Zero Day Weekly: JP Morgan Chase, iOS malware Xsser, FBI informant's spree
Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending October 3, 2014. Covers enterprise, controversies, reports and more.
This week, JPMorgan treats us to the biggest known breach in history; the FBI has a very busy week; iOS and Android malware targets Hong Kong pro-democracy protesters; and Shellshock gets exploited nine ways until Sunday.
- The JPMorgan Chase breach has the public stunned today, with an epic 83 million records exposed, making it one of the biggest known breaches in history. Reuters reports, "The people affected are mostly account holders, but may also include former account holders and others who entered their contact information at the bank’s online and mobile sites, according to a bank spokeswoman."
- The FBI took out StealthGenie, arresting the consumer spyware's CEO; the creepware is able to monitor calls, texts, videos and other communications on mobile phones without detection or the user’s consent. According to the FBI, Hammad Akbar allegedly conspired to advertise and sell the spyware application online, and the arrest marks the first-ever criminal case concerning the advertisement and sale of a mobile device spyware app.
- A Malware Investigator Portal for industry players was announced by the FBI this week, showing the agency is ready to engage with malware researchers on a variety of levels. The portal, launched in August, is currently available to law enforcement officials, but FBI agent Jonathan Burns said in a talk at the Virus Bulletin conference that the FBI is developing a separate portal for outside experts. That system will allow security researchers and others to upload suspicious files they’ve collected and get correlation information and any other data the FBI has on them or related files.
Video of my talk at BlackHat USA 2014 "Data-Only Pwning Microsoft Windows Kernel" https://t.co/M6RxsY0G8N
— Nikita Tarakanov (@NTarakanov) October 1, 2014
Pro-democracy activists and protestors in Hong Kong have been targeted by mobile device malware -- remote access Trojans (RATs) -- which have been spread through targeted mobile message phishing, successfully infecting both Android and iOS devices. The Android spyware is being spread via WhatsApp, while it is still unclear how iOS devices get infected with Xsser, which is not disguised as an app.
Researchers at Dr Web say they've found a new Mac OS X botnet... http://t.co/agMUD3K3S5 pic.twitter.com/4wOoYkZyKd
— Graham Cluley (@gcluley) October 2, 2014
- An FBI informant led hacks against 30 countries -- now we know which ones. A cache of leaked IRC chat logs and other documents obtained by the Daily Dot reveals the 30 countries—including U.S. partners, such as the United Kingdom and Australia—tied to cyberattacks carried out under the direction of Hector Xavier Monsegur, better known as Sabu, who served as an FBI informant at the time of the attacks.
- Early in the week, four members of an international computer hacking ring were indicted for stealing Xbox technology and Apache Helicopter training software. The hackers broke into Microsoft, Epic Games, Valve, Zombie Studios and the US Army. In order to infiltrate these systems, the DoJ alleges that SQL injections and the use of stolen company employee usernames and passwords were used, as well as those gained from software development partners.
- Police agencies across the U.S. have distributed dodgy 'Internet Safety Software' ComputerCop to families saying the consumer spyware was the "first step" in protecting children. An investigation by the EFF shows the software is bought in bulk from a New York company that markets ComputerCop to agencies with fraudulent endorsements, such as one from the U.S. Department of Treasury, which has now issued a fraud alert over ComputerCop's false document. There is an EFF guide to removing ComputerCop.
Just Released to the Public! CP/M Operating System Source Code. Available for download here http://t.co/9BAgz22CxV pic.twitter.com/0c8YVzsPSX
— Computer History (@ComputerHistory) October 1, 2014
- The exploitation of the BASH bug Shellshock is in full swing. Attackers have mobilized -- multiple proof-of-concept scripts are available, including a Metasploit module, making this vulnerability very accessible.
- With constant cloud security problems in the news, it's no wonder trust in cloud security has hit rock bottom. Which is why the BT report that more worried execs are moving into the cloud than ever is so interesting.