Streaming Security and Dark Web Markets
As if the burden of managing numerous streaming services, their rising costs, incessant ads and other consumer-unfriendly practices weren’t enough, people also have to consider cybersecurity threats interrupting their casual entertainment time. Most recently comes news about a new malware strain that has infected over a million TV streaming boxes using the Android Open Source Project (AOSP). This Vo1d malware is a backdoor that allows the hackers to hijack control of the device: depending on the version, it can either modify startup scripts or replace operating system files, which then allows the malware to be launched. Reports indicate that this attack has reached over 200 countries, with some of the most substantial impact felt in Brazil, Russia and Indonesia.
Researchers into this incident believe that the streaming devices are mainly targeted for their use of outdated software with unpatched security vulnerabilities. Out of date cybersecurity thus continues to be a prominent risk that isn’t taken as seriously as it ought to be. Disconnecting these devices from the internet is a natural step to take here, and Android users should install new firmware updates as they become available. Bleeping Computer also recommends avoiding third-party Android application sites, which are a common source of malware.
Really, it makes one wonder if people are just going to start switching back to cable sooner or later.
Meanwhile, after being taken down earlier this year by the FBI, it seems that black market site BreachForums has managed to come back online. Since its revival, bad actors have used it to post listings of data stolen in the Ticketmaster/Snowflake breach, as well as nearly 10 billion passwords.
Currently it is playing host to a data set from a Dell data breach, which affected around 10,000 employees and partners. The price tag listed by the hacker responsible, which is equivalent to about 30 cents, implies that a quick profit was not the main motivator here. The end result for the affected Dell employees will likely involve phishing or other social engineering attempts. Cyber criminals who obtain the data set could also use the employee credentials it contains to access Dell internal systems.
When the black markets are back up and running for cyber criminals, any systems or software caught with outdated security will become a viable target. NetLib Security’s Encryptionizer solution provides a critical layer of security for stored data right out of the box, keeping it illegible from intruders who have the will and the way to steal it. No additional programming is required. Try a free evaluation to see how Encryptionizer can help with your cyber defenses.