Weekly Cybersecurity News

This week has brought important news in cybersecurity! TikTok user accounts of high-profile celebrities and brands have been targeted in a malware campaign. Continue reading to find out more.

Trojans disguised as Google Play updates are the next big threats to your data:

The Antidot trojan, a new cyber threat, is impacting Android users by disguising itself as a Google Play update. This malware steals sensitive information such as login credentials, contacts, and SMS messages. It primarily affects regions where French, Russian, and Romanian are spoken. Users are advised to run antivirus scans to detect Antidot and be cautious with updates

Source: Android Police

Over 2.5 billion free Android VPN users at risk of data leaks:

A recent study by Top10VPN reveals that nearly 90% of free Android VPN apps leak user data, and 71% share sensitive information with third parties. The research, led by Simon Migliano, analyzed the top 100 free VPNs, highlighting poor encryption, data leaks, and invasive permissions. Common issues include outdated encryption protocols and excessive ad tracking. Users are advised to opt for freemium VPNs or utilize free trials from reputable providers to ensure better privacy and security.

Source: TechRadar

TikTok warns of exploit aimed at 'high-profile accounts':

TikTok is dealing with a malware campaign targeting high-profile accounts via direct messages. This malware allows account takeovers without requiring users to click links or download files. TikTok is working with affected users, including CNN, Paris Hilton, and a Sony brand, to restore access. The company is taking steps to stop the attack and prevent future incidents. Previous malware campaigns on TikTok involved information-stealing malware.

Source: The Record

361 million stolen accounts leaked on Telegram added to HIBP:

A trove of 361 million email addresses, collected from Telegram channels, has been added to the Have I Been Pwned (HIBP) database. The data includes usernames, passwords, and associated URLs, with 151 million new entries for HIBP. Researchers confirmed the legitimacy of many email addresses using password reset forms but did not access accounts. The leak affects numerous websites and highlights the widespread impact of information-stealing malware. Users are advised to reset their passwords and follow good cybersecurity practices to mitigate risks.

Source: BleepingComputer

Phones of journalists and activists in Europe targeted with Pegasus:

A new investigation by Access Now, Citizen Lab, and independent researcher Nikolai Kvantaliani revealed that at least seven journalists and activists in Europe were targeted with NSO Group's Pegasus spyware between August 2020 and June 2023. The victims, many of whom are exiles from authoritarian regimes, include journalists from Russia, Belarus, Latvia, and Israel. The investigation highlights ongoing threats despite policy pledges to curb spyware. The report urges governments to halt the export and use of such surveillance tools until robust human rights protections are in place. Victims include prominent figures like Andrei Sannikov and Natallia Radzina, who expressed concerns over privacy violations and potential cooperation between various national security agencies. Despite EU efforts to regulate spyware, activists criticize the lack of stringent actions and oversight, calling for more decisive measures to protect civil society.

Source: Cyberscoop

Six VPN Apps Introduced Botnet Malware on Systems Since 2014:

Six VPN apps, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN, have been discovered to infect users' systems with malware since 2014, forming the 911 S5 botnet. This botnet, dismantled by the U.S. Department of Justice, compromised over 19 million IP addresses globally, facilitating various criminal activities such as financial fraud and identity theft, resulting in nearly $99 million in illicit profits.

Source: Restore Privacy

Apple promises fewer years of iPhone security updates than Samsung and Google on paper, but reality is a different story:

In a recent regulatory filing, Apple committed to providing a minimum of five years of security updates for its latest iPhone 15 models, starting from their release in September 2023. While this commitment appears to be two years shorter than what Samsung and Google offer for their flagship devices, iPhones have historically received security updates for longer periods. Apple's track record suggests that iPhones often continue to receive updates well beyond the minimum guarantee, with some models receiving updates six or more years after their initial release. Therefore, while Apple's commitment may seem shorter on paper, iPhone users can expect continued security support for their devices over an extended period.

Source: 9To5Mac

Google Maps Timeline Data to be Stored Locally on Your Device for Privacy:

Google has announced changes to its Maps Timeline feature, stating that starting December 1, 2024, Timeline data will be stored locally on users' devices instead of their Google accounts. This adjustment aims to enhance privacy by keeping users' location history on their devices. While this change means the removal of the ability to view Timeline data on the web, Google assures users that backups can be enabled to save an encrypted copy of the data on its servers for seamless device switching. These modifications follow previous controversies regarding Google's tracking practices and legal settlements.

Source: The Hacker News