WannaHydra Ransomware Attacks Android Devices
Cyber security researchers found a new version of WannaLocker malware that is more dangerous than pervious variations as it includes spyware and a banking Trojan and targets mobile devices. The new variation has been named WannaHydra ransomware and targets four major banks in Brazil. This malware is an Android version of the WannaCry ransomware.
WannaHydra ransomware encrypts files on the infected Android device’s external storage. The ransom for the decryption key costs 40 Renminbi (about $5.80 USD.) WannaHydra malware also collects device information such as the device manufacturer, hardware conifguration, phone number, text messages, call logs, photos, contact list, microphone audio data, and GPS location information.
Mobile devices are not immune from malware or hacking. They are commonly used on open, public WiFi connections giving hackers the opportunity to compromise a device. Routine actions, like checking email or posting on social media, can be intercepted by packet sniffers that can glean usernames and passwords from the unencrypted internet traffic. Most malware attacks also involve a social engineering attack. Skilled hackers take time to collect personal information about their targets.
US Customs and Border Protection suspends Perceptics
In other cyber security news, US Customs and Border Protection (CBP) suspended a contractor for a cyber security violation that affected about 100,000 travelers. The contractor, Perceptics, makes automobile license plate reading technology used to scan and identify vehicles crossing US land borders. The company’s technology is also used by several US states as well as foreign governments to surveil their roadways.
Perceptics transferred photos of automobile passengers crossing a Canadian-US border to their own servers in violation of their contract with CBP. The servers were then hacked and the photos and locations of over 100,000 vehicles were compromised. Hackers also stole CBP business data including government agency contracts, budget spreadsheets, and PowerPoint presentations. Perceptics has contracted with CBP for over 35 years. The company was using the photos to test some of its new vehicle scanning technology.
US Customs and Border Protection routinely surveils vehicle passengers at all border crossings without the knowledge and consent of travelers. It is not known where or how long the data is retained. There is no federal policy limiting or informing the public about facial recognition or any other biometric data taken at the federal, state, or local levels.
Firefox Vulnerability
Cyber security researcher, Barak Tawily, successfully developed a cyber attack against Firefox web browser. The exploit takes advantage of the way Firefox implements Same Origin Policy (SOP) for the “file://” scheme Uniform Resource Identifiers. The bug allows any file in a folder to access to other files in the same folder or its subfolders. It also could allow hackers who exploit Firefox’s SOP scheme to read the content of any file and send any compromised data from the computer to a remote server. The vulnerability is not cyber security news to the IT community and was already known to the Mozilla, the company that produces Firefox. However, this is the first time someone developed a cyber attack against targeting Firefox using this scenario. Firefox has no plans to fix this issue.
