January 27, 2017
UNM4SK3D: Dropbox, Russia, and Google Play
January 27, 2017
Recently, Dropbox earned itself a new nickname, 'Dropbug,' also synonymous with 'restore files.' The crowd-favorite file sharing company implemented a bug fix which had corrupted the metadata of their files. This resulted in the files being “quarantined” rather than deleted.
That's when a Dropbox customer service representative, 'Ross S' took to forums, stating "while fixing the bug, we inadvertently restored the impacted files and folders to those users’ accounts. This was our mistake; it wasn’t due to a third party and you weren’t hacked." Phew.. that's good. But wait, this bug has been around for a bit, so why wasn't it fixed sooner? Seems to be another question for another day.
500 Million people use Dropbox, according to their site
If this story raises Dropbox trust issues, this podcast featuring Dropbox Chief of Trust and Security, Patrick Heim, may help.
#treason2 Cyber Security Intelligence Officials were arrested by Russia in December on charges of treason, a recent report acknowledged. The first charged is the head of Kapersky lab's computer incidents investigations team, Ruslan Stoyanov and the other, is Sergei Mikhailov, deputy chief of the Federal Security Service (FSB)'s Center for Information Security. Nyet good!"News of the arrests comes as U.S. intelligence agencies continue investigating the degree to which Russian government-backed hackers penetrated computer servers and e-mail accounts belonging to the political party officials, first and foremost, the Democratic Party," reports RadioLiberty. And while the FSB has refused to comment, Kapersky Labs has denied their knowledge in the case, saying that their employee's activities pre-date his employment.The connection between the Stoyanov and Mikhailov comes from the speculation that Stoyanov was "seen as a sort of broker" between Mikhailov. So, the treason charges could have been a result of him facilitating foreign access to someone with a Russian secuirty clearance. It's alleged that Stoyanov received money from foreign companies or entities, but according to Mark Galeotti, a senior research fellow specializing in Russian security affairs at the Institute of International Relations Prague, treason charges in Russia are not a rarity.
It [the arrests] destroys a system that has been 20 years in the making, the system of relations between intelligence agencies and companies like Kaspersky -Andrei Soldatov, Russian security services expert
To weigh in on Russia's current state of affairs, join this forum discussing the 10 Year Prison Sentence for Russian Hackers and Malware Authors.
There's an animal we never thought we'd hear of. It's all too familiar cousin, HummingBad, an Android malware that was discovered in February 2016 infected as many as 10 million devices. Now, it's resurfaced as HummingWhale.
Unfortunately the zoo isn't answering our call, but researchers at CheckPoint are. They say the new malware has several new features allowing it to perform ad fraud even more efficiently than its predecessor. Luckily, they spotted a malicious app that shared many of the same attributes of the original HummingBad malware, so they were able to make a connection between the two samples. HummingWhale was hiding in plain sight, being distributed via 20 camera, music, flashlight and adult apps on Google Play. Those apps have since been removed from the marketplace after CheckPoint reported the malware.
Looking back at Hummingbad, the side business of a legitimate Chinese advertising analytics firm, YingMob, it's frightening to see the damage malware can do. By the first half of 2016, HummingBad had grown so prevalent the malware represented 72 percent of mobile attacks, according to researchers, and was bringing in $300,000 a month. From a current count, HummingWhale had yet to grow to this extensive of a reach, but is still said to have affected between 2 and twelve million devices.
It was probably only a matter of time before HummingBad evolved and made its way onto Google Play again -Oren Koriat, CheckPoint mobile cyber security analyst
If you're not entirely certain how malware works, read 'How to Identify Malware/Sypware Attacks'.