Security News

Money mules, individuals whose bank accounts are used by fraudsters to transfer money, are becoming an increasingly prominent aspect of cybercriminals' economic business models too. In the US particularly, fraudsters are targeting unwitting consumers to become money mules.

An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get past security defenses and execute its malicious components.

The notorious information-stealer known as Vidar is continuing to leverage popular social media services such as TikTok, Telegram, Steam, and Mastodon as an intermediate command-and-control server. What's new in the latest version of the malware is that the gathered data is encoded prior to exfiltration, a change from the previous variants that have been known to send the compressed file data in plaintext format.

Eight braggadocious social media influencers fond of posing next to sportscars are facing charges from the US Securities and Exchange Commission and Department of Justice, who claim they manipulated their 1.5 million followers in order to help themselves to $100 million in "Fraudulent profits." The suspects, all men in their twenties and thirties, were charged with conspiracy to commit securities fraud in connection with a long-running, social media-based "Pump and dump" scheme, a recently unsealed Texas federal grand jury indictment [PDF] and an SEC complaint [PDF] revealed.

In its latest quarterly threat report, Meta said it had detected and disrupted influence operations originating in the US, and it calls out those it believes are responsible: the American military. Meta said it picked up on three major covert influence operations on its platforms in the third quarter of the year, the first of which originated in the United States.

At which point the crooks immediately try to use the combination of username + password + one-time code they just got hold of, in the hope of logging in quickly enough to get into your account before you realise there's anything phishy going on. As a result, social media users are understandably concerned about protecting their accounts in general, whether they're specifically concerned about Twitter or not: Lure you to a real page with a facebook.com URL. The account is fake, set up entirely for this particular scam campaign, but the link that shows up in the email you receive does indeed lead to facebook.com, making it less likely to attract suspicion, either from you or from your spam filter.

Asia In Brief India's government has given itself the power to compel social networks to take down content. India's minister of state for electronics and information technology, Rajeev Chandrasekhar, said the GACs are needed because India's previous attempt at regulating social media - requiring the networks to appoint a grievance officer - has not delivered.

Given how reliant employees are on their own "Brand" and contacts to thrive in today's economy, the drive to use social media at home and work isn't likely to diminish, leading to potential compromises for the organization from their employees' online activities. As we constantly adapt and improve our technology and techniques for countering and responding to attacks, attackers are doing the same from the other side of the fence.

"This system includes a web-based dashboard known as SANA that enables a user to formulate and deploy trending social media events en masse. The system creates these events that it refers to as Инфоповоды, 'newsbreaks,' utilizing the botnet as a geographically distributed transport." The existence of Fronton, an IoT botnet, became public knowledge following revelations from BBC Russia and ZDNet in March 2020 after a Russian hacker group known as Digital Revolution published documents that it claimed were obtained after breaking into a subcontractor to the FSB, the Federal Security Service of the Russian Federation.

The time has come to remove Chinese voices from global social media, according to Samir Saran, president of Delhi-based think tank Observer Research Foundation, a commissioner of The Global Commission on the Stability of Cyberspace, and a member of Microsoft's Digital Peace Now Initiative. Speaking at the Black Hat Asia conference, Saran said China's Communist Party sees tech as a means of exerting control and uses social media to deliberately interfere in the affairs of other nations.