News Digest: What’s happening in 2022? [The first two months]
The new year 2022 has just begun, and it is already full of events in the digital space. These are data leaks, vulnerabilities, and insecure use of some applications.
Today, we will tell you about several digital events and fails at the beginning of 2022.
If you missed it, here is the news digest for 2021.
News digest list
#1 Safari may leak user data due to a bug
Experts from Fingerprints have discovered a vulnerability in the Safari 15 browser that allows third-party sites to receive user data about the Google account and its services. The problem lies in databases using the IndexedDB framework, in which this information is recorded when surfing the internet.
Usually, the browser creates a database when working with one site to be accessible only to this site. So, for example, if you are logged in to mail in one tab, and a fraudulent site is open in the next one, the so-called “domain restriction rule” will not allow the “bad” tab to find out what the user is doing in the next one.
As experts have found out, in the Safari browser, the IndexedDB API ignores the “domain restriction rule.” For this reason, all other tabs and frames within the same session can see the names of “foreign” created databases.
#2 Cybercriminals stole $2.2 million worth of NFT tokens with monkeys
The owner of the Rossi+Kramer gallery, Todd Kramer, published a post on Twitter in which he said: “I been hacked. All my apes gone. This just sold please help me.” Soon the tweet was deleted, but later the situation began to clear up.
As it turned out, the scammers conducted a phishing scheme to steal from Ted Kramer a wallet with 15 NFTs, the total value of which is estimated at $2.2 million. It included various NFTs, including those from the Bored Ape Yacht Club collection.
Kramer said that the OpenSea team has frozen the NFTs, preventing them from being bought or sold, and was helping to solve the problem.
This has raised questions about how NFTs can be decentralized if the platform can “freeze” them. However, others rightly noted that the freeze concerns only OpenSea, and stolen NFTs could be sold on another site.
#3 Hackers stole the personal data of more than 500,000 people from the Red Cross
Hackers carried out a cyberattack on the computer servers of the International Committee of the Red Cross (ICRC), as a result of which personal data and confidential information of more than 515,000 people were compromised.
Information was stolen, including about those who were separated from their families due to conflicts, migration, and natural disasters.
“Personal data and confidential information about more than 515,000 extremely vulnerable people have been compromised, including those separated from their families due to conflicts, migration and natural disasters, missing persons and their families, and people in detention,” the Red Cross reported.
It is noted that information about the cyberattack came from at least 60 national Red Cross and Red Crescent societies worldwide. According to ICRC Director General Robert Mardini, the committee is shocked and puzzled that this humanitarian information could be targeted and put in danger.
#4 More than 100 million Android users have been infected with a dangerous virus
The dangerous Dark Herring virus has infected more than 105 million Android devices.
According to Imperium, the attackers placed about 470 virus-infected applications in the official Google Play Store. After installation, these applications requested a phone from smartphone users and, without notifying them, issued a monthly subscription through an operator.
To date, the amount of damage is estimated at hundreds of millions of dollars, each victim has lost about $15.
Experts noted that the criminals hoped that users would not pay attention to the loss of this amount, and their malware would remain unnoticed.
The list of the best smartphones to use for real protection is here.
#5 Users can read deleted WhatsApp messages on Android
Bad news for Android device users: a simple trick allows anyone to read deleted messages in WhatsApp.
The WAMR application allows users to read deleted messages, gaining popularity with great speed.
WAMR is distributed for free but contains several paid features. After installation, the application begins to monitor notifications coming from the messenger. For example, if it notices that the interlocutor has deleted his message, it will immediately offer to view the contents.
It is no longer possible to hastily delete sent messages in the hope that the recipient will not have time to read them. Instead, WAMR allows you to view deleted messages: text, pictures, videos, documents, stickers, audio recordings, etc.
Besides WhatsApp, WAMR also works with Facebook Messenger. However, it is uncertain whether the application can work with more secure messengers, for example, Telegram or Signal.
What’s wrong with WhatsApp? Read more here.
#6 An Israeli firm has created an analogue of Pegasus to hack the iPhone
Reuters reported that there is another Israeli company, QuaDream, which hacks the iPhone. It used software similar to Pegasus from NSOGroup.
People familiar with the situation note that last year, both firms used the same ForcedEntry vulnerability in iMessage, allowing them to control the victim’s smartphone using a PDF file with malicious code disguised as a GIF.
NSO and QuaDream exploits are similar in that they used the same vulnerabilities in iMessage. Moreover, the working methods were so similar that both companies could not hack iPhones further when Apple closed the vulnerability.
A representative of the NSO stated that the organization did not cooperate with QuaDream. A QuaDream representative declined to comment.
#7 Telegram blocked 64 groups after negotiations with the German government
Under pressure from the German authorities, the management of Telegram blocked 64 channels that contained calls for violence and anti-Semitic statements.
According to reports earlier, the Federal Criminal Police department sent Telegram relevant requests for these groups.
Among the channels that are no longer open in Germany, there was a telegram channel of one of the leaders of the Covid dissident movement and the German nationalist Attila Hildman.
The blocking of the channels was preceded by two meetings of the Telegram management with representatives of the federal government. Pavel Durov, the creator of the messenger, was also present at one of them, and the negotiators agreed to keep in close touch with authorities.
Earlier, German Interior Minister Nancy Fraser stated that the authorities do not exclude the possibility of blocking the messenger. According to law enforcement agencies, it is increasingly becoming a “means of radicalization.”
Is Telegram the most secure messenger? Read the comparison with others.