Latest news with #maliciousactors
Forbes
11 hours ago
- Forbes
FBI Warns iPhone And Android Users—Do Not Share These Texts
Do not make this mistake on your phone. Republished on July 29 with new text attack warnings for smartphones users. The FBI warns that 'malicious actors' continue to send fraudulent texts and voice messages to 'gain access to personal accounts.' Do not reply to messages unless you recognize the sender's number. But there's more you must do to safeguard accounts. America is under attack from a malicious texting industry sending out billions of messages. Whether undelivered packages, unpaid tolls and DMV fines or Amazon refunds, the objective is to steal your data, your money, even your identity. But sometimes even legitimate texts can be dangerous. We're talking two-factor authentication (2FA), which the bureau says you should set up 'on any account that allows it,' and should 'never disable.' But most 2FA codes are delivered by text. And the problem with texts is that you can send them on to others. Never do that, the FBI warns — regardless of who's asking. 'Actors may use social engineering techniques to convince you to disclose a 2FA code,' the bureau says in an advisory reshared this week. Doing so lets attackers 'compromise and take over accounts.' Even if the request comes from someone you know, 'never provide a two-factor code to anyone over email, SMS/MMS or encrypted messaging.' ESET's Jake Moore warns the same. 'Scammers often trick people into revealing them to bypass security checks and take control so even if someone claims to be from your bank, trusted company or even a family member, keep OTPs to yourself.' This all sounds very basic. But if an attacker hijacks one of your friend's messaging accounts, they can pretend to be your friend and ask you to send a code, telling you their phone is not working. The scam is remarkably effective. While you should never share OTP text messages, you can better protect yourself if you stop using them altogether. Use an authenticator app, or better still use a passkey. This links your account to your physical device, making it impossible to steal and use a code. Shifting from SMS to authenticator apps or passkeys is critical now SMS interception and bypass is more common. Per Cybersecurity News, 'criminal enterprises no longer require extensive technical expertise to deploy advanced mobile threats, as ready-to-use malware kits are now available for subscription fees as low as $300 per month.' Banks in Australia and UAE are already calling time on SMS 2FA codes, and you should now do the same. But if you are using those codes, it's even more critical that you never share them, regardless of who is who's asking and the reason they're giving. While SMS persists, Cybersecurity News warns of a 'fundamental shift toward industrialized cybercrime, where specialized providers handle technical complexities while criminal customers focus solely on victim targeting and monetization strategies.' This isn't new. Per one warning from 2021, while 'figures suggest users who enabled 2FA ended up blocking about 99.9% of automated attacks, as with any good cybersecurity solution, attackers can quickly come up with ways to circumvent it. They can bypass 2FA through the one-time codes sent as an SMS to a user's smartphone.'
South China Morning Post
21-07-2025
- South China Morning Post
China warns of security risks from bad actor ‘back doors' in imported chips, smart devices
China's top anti-spying agency has urged citizens to beware of data leakage through deliberately designed or maliciously embedded 'technical back doors' in chips and smart gadgets produced overseas, warning of risks to national security The Ministry of State Security said on its official social media page on Monday that imported chips, software and smart devices for critical sectors might feature embedded 'exploits' or access points at the initial design stage. These would allow malicious actors to bypass security controls and gain unauthorised access to systems, potentially causing severe data breaches, it cautioned. 'The security of hi-tech devices and information systems directly concerns national security. Citizens must remain vigilant,' the ministry said. 03:25 New CIA videos seek to lure Chinese officials to leak secrets to US New CIA videos seek to lure Chinese officials to leak secrets to US A technical back door is a software tool that allows developers to debug and patch vulnerabilities efficiently. However, it may also pose significant risks, including data theft and information leakage. Malicious actors could exploit these covert access points to remotely activate cameras or microphones, or command background processes to collect and 'exfiltrate' or steal specific data, the ministry said. Manufacturers could also illegally invade devices through after-sales services, software update channels, by compromising open-source code repositories or tampering with code during supply chain operations, it added. Beijing places a strong emphasis on national security in the intelligence and cyber domains, and the ministry's warning underscores heightened vigilance over risks from foreign technology supply chains amid geopolitical tensions with the United States and state surveillance fears.
