IC3 Warning: Cybercriminals Exploiting QR Codes to Steal Funds

The FBI is raising awareness about malicious QR codes that cybercriminals manipulate to redirect victims to sites stealing login and financial information. QR codes, commonly scanned by smartphone cameras, offer quick access to websites, app downloads, and payment transfers. While businesses use QR codes legitimately for contactless access, cybercriminals exploit them to steal data, infect devices with malware, and divert payments for their own gain.

Cybercriminals tamper with QR codes, both digital and physical, replacing genuine ones with malicious codes. Scanning these tampered codes leads unsuspecting victims to malicious sites that trick them into entering sensitive login and financial information. This enables cybercriminals to potentially steal funds from victim accounts. Malicious QR codes may also contain embedded malware, granting criminals access to victims’ mobile devices and compromising personal, financial, and location information. With the stolen financial data, cybercriminals can execute unauthorized withdrawals from victim accounts.

When scanning QR codes, ensure the URL is authentic, be cautious with entering sensitive information, check for tampering, avoid downloading apps from QR codes, verify payment requests, be wary of QR code scanner apps, authenticate codes from known sources, and manually enter trusted URLs for payments.

For vendors this underscores the need to maintain vigilance around hostile “lookalike” and “typo” domain names attempting to phish their users – one of the many portfolio security services our Domainsure platform provides for high profile web site and corporate identities.

Read: https://www.ic3.gov/Media/Y2022/PSA220118

French Assembly passes Bill to criminalize vaccine skepticism

The French Assembly voted to approve “The Bill To Strengthen The Fight Against Sectarian Excesses And Improve The Support Of Victims.,” known behind the scenes as “The Pfizer Bill.”
It purports to combat “misinformation” and seeks up to one year in prison and up to 15,000 Euro fine for

“Provocation to abandon or abstain from therapeutic or prophylactic medical treatment.”

Article 4 is “indecipherable even in the original French” and drafted in “the widest possible language,” it would presumably capture any talk questioning whether a future, hastily deployed, experimental (and compulsory) vaccine was “safe and effective”, let alone drawing any attention to a remarking on any strange new epidemic of “sudden and unexpected.”

From the article:

“Make no mistake, Article 4 is a template for other governments looking for a legal means of controlling public discourse when it comes to health and medical treatments. Arthur Delaporte, the Socialist Deputy of the National Assembly, celebrated its passage by declaring, “With this article, we are defending science.“”

The Bill now proceeds to the French Senate, where it is expected to pass.

Read: https://www.justthefacts.media/p/criminalizing-free-speech-the-pfizer

Bitcoin Self-Custody Made Easy: Watch a 10-Year-Old Set Up a Coldcard Mk4

A 10-year-old named Sabrina (ok, she’s the daughter of CBP’s “Len the Lengend”),  demonstrates the step-by-step process of setting up a Coldcard Mk4, a cryptocurrency cold wallet. She begins by unboxing the Coldcard and explains the three required items: the Coldcard, an SD card, and a device to connect the SD card to a computer. Sabrina proceeds to power on the Coldcard, accepts the terms, and creates a secure PIN.
Sabrina emphasizes the importance of writing down the device PIN and anti-phishing code words. Sabrina generated a new wallet, carefully wrote down the 24 secret words, and verified their accuracy. She configured additional security settings, such as disabling NFC and USB ports.

Sabrina formatted the SD card, prepared it for use with Sparrow software, and connected it to her computer. She imported the wallet into Sparrow, set up a password, and demonstrated how to retrieve the receive address for Bitcoin transactions.

If a ten-year-old (albeit a super-precocious one) can do it, so can you.

Read: https://canadianbitcoiners.com/bitcoin-self-custody-made-easy-watch-a-10-year-old-set-up-a-coldcard-mk4/

YouTube Faces Backlash as Massive YouTuber Louis Rossmann Defends Free Speech

“Right-to-repair” advocate Louis Rossmann is engaged in a battle with YouTube as they removed his videos featuring his app, Grayjay, which enables direct creator subscriptions instead of relying on platforms. This move by YouTube reflects their disapproval of creators who challenge their monopoly. YouTube’s API client terms, filled with technical jargon, grant them control over how videos are accessed from their platform and users’ devices, stifling competition and behaving as bullies against those who prioritize creators over the platform itself.

Louis Rossmann accuses YouTube of intimidating not only him but the entire industry. YouTube’s actions aim to discourage creators from asserting their independence and control over their content. In response, creators are seeking alternative ways to monetize their content, such as selling merchandise, utilizing subscription services, and forming partnerships, diversifying their income streams and reducing reliance on YouTube’s platform.

The situation with YouTube has prompted content creators to pursue autonomy and financial stability. They are actively exploring avenues beyond traditional YouTube revenue streams, aiming to assert control over their content and minimize vulnerability to YouTube’s policies. By embracing innovative monetization approaches, creators strive to build sustainable and independent careers in an ever-evolving industry.

The ”Right-to-Repair”movement, of which Rossman is a leading advocate seeks to “favor repair instead of replacement, and make such repairs more affordable leading to a more sustainable economy and reduction in electronic waste.”

Read: https://axisofeasy.com/aoe/youtube-threatens-massive-youtuber-louis-rossmann-it-backfires-immediately/

The European Court of Human Rights Rules Backdoored Encryption Violates the European Convention on Human Rights

The European Court of Human Rights (ECHR) has ruled that laws requiring crippled encryption and extensive data retention violate the European Convention on Human Rights – a decision that may derail European data surveillance legislation known as Chat Control.

