Tag: rises | SpinSafe

Price of zero-day exploits rises as companies harden products against hackers

April 8, 2024/in Internet Security

Tools that allow government hackers to break into iPhones and Android phones, popular software like the Chrome and Safari browsers, and chat apps like WhatsApp and iMessage, are now worth millions of dollars — and their price has multiplied in the last few years as these products get harder to hack.

On Monday, startup Crowdfense published its updated price list for these hacking tools, which are commonly known as “zero-days,” because they rely on unpatched vulnerabilities in software that are unknown to the makers of that software. Companies like Crowdfense and one of its competitors Zerodium claim to acquire these zero-days with the goal of re-selling them to other organizations, usually government agencies or government contractors, which claim they need the hacking tools to track or spy on criminals.

Crowdfense is now offering between $5 and $7 million for zero-days to break into iPhones, up to $5 million for zero-days to break into Android phones, up to $3 million and $3.5 million for Chrome and Safari zero-days respectively, and $3 to $5 million for WhatsApp and iMessage zero-days.

In its previous price list, published in 2019, the highest payouts that Crowdfense was offering were $3 million for Android and iOS zero-days.

The increase in prices comes as companies like Apple, Google, and Microsoft are making it harder to hack their devices and apps, which means their users are better protected.

“It should be harder year over year to exploit whatever software we’re using, whatever devices we’re using,” said Dustin Childs, who is the head of threat awareness at Trend Micro ZDI. Unlike CrowdFense and Zerodium, ZDI pays researchers to acquire zero-days, then reports them to the companies affected with the goal of getting the vulnerabilities fixed.

“As more zero-day vulnerabilities are discovered by threat intelligence teams like Google’s, and platform protections continue to improve, the time and effort required from attackers increases, resulting in an increase in cost for their findings,” said Shane Huntley, the head of Google’s Threat Analysis Group, which tracks hackers and the use of zero-days.

In a report last month, Google said it saw hackers use 97 zero-day…

Source…

TheMoon Malware Rises Again with Malicious Botnet for Hire

March 31, 2024/in Internet Security

After disappearing for several years, TheMoon has returned with a botnet army around 40,000 strong, made up of hijacked small home and office (SOHO) devices and available for hire as a proxy service for cybercriminals looking to obscure their traffic origins.

The cybercrime botnet service, called Faceless, costs less than a dollar per day, according to the researchers at Lumen Technologies’ Black Lotus Labs, who are warning about the return of TheMoon after the malware group disappeared in 2019, before reemerging back on the scene in 2023. By the beginning of 2024, TheMoon had amassed bots from across 88 countries to operate its Faceless service.

“We believe these cybercriminals [using Faceless] are using these networks to steal data and information from their victims, including the financial sector,” Mark Dehus, senior director of threat intelligence at Lumen Black Lotus Labs, said in a statement. “TheMoon malware is a serious threat not only to the owners of the compromised SOHO devices, but also the victims exploited through this anonymous proxy network.”

John Gallagher, vice president of Viakoo Labs at Viakoo, noted that the types of endpoints that TheMoon looks to bring to the dark side are somewhat sitting ducks.

“IoT devices are designed to be ‘set it and forget it,’ leading to their being favored by threat actors even if they are not end of life (they are likely to be unmanaged and not updated),” he said in an emailed statement. “This is a much bigger issue for enterprises than consumers. The operators of IoT devices are often cost centers, and there’s an incentive to not replace equipment unless it isn’t functional anymore. Enterprises offer vast fleets of IoT devices for threat actors to leverage for DDoS and other attack vectors.”

Source…

Iran’s internet price rises, and so does the fear of greater censorship

January 5, 2024/in Internet Security

Iranians could pay up to 34% more for the internet in 2024 as providers get the green light from the government to increase their tariffs.

Deemed as a move to balance persistent high levels of inflation, many commentators fear that less affordable internet rates could exacerbate ongoing issues with online censorship while discouraging citizens from accessing digital services.

Authorities have long been attempting to control the information users can and cannot access—especially during times of protests. As a result, Iranians have turned en masse to VPN services as a way to bypass restrictions. More expensive internet rates seem to be yet another way to limit people’s online activities.

An expensive restricted internet

“In an environment of political unrest and regular protests, reliable and affordable internet is crucial for maintaining social connections and staying informed, making this new barrier to connect to the internet all the more devastating,” Lina Survila, spokeswoman for VPN provider Surfshark, told me.

Tehran is infamous for heavily restricting the internet—Surfshark counted 55 instances since 2015. However, this trend considerably intensified at the end of 2022 when a wave of protests erupted, following the news that a 22-year-old Iranian woman had died in the custody of Iran’s morality police for allegedly violating strict hijab rules.

It’s very likely this increase in internet tariffs is an attempt to put online access out of reach for many Iranians
Lina Survila, Surfsjark

Authorities began by throttling internet connections and restricted access to Instagram and WhatsApp as a means to silence protesters.

Weekly disruptions to internet connectivity have also been enforced during Friday prayers in the Zahedan region ever since, making Iran by far the biggest perpetrator of internet shutdowns in 2023.

While a virtual private network (VPN) cannot help during periods of total internet shutdown, it’s a very useful tool for accessing restricted social media platforms and other blocked sites. It spoofs users’ IP addresses, while encrypting internet connections for better privacy.

Put simply, VPNs make government imposed restrictions ineffective—and that’s something…

Source…

DiNapoli: Cybercrime in New York Rises 53%

October 15, 2023/in Internet Security

NY’s Ransomware and Data Breaches Third Highest in Nation Over Six Years; Over $775 Million Lost in 2022 Alone

Cyberattacks in New York state increased 53% between 2016 and 2022, jumping from 16,426 incidents in 2016 to 25,112 in 2022. The number of attacks targeting critical infrastructure in New York state nearly doubled to 83 in the first half of 2023 compared to 48 during the entirety of last year, according to a report released today by State Comptroller Thomas P. DiNapoli.

Estimated losses in New York from cyberattacks in 2022 totaled over $775 million, while losses nationwide totaled $10.3 billion.

“Cyberattacks are a serious threat to New York’s critical infrastructure, economy and our everyday lives,” said DiNapoli. “Data breaches at companies and institutions that collect large amounts of personal information expose New Yorkers to potential invasions of privacy, identity theft and fraud. Also troubling is the rise in ransomware attacks that can shut down systems we rely on for water, power, health care and other necessities. Safeguarding our state from cyberattacks requires sustained investment, coordination, and vigilance.”

Relative to other states, New York had the third highest number of ransomware attacks (135) and corporate data breaches (238) in 2022, trailing only California and Texas for ransomware attacks and California and Florida for corporate data breaches. New York also had the fourth-highest number of cybercrime victims in the nation in 2022 with losses skyrocketing 632% since 2016.

The two most attacked critical infrastructure sectors through ransomware and data breaches in New York were Healthcare and Public Health (9) and Financial Services (8). Commercial Facilities and Government Facilities (7) tied for third.

Combatting the Threat

Securing critical infrastructure from cyberattacks will require sustained investment, coordination and vigilance. In 2022, the Governor appointed a state chief cyber officer to lead cross-agency efforts to combat cyber threats and improve the state’s critical infrastructure assets’ cybersecurity. The cyber chief leads a newly created Joint Security Operations…

Source…

Tag Archive for: rises

Combatting the Threat