Geeky Gadgets
15-07-2025
- Geeky Gadgets
Developer Loses $500,000 While Coding in Cursor : Malicious Cursor IDE Extension Exposed
What if a single click could cost you half a million dollars? For one blockchain developer, this nightmare became a reality when a seemingly harmless coding extension in Cursor IDE turned out to be a cleverly disguised trap. The result? A staggering loss of $500,000 in cryptocurrency. This incident isn't just a cautionary tale—it's a wake-up call for developers everywhere about the hidden dangers lurking in trusted tools. In an era where open source ecosystems thrive on collaboration and innovation, the same openness can be weaponized by malicious actors. The question is: how can you protect yourself when even trusted platforms can be exploited? Java Brains unpacks the shocking details of how a polished, professional-looking extension turned into a developer's worst nightmare. You'll learn how attackers manipulated trust signals like download counts and reviews, exploited vulnerabilities in the Open VSX marketplace, and bypassed common security measures. More importantly, we'll explore practical steps to safeguard your work and assets, from scrutinizing extensions to isolating sensitive tasks. Whether you're a seasoned developer or just starting out, this story holds critical lessons about the balance between convenience and security in today's development environments. After all, in a world where a single misstep can cost you everything, vigilance isn't optional—it's essential. Malicious Extension Costs Developer What Happened? The developer, while working in Cursor IDE, installed an extension that appeared to offer Solidity language support. However, this seemingly legitimate extension concealed malicious code. Once installed, it executed a hidden PowerShell script that granted attackers remote access to the developer's machine. This unauthorized access enabled the attackers to steal cryptocurrency wallets and other sensitive information stored on the system. The extension appeared trustworthy due to its professional description and artificially inflated download counts, which gave the impression of widespread use and reliability. This deceptive presentation masked its true intent, leaving the developer unaware of the threat until the damage was already done. How Attackers Exploited the System The attackers used weaknesses in the Open VSX marketplace, a platform used by Cursor IDE and other VS Code forks for extensions. Their strategy involved exploiting trust mechanisms and marketplace vulnerabilities to distribute their malicious extension effectively. Here's how they executed the attack: Manipulated Rankings: The attackers exploited the marketplace's ranking algorithm to ensure their extension appeared prominently in search results, increasing its visibility to potential victims. The attackers exploited the marketplace's ranking algorithm to ensure their extension appeared prominently in search results, increasing its visibility to potential victims. Deceptive Presentation: They crafted a polished description and artificially inflated download numbers to create a false sense of credibility and trustworthiness. They crafted a polished description and artificially inflated download numbers to create a false sense of credibility and trustworthiness. Exploited Open Marketplace Weaknesses: The Open VSX marketplace lacks the stringent security measures found in Microsoft's proprietary Visual Studio Marketplace, making it easier for malicious actors to distribute harmful extensions without detection. These tactics allowed the attackers to bypass common trust indicators, such as download counts and ratings, which developers often rely on when selecting extensions. How a Malicious Cursor IDE Extension Stole $500,000 in Crypto Watch this video on YouTube. Uncover more insights about AI coding in previous articles we have written. Why Extensions Pose a Security Risk Extensions in integrated development environments (IDEs) like VS Code and its forks are designed to enhance functionality, often requiring significant system-level access. While this access is necessary for their operation, it also increases the potential for misuse. Developers typically assess extensions based on several factors, but these metrics can be misleading: Download Counts: High download numbers are often interpreted as a sign of popularity and reliability, but they can be artificially inflated. High download numbers are often interpreted as a sign of popularity and reliability, but they can be artificially inflated. Ratings and Reviews: Positive feedback can create a false sense of security, especially if reviews are fabricated or manipulated. Positive feedback can create a false sense of security, especially if reviews are fabricated or manipulated. Open source Transparency: While open source extensions are generally considered safer due to their transparency, they can still be compromised during the build or distribution process. This incident demonstrates how attackers can exploit these trust mechanisms, making it increasingly difficult for developers to distinguish between safe and malicious tools. How You Can Protect Yourself To safeguard against malicious extensions and reduce the risk of similar incidents, developers should adopt the following best practices: Verify Extensions: Whenever possible, test extensions in the official VS Code marketplace before using them in forks like Cursor IDE. Whenever possible, test extensions in the official VS Code marketplace before using them in forks like Cursor IDE. Scrutinize Publishers: Investigate the publisher's profile, history, and reputation to ensure they are legitimate and trustworthy. Investigate the publisher's profile, history, and reputation to ensure they are legitimate and trustworthy. Delay Adoption: Avoid installing newly published extensions until they have been thoroughly vetted by the developer community. Avoid installing newly published extensions until they have been thoroughly vetted by the developer community. Compartmentalize Work: Use isolated setups for sensitive tasks, and separate personal and professional environments to minimize exposure. Use isolated setups for sensitive tasks, and separate personal and