Subscribe

#AxisOfEasy 230: False QR Codes Can Steal Your Money And Passwords

by on January 25, 2022

Weekly Axis Of Easy #230


Last Week’s Quote was “Never do anything against conscience even if the state demands it.” by Albert Einstein.  There were two correct guesses but Mike got it first!

This Week’s Quote:  “Get your facts first, then you can distort them as you please.”…by???

THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.



Attention!  We are now hiring in two roles, one in Dev and the other in support. 
Check out the job descriptions here: 

https://easydns.com/blog/2022/01/10/were-hiring-a-ux-dev/

https://easydns.com/blog/2022/01/17/were-hiring-a-support-representative/


In this issue:

  • False QR codes can steal your money and passwords
  • FIN8 Group targets U.S Bank with New White Rabbit Ransomware
  • Israel authorities deny illicit police use of NSO Spyware on protesters
  • Hackers impersonate the US Department of Labor in recent phishing attacks
  • Cyberattacks targeting Ukrainian infrastructure are part of a broader plot


Elsewhere online:
 

  • Facebook loses its bid to dismiss antitrust claims
  • Walmart files a trademark to provide cryptocurrency 
  • Apple warns that antitrust bills would increase risk
  • Microsoft launches a new ‘inclusiveness’ checker
  • Russia’s hackers use malicious traffic directions

 

False QR codes can steal your money and passwords

According to a recent FBI alert, hackers are now taking advantage of the QR code’s high familiarity and tampering with the pixelated barcodes to redirect victims to sites that steal login credentials and financial information.

The announcement doesn’t cite recent QR scams but tells users how malicious QR codes are helpful to scammers as the barcode images bypass email filters that use URL scanners to block malicious links.

The FBI alerted that “cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use.

Although QR codes are not malicious, the FBI warns that it is crucial to practice caution when providing financial information or submitting a payment through a site accessed via a QR code. In their announcement, the FBI also stated that law enforcement couldn’t guarantee the return of funds after transfers had been made.

Read: https://www.zdnet.com/article/fbi-warning-crooks-are-using-fake-qr-codes-to-steal-your-passwords-and-money/


FIN8 Group targets U.S Bank with New White Rabbit Ransomware

A new ransomware family named ‘White Rabbit’ has been spotted by researchers, believed to be linked to the financially-motivated FIN8 group. The never-before-seen ransomware strain was recently deployed against a local bank in the U.S in December 2021.

As Trend Micro reports, this new ransomware is similar to the older Egregor ransomware family when hiding its tracks and remaining undetected. The researchers noted that one of the most notable aspects of White Rabbit’s attack is how its payload binary requires a specific command-line password to decrypt its internal configuration and proceed with its ransomware routine.

Experts stated that they could find evidence of a link between FIN8 and White Rabbit in samples dating back to August 2021, as the malware uses a previously unknown version of the Badhatch backdoor associated with FIN8.

Since FIN8 is known for its infiltration and surveillance tools, Trend Micro suggests the connection could indicate that the group is expanding its arsenal to include ransomware.

Read: https://thehackernews.com/2022/01/fin8-hackers-spotted-using-new-white.html


Israel authorities deny illicit police use of NSO Spyware on protesters

Several Israeli authorities have dismissed the claims that police illicitly used controversial spyware developed by NSO Group to monitor critics of Benjamin Netanyahu and other citizens.

On Tuesday, a business newspaper named Calcalist published allegations that police used NSO’s spyware Pegasus to hack into the phones of the leaders of the protests against then-Prime Minister Netanyahu. The newspaper also reported that authorities allegedly hacked the phones of other citizens while trying to shore up investigations into crimes.

On Wednesday, Omer Bar-Lev, the minister responsible for Israeli police security, said on Army Radio that there may have been instances in which people used the software without authorization, but no evidence has been found.

Tehilla Shwartz, a digital expert from the Israel Democracy Institute, Altshuler, suggests that the claims over the use of NSO technology have brought to light that governments —even democratic ones— have expanded the use of spyware beyond its declared purposes, stopping crime and terrorism.

Read: https://www.bloombergquint.com/onweb/israel-pushes-back-on-alleged-illicit-police-use-of-nso-spyware


Hackers impersonate the US Department of Labor in recent phishing attacks

In the latter half of 2021, email security provider Inky detected a malicious campaign that imitated the US Department of Labor as a way to steal the account credentials of unsuspecting victims.

On Wednesday, Inky’s blog reported that most of the emails seemed to come from no-reply@dol.gov, the actual domain for the Department of Labor. The malicious emails claimed a senior employee to trick users by inviting them to submit bids for alleged government projects. The victim would receive an attached PDF with a button that, when clicked, would take them to a form asking for their credentials to submit a bid using a Microsoft account or other business account.

Phishing attacks like these tend to be very effective as the emails in question seemed to be from reliable sources.

Read: https://www.techrepublic.com/article/phishing-attack-spoofs-us-department-of-labor-to-steal-account-credentials/#ftag=RSS56d97e7?&web_view=true 



Cyberattacks targeting Ukrainian infrastructure are part of a broader plot

As part of a more significant wave of malicious activities aimed at sabotaging critical infrastructure, Ukraine has been targeted by coordinated cyberattacks and a data-wiping malware called WhisperGate.

On Monday, the Secret Service of Ukraine confirmed the two incidents were linked and that some of the compromised systems had been accessed by exploiting the recently disclosed vulnerabilities in Log4j.

For its part, the Ukrainian Cyber Police is investigating a combination of three potential areas of intrusion that may have been used in the attacks – a supply chain attack on an IT company that manages websites for the Ukrainian government, exploitation of the October CMS flaw, and Log4j vulnerabilities.

Although neither the Cyber Police nor the SSU attributed the disruptive activities to any threat group or financially motivated actor, the Ministry of Digital Transformation of Ukraine accused Russia of waging a “hybrid war” against its neighboring country.

Read: https://thehackernews.com/2022/01/ukraine-recent-cyber-attacks-part-of.html?&web_view=true 


Elsewhere online:


Facebook loses its bid to dismiss antitrust claims 
https://www.reuters.com/legal/litigation/facebook-loses-bid-dismiss-users-data-privacy-antitrust-claims-2022-01-18/


Walmart files a trademark to provide cryptocurrency to shoppers 
https://www.cnbc.com/2022/01/16/walmart-is-quietly-preparing-to-enter-the-metaverse.html


Apple warns that antitrust bills would increase the risk of security breaches to iPhone users
https://www.cnbc.com/2022/01/18/apple-says-antitrust-bills-increase-risk-of-iphone-security-breaches.html


Microsoft launches a new ‘inclusiveness’ checker for Word
https://www.thesun.co.uk/tech/17306137/microsoft-inclusiveness-checker-office365-word/ 


Russia’s hackers broadly use malicious traffic directions to distribute malware 
https://thehackernews.com/2022/01/russian-hackers-heavily-using-malicious.html?&web_view=true

Previously on #AxisOfEasy

 

2 responses to “#AxisOfEasy 230: False QR Codes Can Steal Your Money And Passwords”

  1. Trixie says:

    Robert McNamara?

  2. Les Leslie says:

    Mark Twain/Samuel Langhorne Clemens

Leave a Reply

Your email address will not be published.

#AxisOfEasy is brought to you by....

easyDNS

Power & Freedom™ since 1998


Ledger Nano X - The secure hardware wallet easyDNS