People learn more from their mistakes than from cautionary tales of scam and fraud, so, for today’s security postmortem, we collected edifying tales from real-life gamers. Here are four from victims and one from a perpetrator. Gift fraud Mikhail Mad_Bucket, 23, translator: “About seven years ago, something show more ...
pretty interesting happened to me on Steam — technically a scam, but not really. In Team Fortress 2, there were these weapons that counted kills, and I wanted to sell a dropped crossbow that had this gizmo. Then a stranger on Steam offered to trade it for the game Eets. ‘Wow, a game for a weapon!’ I thought. We exchanged, I installed Eets, and everything seemed OK. But then I went to this guy’s profile, and there in caps it said: ‘GUYS, FREE EETS FOR WHOEVER WANTS IT.’ It turned out that some site was handing out keys for the game just like that, as many copies as you liked.” Moral: If you are offered a free or very cheap game, go to the developer’s or publisher’s official website and see if it mentions the promotion. If it does, buy or download the game there — no need to take unnecessary risks. Our hero was very lucky that, in exchange for the weapon, he got a real copy of the (free) game, and not an army of Trojans or a fake key. If your goal is to avoid paying for computer games, check out our guide to no-risk free gaming. Malicious apps and account hijacking Anonymous, 17: “I’ve had two run-ins with scammers. The first time, I found a program supposedly for boosting items in CS:GO, which imitated the Steam login screen. I was 10, I didn’t really know what I was doing. I entered my details, they leaked, my account was almost stolen. Back then, accounts with items got hijacked really quickly. Then, in a different account, I started crafting stuff in CS:GO. I got an AWP Redline and a M4A4 Asiimov in about two hours, as I recall. Just 20 minutes later the account was stolen, and the items got gifted away. I don’t know how it happened — maybe they hijacked a database somewhere. Btw, tech support still hasn’t returned that account. To be honest, I remember those times with horror — login without 2FA and poor-to-average Steam support.” Moral 1: It’s not safe to enter credentials in third-party services, especially if they promise mountains of gold or illegal benefits such as a rating boost — you risk having your account hijacked. Avoid installing dubious apps as well; what looks like cheats and bots may really be malware. Better still, use a security solution that stops malicious apps in their tracks, blocks fake sites, and wards off other evils. Moral 2: Creating a strong and unique password for each service you use is critical. Make each one strong, so it can’t be brute-forced, and make it unique so that in case of a leak, your other accounts won’t be lost. If coming up with and remembering key phrases is problematic for you, use a password manager to securely store your passwords and automatically enter them for account login as needed. For more protection, enable two-factor authentication. That way, to log in to your account, you (or anyone else) will need not only the password, but also a one-time code, making it harder to hijack. See our posts on how to activate this and other security features in Steam, Origin, Battle.net and Twitch. Social engineering: A cybercriminal’s tale Alexander, 28, SAP programmer: “Back in the early days of Lineage II, some friends of a gullible classmate of mine decided to initiate him in the ways of this MMORPG. They created an account for him and poured in a lot of money (at least by high-school standards). They bought him D-grade gear [better than standard — ed. ] and secretly completed first class transfer quest. As a guy always looking to profit at someone else’s expense, I offered to help him with the second transfer. He was clueless about the game but itching to get hooked. After class, I went to his house and, pretending to do a class transfer quest, killed a couple of skeletons and chatted with a guard. In an important-sounding voice, I told him that the job was done and asked for his ‘outdated gear’ as token payment. He happily handed it over. We bought him a wooden sword in return, and I left with a feeling of accomplishment.” Moral: If someone offers to do something for you, make sure you fully understand what it is and whether you really need it. Find out the price right away — it may not be worth it. And never let gaming pros into your computer or account — even if they are “friends.” Although the narrator of this tale showed some restraint, you can’t count on a real scammer to spare victims. Account hijacking with TeamViewer Anonymous, 20, student: “Back when I was a kid playing Counter-Strike: Source, I found this 35hp server where there was this dude in an Iron Man skin. His ragdoll made these cool metallic sounds upon dying. You could say I was impressed. I asked in the general chat how to get this type of skin, and the server admin said the model was only for admins, but just this once I could have it free. He activated the skin for me on the server, and everything seemed fine, but then he wrote that the model had to be activated on Steam so it wouldn’t disappear. At his suggestion, I installed TeamViewer and gave him access to my computer. He connected, opened Notepad right on my desktop and wrote what to do there. To cut a short story even shorter: I gave him my account details, he logged in supposedly to activate the skin, and that’s how I lost my first Steam account.” Moral: Installing third-party software, let alone handing over control of your computer to a stranger, is a big risk. As for giving out your account username and password, don’t do it, even if you’re promised a cool feature or a fix for a serious issue, as tech-support scammers do. If you need help from a tech-savvy friend, let them explain verbally how to solve the problem. The world’s shortest tragedy Hermit Purple, 18, professional commenter in VKontakte communities: “I was playing Digger Online, logged in to the server. The admins said: item or ban. I bought them an item, but they banned me anyway.” Moral: No moral here; we can only sympathize. Midori Kuma commiserates with gamer victims How to guard against gaming scams Gamers who want to keep their money, gear, and accounts need to: Protect game accounts with strong and unique passwords, and don’t forget to enable two-factor authentication. Here’s how to set up accounts in Steam, Origin, Battle.net and Twitch. Double-check deals and offers, looking at seller (or buyer) profiles, reading reviews, and studying vendor websites. It’s better to lose half an hour than all your money. Take your time entering account credentials. First, make sure you are using the official site or app. Type in the address manually if possible, and make sure there are no typos in the name of the site you are visiting. Don’t rely on familiar page layouts for quick visual confirmation; they are easily copied. Reject additional programs. If a friend or acquaintance (or an online stranger!) asks you to install anything — especially a remote access tool such as TeamViewer — forget about it. If they’re helping you with a problem, have them explain the solution so you can do it for yourself. Never disable your antivirus when playing. Many modern security solutions, such as Kaspersky Security Cloud, include a gaming mode that goes light on resources and does not interfere with game play.