professional environments to minimize exposure. Be Cautious: Refrain from installing extensions that seem suspicious, lack transparency, or fail to function as advertised. Refrain from installing extensions that seem suspicious, lack transparency, or fail to function as advertised. Understand Risks: Tailor your security practices to the sensitivity of the data or assets you handle, making sure that high-value resources are given extra protection. By implementing these measures, you can significantly reduce your vulnerability to malicious extensions and other security threats. Broader Lessons for the Development Community This incident highlights the urgent need for stronger security measures within open source extension marketplaces. While the open source model encourages innovation and collaboration, it also introduces risks that require proactive management. Developers must carefully weigh the convenience and functionality of extensions against the potential security threats they pose. The broader development community, including marketplace operators, must also take responsibility for improving security. Key actions that could enhance safety include: Enhanced Verification Processes: Implementing stricter vetting procedures for extensions to identify and remove malicious content before it reaches users. Implementing stricter vetting procedures for extensions to identify and remove malicious content before it reaches users. Improved Ranking Algorithms: Refining algorithms to prevent manipulation and ensure that trustworthy extensions are prioritized in search results. Refining algorithms to prevent manipulation and ensure that trustworthy extensions are prioritized in search results. Stronger Security Protocols: Introducing additional layers of security, such as automated code analysis and manual reviews, to detect and block harmful extensions. These steps are essential to reducing the risk of malicious extensions infiltrating open source ecosystems and compromising user security. Lessons for Developers The loss of $500,000 by a blockchain developer serves as a sobering reminder of the dangers posed by malicious extensions. As attackers continue to refine their methods, vigilance and informed decision-making are your best defenses. By adopting proactive security practices, scrutinizing third-party tools, and staying informed about potential threats, you can better protect your assets and data from similar risks. Media Credit: Java Brains Filed Under: AI, Top News Latest Geeky Gadgets Deals Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
Finextra
26-06-2025
- Business
- Finextra
Pay with TRIO: The E-Commerce Breakthrough.: By Eli Talmor
E-Commerce and Fraud: Lack of Trust. Online shopping offers unparalleled convenience, transforming how goods and services are purchased. This digital accessibility, however, also presents a fertile ground for fraudulent activities, impacting millions of individuals annually and resulting in significant financial harm. The sheer volume and speed of online transactions make them an attractive target for malicious actors, who constantly evolve their deceptive tactics. The global digital payment landscape is experiencing a period of explosive growth, with e-retail sales projected to approach $8 trillion by 2025. This rapid digital transformation, however, presents a significant paradox. While it undoubtedly offers unparalleled convenience and economic growth, it simultaneously creates an expanding attack surface for malicious actors, resulting in a concerning escalation in fraud losses. The inherent nature of online transactions, particularly the absence of a physical card, introduces higher fraud risks compared to traditional card-present scenarios. This structural difference makes Card-Not-Present (CNP) fraud a dominant concern, accounting for a substantial portion of all card fraud, exemplified by its 85.3% share in the UK. The very factors driving digital adoption thus amplify the necessity for robust security measures, initiating a continuous and dynamic contest between technological innovation and efforts to prevent fraud. The Significant Financial and Reputational Impact of Online Payment Fraud, Particularly from Stolen Payment Cards Online payment fraud poses a severe and multifaceted threat, resulting in substantial financial losses for both businesses and consumers globally. Projections indicate that global card fraud losses are anticipated to reach $40.53 billion by 2027, with e-commerce businesses alone facing an estimated $48 billion in losses to online payment fraud in 2023. The financial ramifications extend beyond direct monetary losses; for every $100 in fraudulent orders, businesses incur an additional $207 in indirect costs, encompassing chargeback fees, processing fees, and various operational overheads associated with fraud management. The United States, in particular, experiences exceptionally high rates of payment fraud, with reported losses increasing by 38% to $12.2 billion in 2024. Beyond the quantifiable financial damage, fraud severely erodes customer trust and significantly tarnishes brand reputation. A compelling study highlights this long-term impact, revealing that 47% of consumers would permanently cease shopping with a retailer following a data breach involving their payment card information. This observation underscores that fraud prevention strategies are not solely about protecting immediate revenue streams but are critically important for maintaining brand integrity and fostering customer loyalty, which represent intangible yet vital long-term assets. Businesses must therefore recognize that investments in robust security are fundamental to preserving their market standing and consumer relationships. Problem 1: Mistrust in Sellers. The Federal Trade Commission (FTC) alone documented nearly 266,000 cases of online shopping and negative review scams in 2023. Problem 2: Mistrust in Buyers. Businesses are losing money to Fraud-$10.6m average annual loss to fraud per merchant.. The latter sees the potential threats both from Consumers as well as Professional fraudsters. These threats include: Online payment fraud The use of stolen cards by fraudsters: A fraudster takes control of a credit or debit card account to make