(Credit: Getty Images)
Another week, another massive DDoS attack originating from the Aisuru botnet, this time reaching nearly 30Tbps. If that name is familiar, it should be: We’ve covered its record-breaking attacks before, and they’re only getting more powerful. Between ever-growing DDoS attacks and increasingly common ransomware attacks, it’s a rough time to be a network security engineer (although it’s definitely good job security).
Meanwhile, most of us don’t have to deal with someone DDoS-ing our home networks. If anything, we must be cautious to secure our smart appliances to prevent them from being compromised and joining a botnet. And it’s a good thing, too. This week, we reported that four people in South Korea were arrested for hacking more than 120,000 Wi-Fi security cameras and selling the footage to adult sites. So yeah, lock down those smart appliances.
But for now, you’re probably doing your holiday shopping (check out all the great deals we've found and our gift guides for everyone), and we have tons of great tips for staying safe while you shop, as well as avoiding this year’s most common scams. This is the time of year the scammers ramp up their attacks.
Meanwhile, this week we reported that Google is taking steps to stop scam calls in progress on Android. It’s always good to see major players taking steps to protect users from bad actors. As for the rest of the news, it isn't so rosy.
Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights
A few weeks ago, a group of security executives and other professionals published an open letter to the public, titled “Stop Hacklore!” In the letter, "Hacklore" refers to catchy but ultimately inaccurate and unhelpful advice that has been circulating around the web for decades. Things like “clear your cookies” and “change your passwords regularly” sound like good advice, but ultimately, they are solutions to problems that don’t exist and just make life harder. One of those tidbits of hacklore is to “avoid public Wi-Fi,” and the signatories of the letter are right about this; exploits and risks associated with public Wi-Fi networks are indeed very rare.
However, sometimes we come across stories like this one, where Security Week reports that an Australian man was recently sentenced to over seven years in prison for stealing sensitive data from people traveling through airports and on flights, all using public, unsecured Wi-Fi networks. Security Week’s piece notes that the man used a Wi-Fi Pineapple (a tool used for network penetration testing, as well as hacking your own Wi-Fi password) to set up fake open networks for unsuspecting users to connect to. When they did, he would intercept their data and ask them for things like social media and other account passwords. And he would have gotten away with it, too, if not for a meddling flight attendant who noticed a strange open Wi-Fi network on their flight that shouldn’t exist.
So, at the end of the day, while I agree with the Stop Hacklore letter, an ounce of prevention is always worth more than a pound of cure. That means that using a good VPN on any unfamiliar network can’t hurt, and practicing good internet hygiene can keep you safe in any situation. It’s always good to trust the experts, but just remember, at the end of the day, the only one keeping your data safe is you.
Stealthy Browser Extensions Waited Years Before Infecting 4.3M Chrome, Edge Users With Backdoors and Spyware
You may have heard about how some browser extensions, especially those for Google Chrome and other Chromium-based browsers like Microsoft Edge, can become compromised, turning them into malware. We’ve covered it before and explained how to check and remove old ones before that happens. But what happens when the extensions are genuinely useful, but actually part of a long game by their owners to get your trust so they can turn on you later?
That’s what happened with this seven-year campaign by Chinese hackers to build useful tools, which, over time, were quietly updated with malware, backdoors, and spyware. According to The Register, the malicious extensions ended up on the systems of over 4.3 million Chrome and Edge users. At the time they published their story, five of those extensions were still available in the Microsoft Edge store. Some of the offending extensions were so useful that they even ended up as featured add-ons, boasting their features at the top of their respective app store. The developers exploited lax review and testing policies by Google, Microsoft, and other app store owners to initially publish useful tools, and then, with subsequent updates, gradually add malware over time. So take this as a sign: if you haven’t gone through and removed old browser extensions you no longer need, do it now.
Asahi Says 1.5 Million Customers’ Data Potentially Leaked in Cyber-Attack
Back in October, we reported on a massive ransomware attack that took out Asahi, Japan’s largest brewer. I even mentioned it in that week’s security news roundup. Although it’s been a while, ransomware doesn’t simply disappear with time, and Asahi has been working to restore operations throughout. And now, according to a report by the BBC, as the company begins to recover, it has released an incredibly detailed report detailing the timeline of the attack and a list of what data may have been compromised.
Unfortunately, that data includes over 1.5 million customer data records, including names, phone numbers, email addresses, and more. That number doesn’t include the over 100,000 records of current and retired employees, the over 168,000 records of employee family members, and the 107,000 people the company communicated with externally, such as to send congratulatory or condolence messages.
That’s a lot of people. While the data is indeed sensitive, including dull names, email addresses, physical addresses, and more, thankfully, payment information like credit card numbers isn’t included. On the bright side, the full report includes the steps that Asahi has taken to secure its network and harden it against future attacks, as well as the efforts the company made to restore its systems immediately after the attack. Honestly, any company could take a lesson in transparency from Asahi’s book.