The mastermind behind the Ziggy ransomware operation announced on Telegram the decision to shut down their activity. The admin leaked a SQL file containing 922 decryption keys along with a decryptor.
After first learning of this attack from a post on Reddit, BleepingComputer was able to find numerous samples of the targeted attack uploaded to VirusTotal since February 2nd, 2021.
Different versions of multi-staged loaders attempt to inject and execute CinaRAT within the victim’s host memory. CinaRAT code is available on GitHub; generally it's just a rebranded QuasarRAT.
American packaging company WestRock announced at the end of January that it was the victim of a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems.
Under the settlement, SkyMed must now resend notices to consumers disclosing the extent of the breach, conduct assessments of its new comprehensive information security program, and more.
It's hard to tell how long Barcode Scanner had been in Google Play store as a legitimate app. Based on the high number of installs and user feedback, researchers suspect it had been there for years.
Cybercrime cases increased by an alarming 31% in Odisha in 2020 as compared to 2019. As per statistics of Odisha police, 1931 cybercrime cases were registered last year as against 1475 cases in 2019.
SitePoint is an Australian-based website, and publisher of books, courses, and articles for web developers. The company has disclosed a data breach and notified its users via email.
Unlike its predecessor, the new Zeoticus 2.0 variant can execute payloads without connectivity or remote commands, according to a malware analysis conducted by SentinelOne.
Google on Thursday removed The Great Suspender, a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware and also deactivated it from users' computers.
Elektra Labs and CMU researchers announced a collaboration on an innovative IoT labeling system for understanding the data rights and security practices of connected health sensors.
Domestic Kitten has been conducting widespread surveillance for the past four years, launching at least 10 separate campaigns and maintaining a target list of 1,200 individuals, at a minimum.
There's been a huge increase in cyber criminals attempting to perform attacks by exploiting remote login credentials over the last year, as many employees continue to work from home.
Fraudsters are targeting Discord users with a scam centered on a fake cryptocurrency exchange and using the lure of free bitcoin or ethereum cryptocurrency to steal money and personal data.
CyberArk researchers have released BlobHunter, an open-source tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made public.
Built using real-world observations, ATT&CK provides greater depth when describing attacker techniques, enabling red teams to reproduce the behavior of various threat groups.
Guardforce AI, an integrated security solutions provider in Asia, acquired a majority stake in Handshake Networking Ltd, a Hong Kong-based company specializing in penetration testing.
A mysterious group of hacktivists has poisoned the DNS records of several Sri Lankans (.lk) websites on Saturday and redirected users to a web page detailing various social issues impacting the local population.
According to the documents, upon learning of the incident, SN “immediately locked down affected systems and engaged a third party team of forensic experts to determine the impact on our borrowers.”
Research by Tessian has revealed that every photo we post and tag people, leads to the leak of valuable information that can be abused by hackers to design targeted attacks.
Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned.
The patients and employees from 11 hospitals in the US have had their personal information exposed after hackers reportedly published tens of thousands of records online.
The officials of Germany have recently seized a digital wallet that was assumed to carry $60 million in bitcoins; all these bitcoins were acquired through fraudulent online activity.
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
Red Hat Security Advisory 2021-0308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.16. Issues addressed include memory leak and privilege escalation vulnerabilities.
Red Hat Security Advisory 2021-0310-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.16.
Ubuntu Security Notice 4724-1 - It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A remote show more ...
attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
Ubuntu Security Notice 4723-1 - It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code.
Ubuntu Security Notice 4725-1 - It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Alexander Bulekov discovered that show more ...
QEMU incorrectly handled Intel e1000e emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.
Red Hat Security Advisory 2021-0433-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.1.1 serves as a replacement for Red Hat Data Grid 8.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, and memory leak vulnerabilities.
While Gartner does not have a dedicated Magic Quadrant for Bug Bounties or Crowd Security Testing yet, Gartner Peer Insights already lists 24 vendors in the "Application Crowdtesting Services" category. We have compiled the top 5 most promising bug bounty platforms for those of you who are looking to enhance your existing software testing arsenal with knowledge and expertise from international
Twin cyber operations conducted by state-sponsored Iranian threat actors demonstrate their continued focus on compiling detailed dossiers on Iranian citizens that could threaten the stability of the Islamic Republic, including dissidents, opposition forces, and ISIS supporters, and Kurdish natives. Tracing the extensive espionage operations to two advanced Iranian cyber-groups Domestic Kitten (
Graham Cluley Security News is sponsored this week by the folks at HYPR. Thanks to the great team there for their support! Below, George Avetisov, Cofounder & CEO of HYPR, describes some of the findings of their recent State of Passwordless Security report. 2020 put Digital Identity challenges front and center. show more ...
Our rapid shift to … Continue reading "Report: Adoption of passwordless security takes off amid COVID-19"
It's not that unusual for a company to reward you handsomely if you find a vulnerability that could have lost them millions of dollars, but it's not often you also get the CTO offering to get a tattoo in your honour...