Twitter admitted to a bug in one of its support forum APIs that allowed cyber thugs to discover a Twitter user’s account phone number country code and if the account had been locked. It’s possible, Twitter said, that this might be tied to state-sponsored attacks.
During our investigation, we noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.
Twitter detected the attack on Nov. 15 and resolved the issue a day later on Nov. 16.
Other cybersecurity news:
Hackers hid code in memes posted on Twitter to communicate with malware
Speaking of Twitter, Trend Micro researchers discovered that cyber thugs hid code in memes posted to Twitter to communicate with malware. Malware-infected PCs took instructions from an embedded command in the meme. For example, the “print” command was hidden inside the memes, which enabled “the malware to take screenshots of the infected machines. The screenshots are sent to a C&C server whose address is obtained through a hard-coded URL on pastebin.com.” The malware had support for retrieving a list of running processes, capturing clipboard content, and retrieving usernames and filenames from infected machines.
While the malware was not downloaded from Twitter, Trend Micro said the threat is notable due to the malware’s commands coming from benign-looking, yet malicious, memes posted on a legitimate service — which also happens to be a popular social networking platform. It couldn’t be taken down until the malicious Twitter account was disabled. Twitter disabled the account on Dec. 13.
Pay $4,000 in Bitcoin, or a hitman is coming for you
As if the fake bomb threat extortion emails, which morphed into a “pay up or acid will be thrown on you” extortion scheme weren’t bad enough, now there’s an hitman extortion email going around that demands victims pay $4,000 in Bitcoin to call off a hitman coming for the victims.
PewDiePie printer hackers strike again
PewDiePie printer hackers are at it again, causing printers to spew out a plea to subscribe to PewDiePie’s YouTube channel, as well as warning victims to up their printer security before it leads to physical damage or attackers capture sensitive documents as they are printed. The latest printer hack message, according to the hackers behind it, has been printed on more than 100,000 printers.
While some people think the hack is “cool,” security researcher Ankit Anubhav pointed out:
What it can lead to ? Using PRET to hijack printer can evolve to using metasploit or search for RDP to install ransomware to subscribe to a youtuber ?
Printer security is a mess, but if you commit a theft in a house which is not locked, doesn’t mean its not a theft. (3/3) (end)
— Ankit Anubhav (@ankit_anubhav) December 17, 2018
WordPress flaw could allow attackers to access admin features
Another day, another WordPress flaw. RIPS Tech revealed a logic flaw in the way WordPress created blog posts that could allow attackers to access features only administrators were supposed to have. The summary states:
Logitech Options update after Google Project Zero’s public disclosure
After Google Project Zero’s Tavis Ormandy publicly disclosed a flaw in Logitech’s Options app for Windows that could potentially allow hackers to send arbitrary keystrokes to take control of a Windows box, Logitech released an update for the Windows and Mac versions. You might want to grab that fix if you use the app.
Mac-address-gobbling security robot in LA mall
While bragging about the cutting-edge tech of a security robot to patrol The Bloc, a mall in Los Angeles, the mall’s general manager said, “It’s picking up video footage. It’s picking up Mac addresses. So, it’s able to pick up a lot of information that humans just aren’t capable of. You want to ask when they’re here? I forgot to turn if off!”
A personality trait that puts you at risk for cyber crime
Impulse shopping, downloading music, and compulsive email use are signs of a low self-control personality trait. And that trait, Michigan State University researchers say, puts you at risk of falling victim to cyber crime involving Trojans, viruses, and malware.
“People who show signs of low self-control are the ones we found more susceptible to malware attacks,” said Tomas Holt, professor of criminal justice and lead author of the research. “An individual’s characteristics are critical in studying how cybercrime perseveres, particularly the person’s impulsiveness and the activities that they engage in while online that have the greatest impact on their risk.”