Security News

The MoleRats advanced persistent threat has developed two new backdoors, both of which allow the attackers to execute arbitrary code and exfiltrate sensitive data, researchers said. The DropBook backdoor uses fake Facebook accounts or Simplenote for C2, and both SharpStage and DropBook abuse a Dropbox client to exfiltrate stolen data and for storing their espionage tools, according to the analysis, issued Wednesday.

Two new backdoors have been attributed to the Molerats advanced persistent threat group, which is believed to be associated with the Palestinian terrorist organization Hamas. In early 2020, security researchers at Cybereason's Nocturnus group published information on two new malware families used by the APT, namely Spark and Pierogi.

The US Federal Trade Commission and a coalition of 48 state attorneys general on Wednesday filed a pair of sweeping antitrust suits against Facebook, alleging that the company abused its power in the marketplace to neutralize competitors through its acquisitions of Instagram and WhatsApp and depriving users of better privacy-friendly alternatives. Specifically, the lawsuits seek to rescind the acquisitions of Instagram and WhatsApp, spinning off both platforms into independent companies, prohibit Facebook from imposing anti-competitive conditions on software developers, and require the company to seek prior notice and approval for future mergers and acquisitions.

In a nutshell, the vulnerability could have granted an attacker who is logged into the app to simultaneously initiate a call and send a specially crafted message to a target who is signed in to both the app as well as another Messenger client such as the web browser. "It would then trigger a scenario where, while the device is ringing, the caller would begin receiving audio either until the person being called answers or the call times out," Facebook's Security Engineering Manager Dan Gurfinkel said.

When you make a Messenger call, for example, the app on your device - which could be a mobile phone, a laptop or even something like a smart TV - asks the Messenger cloud to locate the recipient's device, and the apps at each end start negotiating to set up a call. Once the call is accepted by the recipient - typically after the app has played a ringtone, popped up a message or both, and the recipient has opted in to the call - then the apps start exchanging network packets of audio data.

Social media giant Facebook this week announced that it has paid out more than $11.7 million in bug bounties since 2011. To date, more than 50,000 researchers signed up for the company's bug bounty program, and approximately 1,500 of them, from 107 countries, have received a bug bounty reward, the company says.

Facebook has patched a significant flaw in the Android version of Facebook Messenger that could have allowed attackers to spy on users and potentially identify their surroundings without them knowing. Exploiting the bug would only take a few minutes; however, an attacker would already have to have permissions-i.e., be Facebook "Friends" with the user-to call the person on the other end.

Facebook this week addressed a vulnerability in Facebook Messenger for Android that could have allowed an attacker to connect to an audio call without user interaction. To reproduce the issue, both the attacker and the receiver need to be logged into Facebook Messenger on their devices.

Apple confirmed Thursday it would press ahead with mobile software changes that limit tracking for targeted advertising - a move that has prompted complaints from Facebook and others. The iPhone maker said it was moving ahead with updates to its mobile operating system to give users more information and control on tracking by apps on Apple devices.

Facebook fixed a critical flaw in the Facebook Messenger for Android messaging app that allowed callers to listen to other users' surroundings without permission before the person on the other end picked up the call. Facebook Messenger for Android has been installed on more than 1 billion Android devices according to the app's official Play Store page.