Malicious MasquerAds Lurks Under Top Google Search Results

A new malvertising effort targets individuals searching for popular software by misusing Google Ads. The operation makes use of typosquatted domain names, which appeared at the top of Google search results as malicious adverts. Such attacks aim to damage consumers by luring them into installing malicious software or potentially hazardous apps.

A substantial amount of the activity is being attributed to a recent campaign known as “MasquerAds,” which Guardio Labs has identified as the work of a threat actor known as Vermux. The competition “misuses a wide range of trademarks and continues to expand.”

The Vermux operation has focused on users in Canada and the United States. This is in order to spread bitcoin miners and the information-stealing Vidar malware by using masquerade websites that imitate AnyDesk and MSI Afterburner. It’s getting increasingly usual to trick users into installing harmful Android and Windows apps by posing as legitimate software and using typosquatted URLs.

This is not the first time Google Ads has been used to deliver malware. Microsoft uses the advertising service to distribute BATLOADER, which subsequently releases the Royal ransomware. Microsoft revealed this assault last month.

Malicious actors also used malvertising strategies to spread the IcedID infection via cloned websites of major apps such as TeamViewer, Adobe, Brave, Discord, LibreOffice, and Mozilla Thunderbird.

These findings correspond with the FBI’s warning that “cybercriminals are leveraging search engine advertisement services to mimic companies and lead users to hazardous sites that carry malware and steal login crede

Read: https://thehackernews.com/2022/12/new-malvertising-campaign-via-google.html

Latest in the Twitter Files: Leak Details the Concerning Role Twitter Played in the FBI and
Pentagon’s Efforts

On Christmas Eve, Twitter’s new owner, Elon Musk, came out with a shocking claim during an
interview on the “All In” podcast. “To be totally frank, almost every conspiracy theory that people
had about Twitter turned out to be true,” he said. The Tesla CEO discussed the “Twitter files”
during the program, the former having been released earlier this month via independent
journalists Matt Taibbi and Bari Weiss. When asked which part of the Twitter files had shocked
him the most during the interview, Musk answered that the “FBI stuff is pretty intense.”

Musk’s answer referred to a variety of things. The Twitter files have revealed how the FBI
worked to influence the 2020 general elections by discrediting the Biden laptop report and
preventing it from spreading on social media. The FBI also pressured Twitter to take action
against certain accounts because they were being “influenced” by foreign actors and spreading
disinformation. Yet most shocking of all was the reveal that Twitter had long been collaborating
with the Pentagon, despite saying it was making “concerted efforts to detect and thwart
government-backed platform manipulation.”

According to a ground-breaking report by journalist Lee Fang on December 21st, Twitter had
long been aiding the Pentagon’s efforts towards covert psychological operations to influence
public opinion in the Middle East, Iran, and Saudi Arabia. According to further Twitter files
published by Taibbi this Christmas, the FBI allegedly acted “as doorman to a vast program of
social media surveillance and censorship, encompassing agencies across the federal
government—from the State Department to the Pentagon to the CIA.” Following the release of
these files, the FBI claimed in a statement that all of its correspondence with Twitter simply
highlighted “our traditional, longstanding, and ongoing federal government and private sector
engagements.”

Read: https://www.theepochtimes.com/elon-musk-says-almost-every-conspiracy-theory-that-people-ha
d-about-twitter-turned-out-to-be-true_4945425.html


The UK is Trying to Scrap the GDPR, But How Good is its Replacement, Really?

Four years after it enacted the EU’s General Data Protection Regulation (GDPR) in 2018, the UK is now trying to replace it with a new bill. The proposed bill, officially known as the Data Protection and Digital Information Bill (or, unofficially, the “Data Reform Bill,” or DRB), aims to introduce a variety of changes that it claims will save British businesses nearly £1 bn over the next decade. Among other things, the DRB proposes to bring changes to GDPR limitations in the scope of personal data and to ease restrictions on data sharing for legitimate interests in science and the public sector. It also seeks to replace GDPR-appointed data protection officers (DPOs) with suitable senior responsible individuals (SRIs) for the responsibility of analyzing data protection risks within their respective organizations.

Several data protection experts, however, have complained that the DRB does not necessarily remove as much bureaucratic red tape as it claims to. For instance, Jonathan Armstrong, partner at the compliance firm Cordery told InfoSecurity magazine: “A UK organization with links to any EU economy will now have to comply to two data protection regimes instead of one.” He further noted that “an SRI could just be a DPO-by-another-name.”

Armstrong complained that the DRB actually reintroduced some red tape procedures that the GDPR removed, such as the requirement for a business to register with the Information Commissioner’s Office (ICO). Critics like Armstrong have dismissed the DRB as a “political stance,” a way to prove that Brexit has, in fact, had a positive effect on the British economy. Although the bill tries to write off GDPR recommendations as unnecessarily restrictive, the UK needs to be reminded that several of these data protection regulations were inspired by its own early legislation in the area.

