
currencies,
such as
Facebook’s new Libra
(seenewsstory on
page10) safe to use?
Dave Horgan, FacebookA
Many people are
unsure about using
cryptocurrencies- if they even know what a
cryptocurrency is. In fact,
Chinesehackers spyon
mobilephoneusers
Security
researchershave
uncovered a
cyberspying
campaigndating
backto at least
2017, which
involved the hackingof 10 mobile
phonenetworks aroundthe world
and invisibletrackingof theirusers
for monthson end.
In the report publishedby
Cybereason(bit.ly/cyber4 79 ),
researcherssaid hackers were able to
extract all raw data transmitted to
and received from a user’s phone,
allowingthemto track a person’s
location and steal personally
identifyinginformation including
logincredentials,call records, billing
information and more. Hackers in
Chinaare believed to be behindthe
years-longcyberattack,havingonly one in 10 of us fully
understands how they work.
Everyone feels comfortable
going into any branch of a
bank, because we know they
are regulated and
underwritten. Most of us are
happy to use the bank’s
online facilities, too, but I’d
argue that this trust stems
from the trust we have in
them in the real world. I don’t
think we have the samelevel
of confidence in online
equivalents – whether it’s a
currency exchange that holds
our digital money for us, or
our own digital wallet. If
cryptocurrencies are ever to
rival real-world currencies,
we all need to have the same
level of trust in them.Consumers need to
understand what they can
do to stop cybercriminals
stealing their digital assets.
Here are some key
recommendations on the
safe use of cryptocurrencies
from Kaspersky:- Always verify a crypto
wallet’s address and don’t
follow links to an online
bank or web wallet- Double-check recipients’
addresses, the amount
being sent and the
associated fee before you
send a transaction - Write down a mnemonic
phrase that lets you
recover a crypto wallet if
you lose your password - Install high-quality
security software such as
Kaspersky Internet
Security to safeguard the
devices you use to access
crypto wallets and trade on
crypto-exchanges.
News aboutthe latest threats and advice from securityexperts
Stay Safe Online
SECURITY ALERT! |What’sbeenbotheringus thisfortnight
Security Helpdesk|Your questions answeredbysecurity specialists
gainedentryto the mobilenetworks by
exploitinga flaw in a web server product.
“We’ve concludedwith a high level of
certaintythat the threat actor is affiliated
with Chinaand is likely state sponsored,”
said Cybereason’s report.“This attack
has widespread implications,not just for
individuals,but also for organisations
and countriesalike. This is anotherform
of cyber warfare beingusedto establish
a footholdand gather information
undercover until they are ready to strike.”
bit.ly/hackers4 79300 milliongamers exposed
to securityflaws
A chainof vulnerabilities
has beendiscovered in
a popularPC-gaming
platform.CheckPoint
Research and CyberInt
uncovered securityflaws in Electronic
Arts’(EA’s) gamingclientOriginthat
could have allowed attackers to
compromisea player’s session and takeover theiraccount completely without
having to obtainany logincredentials.
Originis one of the biggest PC-
gamingplatforms,with blockbuster
titlessuchas FIFA, Madden,Battlefield,
The Simsand Star Wars Battlefront on
its roster. It has 300 millionusers
worldwide, who could have been
affected by the exploits.
Fortunately, the problemshave
now beenpatched, and there is
no evidence that they were ever
exploited by attackers. “EA’s Origin
platform is hugelypopular, and if left
unpatched, theseflaws would have
enabledhackers to hijackand exploit
millionsof users’accounts,” said
CheckPoint Research. “This shows
how susceptibleonlineapplications
are to attacksand breaches.These
[gaming]platformsare increasingly
beingtargeted by hackers because
of the hugeamountsof sensitive
customer data they hold”.
bit.ly/eaorigin4 79Onlyonein 10of usfullyunderstands
how cryptocurrenciesworkTHISISSUE’SEXPERT:
DavidEmm,Principal
SecurityResearcher
at Kaspersky Lab
(www.kaspersky.co.uk)