The court issued a decision on Tuesday stating that “the contested legislation providing for the retention of all internet communications of all users, the security services’ direct access to the data stored without adequate safeguards against abuse and the requirement to decrypt encrypted communications, as applied to end-to-end encrypted communications, cannot be regarded as necessary in a democratic society.”

The “contested legislation” mentioned above refers to a legal challenge that started in 2017 after a demand from Russia’s Federal Security Service (FSB) that messaging service Telegram provide technical information to assist the decryption of a user’s communication. The plaintiff, Anton Valeryevich Podchasov, challenged the order in Russia but his claim was dismissed.

In 2019, Podchasov brought the matter to the ECHR. Russia joined the Council of Europe – an international human rights organization – in 1996 and was a member until it withdrew in March 2022 following its illegal invasion of Ukraine. Because the 2019 case predates Russia’s withdrawal, the ECHR continued to consider the matter.

The court concluded that the Russian law requiring Telegram “to decrypt end-to-end encrypted communications risks amounting to a requirement that providers of such services weaken the encryption mechanism for all users.” As such, the court considers that requirement disproportionate to legitimate law enforcement goals.

While the ECHR decision is unlikely to have any effect within Russia, it matters to countries in Europe that are contemplating similar decryption laws – such as Chat Control and the UK government’s Online Safety Act.

Read: https://www.theregister.com/2024/02/15/echr_backdoor_encryption/

ATHENE Researchers Discover Fundamental Design Flaws in DNSSEC

Researchers from the National Research Center for Applied Cybersecurity ATHENE have uncovered a critical flaw in the design of DNSSEC (DNS Security Extensions) that introduces a vulnerability in all DNSSEC validating DNS resolver implementations.

The team – Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner – developed a new class of algorithmic complexity attacks, which they dubbed KeyTrap. They demonstrated that, with only a single DNS packet, the attack can exhaust the CPU and stall all widely used DNS implementations and public DNS providers, such as Google Public DNS and Cloudflare. In fact, the popular Bind9 DNS implementation can be stalled for as long as 16 hours.

These devastating effects prompted major DNS vendors to refer to KeyTrap as “The worst attack on DNS ever discovered.” And the impact of the attack is far reaching. Exploiting KeyTrap, attackers can effectively disable Internet access in any system utilizing a DNSSEC-validating DNS resolver.

DNS is a critical infrastructure for the Internet, underlying a wide range of existing applications and facilitating new and emerging technologies. But this central role has made it a common target of attacks.

To counter such attacks, the IETF standardized DNSSEC, which is aimed at increasing security by requiring that domains should be digitally signed, and the DNS resolvers should use the digital signatures to validate the authenticity of the DNS records in responses.

Although the first specification for DNSSEC was standardized in 1997, its deployment has progressed slowly. 25 years after the initial standard, APNIC measurements indicate that just 31% of the web clients worldwide use DNSSEC-validating DNS resolvers.

In case you were wondering if you should be worried about your domains with easyDNS: no, because this article is about DNS resolvers – which we do not operate. Our nameservers are for authoritative DNS (resolvers ask all the questions, authoritative nameservers answer them.)

Read: https://labs.ripe.net/author/haya-shulman/keytrap-algorithmic-complexity-attacks-exploit-fundamental-design-flaw-in-dnssec/

Former CRTC commissioner: existing Canadian law covers AI

According to former CRTC commissioner Peter Menzies from the Line, we don’t need additional government legislation to address deep fakes let alone another intrusive surveillance bill to protect us from it.

Earlier this month, multiple Grammy Award-winning singer, Taylor Swift, was the latest and most high-profile victim of AI generated pornographic deep-fakes. Swift’s face was digitally grafted onto the body of someone engaged in sexual acts/poses in a way that was convincing enough to fool people into believing the images represented Swift herself. Before the images were contained, the deep-fakes had been viewed 47 million times, according to the BBC.

For context, a 2019 study by Deeptrace Labs identified almost 15,000 deep-fakes on streaming and porn sites — twice as many as the previous year — and concluded that 96 per cent of these were recreations of celebrity women.

In response to the Swift images, the platform formerly known as Twitter — X — temporarily blocked searches for “Taylor Swift” as it battled to eliminate the offending depictions which still found ways to show up elsewhere.

X said it was “actively removing” the deep-fakes while taking “appropriate actions” against those spreading them. Meanwhile, Meta said it has “strict policies that prohibit this kind of behavior” adding that it also takes “several steps to combat the spread of AI deep fakes.”

While the Canadian government pounced on the opportunity to bolster its case for pushing through the highly flawed “Online Harms Bill,” Menzies points out that existing legislation, namely Section 162 of the Criminal Code, “already bans the distribution or transmission of intimate images without permission of the person or people involved.”

Read: https://macdonaldlaurier.ca/save-taylor-swift-stop-deep-fake-porn/

Elsewhere Online: 

Privacy Nightmare: Wyze Camera Glitch Allows Strangers to Peek into Homes
Read: https://www.zdnet.com/home-and-office/smart-home/wyze-camera-breach-let-13000-strangers-view-other-peoples-homes/

Leader of Zeus IcedID Malware Gang Admits Guilt, Awaits 40-Year Sentence
Read: https://www.bleepingcomputer.com/news/security/zeus-icedid-malware-gangs-leader-pleads-guilty-faces-40-years-in-prison/

Cybersecurity Alert: Insider Breach Exposes 80,000 Email Records
Read: https://www.infosecurity-magazine.com/news/insider-steals-80000-emails/

Wave of Cyber Attacks: Ukrainian Media Hit by Russian Hackers Peddling Fake War Stories
Read: https://therecord.media/ukrainian-news-outlets-attacked-by-russian-hackers

Previously on #AxisOfEasy