Read: https://www.infosecurity-magazine.com/news-features/data-reform-bill-experts-criticize


Twitter ‘ leak’ reveals personal email addresses of 400M prominent individuals

Israeli cyber intelligence firm Hudson Rock appears to have stumbled onto a posting that purports to contain the personal email addresses of three dozen notable persons. These include New York Democrat Alexandria Ocasio-Cortez, Ethereum cryptocurrency pioneer Vitalik Buterin, and cybersecurity reporter Brian Krebs.

This article links to a database containing 1,000 records, some of which are from government agencies and have legitimate email addresses. The poster, Ryushi, claims that the records were exposed “via a vulnerability” and did not reply to a request for clarification in Telegram.

If true, the data leak would be another setback for Twitter and its embattled CEO, who has stated his intention to step down while retaining the company’s owner. Twitter entered a consent settlement with the US Federal Trade Commission months ago, committing to a 20-year privacy and information security policy. A federal investigation into Twitter’s use of phone numbers and email addresses for advertising ended with a settlement after they were collected for multifactor authentication.

Twitter paid civil fines totaling $150 million. Bloomberg reports that the government is increasing its inquiry into Twitter’s compliance with the order due to the departure of senior legal, privacy, and compliance employees (see: Twitter Ramps Up Regulatory Exposure After Loss of CISO).

The Irish Data Protection Commission launched an investigation after the contact information of 5.4 million Twitter users was disclosed on Ryushi’s favorite site in August.

According to the Irish data protection agency, Twitter violated Europe’s privacy law, the General Data Protection Regulation. Following the publication of a data collection containing information on more than 500 million social network users online last year, the Irish agency penalized Facebook 265 million euros under the GDPR in November.

Read: https://www.bankinfosecurity.com/hacker-claims-to-have-scrapped-400m-twitter-user-records-a20801


The twitter files revealed a deep state-big tech censorship collusion 

The Twitter Files revealed a Deep State-Big Tech collusion to censor harmful ideas and people. Twitter was not the only platform that attempted to silence critics. During the COVID-19 pandemic, Facebook suppressed and countered anti-Anthony Fauci content.

Aaron Berman, Facebook’s misinformation policy chief, discussed the company’s COVID-19 fact-checking at a conference in August 2021. Facebook would remove misinformation flagged by progressive fact-checkers, limit its reach in users’ feeds algorithmically, and add warning labels with links to “authoritative information.”

Berman claimed that Facebook used “predictive” AI tools to target potentially viral content. Like many Twitter content moderators, Berman had worked for the CIA for 17 years. Many Facebook trust and safety employees have previously worked for the CIA, FBI, and DHS.

Google-owned YouTube has repeatedly censored and suspended users for posting COVID-related videos, including Republican Senators Ron Johnson and Rand Paul. According to the group’s lawsuit, YouTube demonetized conservative publishers like Prager U’s videos on the Ten Commandments and Karl Marx. 

“Contradicts well-established scientific consensus around the existence and causes of climate change” was banned from Facebook ads in October 2020. The Republican National Committee is suing Google for spamming millions of its emails. Google’s trust and safety team includes ex-CIA analyst Jacqueline Lopour. LinkedIn says Lopour manages misinformation and hate speech “intel operations.”

The Capitol breach on January 6 justified 2020 election content censorship. The books “BLM: The Making of a New Marxist Revolution,” “Irreversible Damage: The Transgender Craze Seducing Our Daughters,” and “When Harry Became Sally: Responding to the Transgender Moment” were banned from Amazon’s bookstore.

House Democrats have asked cable, satellite, and streaming providers to drop conservative networks such as Fox News, Newsmax, and OANN due to alleged misinformation about the 2020 election and pandemic. This calls into question the pandemic’s censorship regime during the 2020 election and possibly the midterms.

Read: https://nypost.com/2022/12/25/revelations-about-twitter-intel-ties-raise-questions-about-big-tech-other-sites/

Elsewhere online:

Check out these tips for making Mastodon a lot more useful
Read: https://www.techdirt.com/2022/12/29/some-tricks-to-making-mastodon-way-more-useful/

BlueNoroff, a Lazarus subgroup, adopts a new malware delivery method
Read: https://cyware.com/news/lazaruss-subgroup-bluenoroff-adopts-new-malware-delivery-method-b 221c53a/

How TikTok Is The Latest Funder of White House Propaganda
Read: https://www.nytimes.com/2022/12/20/magazine/tiktok-us-china-diplomacy.html

Intrado, a telecommunications company, has been attacked by the Royal Ransomware gang
Read: https://www.bleepingcomputer.com/news/security/royal-ransomware-claims-attack-on-intrado-tel ecom-provider/

A massive cyberattack hits cryptocurrency exchange BTC.com
Read: https://heimdalsecurity.com/blog/cryptocurrency-exchange-btc-com-suffers-massive-cyber-attack/

Previously on #AxisOfEasy