unauthorized transactions. Card-not-present fraud: An unauthorized person uses stolen card details to make online purchases. Card skimming: Devices capture card information at ATMs or point-of-sale terminals, such as at gas pumps. Chargeback fraud False claims for chargebacks by consumers: False claims for chargebacks, also known as chargeback fraud or friendly fraud, occur when consumers falsely dispute legitimate transactions with their credit card companies to get a refund while keeping the purchased goods or services. This practice exploits the chargeback system, designed to protect consumers from unauthorized or fraudulent transactions, for personal gain. Account takeover attacks Account takeover attempts by criminals: Account takeover (ATO) attempts involve criminals gaining unauthorized access to online accounts, often through stolen or compromised credentials. This type of fraud can lead to financial losses, identity theft, and reputational damage for both individuals and organizations. Supplier, partner & seller fraud Supplier fraud by criminals: Supplier fraud, also known as vendor fraud, is a type of fraud where criminals deceive businesses by impersonating legitimate suppliers or creating fake ones to steal money. This can involve sending fraudulent invoices, diverting legitimate payments, or using stolen identities to appear as a genuine supplier. These schemes can be sophisticated, involving detailed research into a company's procurement processes and even insider collaboration. Refund abuse False claims for refunds by consumers: Also known as return abuse, refund abuse is when a customer requests and receives a refund for a purchase they claim was incomplete or unsatisfactory. In essence, they are taking advantage of the merchant's returns policy and goodwill in order to benefit. Promo, voucher & policy abuse Promo abuse by consumers: Promo abuse by consumers refers to the act of exploiting promotional offers beyond their intended use, often by creating fake accounts or using multiple accounts to repeatedly redeem discounts and bonuses. This can involve taking advantage of sign-up incentives, referral bonuses, loyalty discounts, and other promotions designed to attract new customers or reward existing ones. There is a need to re-establish Trust between Buyers and Sellers. Stablecoins vs. Fiat for E-commerce. Pros and Cons. Stablecoins Pros. Stablecoin transactions are significantly faster than traditional methods, often confirmed in seconds or minutes. This near-instantaneous settlement drastically reduces delays, especially for high-volume or international transactions, leading to improved fulfillment speeds and higher customer satisfaction. Operating on blockchain networks, stablecoin payments are available 24/7, bypassing the limitations of traditional banking hours and weekend closures. Reduced Transaction Costs and Fees (including cross-border) Stablecoin transaction fees are typically much lower compared to those incurred with traditional payment methods like credit cards or wire transfers. For instance, while credit/debit card processing fees can range from 2% to 3%, stablecoin transfers can incur nominal fees of a few cents. Shopify's integration of USDC offers merchants their standard Shopify Payments rate, but with a rebate of up to 0.50% on USDC orders and no additional fees for international transactions. Stablecoins can eliminate foreign exchange and multi-currency conversion fees, either by allowing merchants to receive funds in their local currency without extra charges or by enabling them to hold USDC directly. A key financial benefit for merchants is the elimination of chargeback risks due to the irreversible nature of blockchain transactions. This contributes to more consistent cash flow and simplified financial planning. Traditional e-commerce payment methods, especially credit cards, impose significant transaction fees (1.5% to 3.5% per transaction) and carry the risk of chargebacks, which directly impact profit margins and financial planning. Stablecoins offer much lower transaction fees (a fraction of traditional fees) and eliminate chargeback risks. Specific examples, such as Compass Coffee aiming to save 3.75% on credit card fees and Shopify offering rebates on USDC orders, quantify these potential savings. The direct and quantifiable reduction in operational costs (lower fees, no chargebacks) provides a powerful and immediate financial incentive for e-commerce merchants to adopt stablecoins. For businesses, these economic efficiencies can outweigh some of the current complexities or consumer adoption challenges, making stablecoins a strategic choice for optimizing financial operations. Expanded Global Reach and Financial Inclusion Stablecoins facilitate fast, borderless payments, effectively bypassing the complexities and uncertainties of fluctuating exchange rates and reducing overall transactional complexity. This capability significantly broadens a business's potential international market reach. They enable businesses to engage with a vast global audience of cryptocurrency users, estimated at over 400 million worldwide. Stablecoins offer a faster and more cost-effective solution for cross-border remittances, promoting greater financial inclusion for populations who are unbanked or underbanked, particularly in developing economies. Real-world examples include Mercado Libre using USDC to pay suppliers in Brazil and Mexico, which streamlined payments and reduced costs compared to traditional bank transfers. SpaceX also leverages stablecoins to repatriate funds from Starlink sales in countries with highly volatile local currencies, such as Argentina and Nigeria, demonstrating their utility for wealth preservation Cross-border payments and remittances through traditional fiat systems are often characterized by high fees (6-10% for remittances), slow settlement times (1-3 days), and limited accessibility, especially in developing economies with underdeveloped banking infrastructure. Stablecoins drastically cut remittance costs (to less than 1%), enable instant transfers, and provide USD-pegged stability in volatile markets. They offer a digital alternative for the unbanked, allowing for USD-denominated accounts globally. The impact of stablecoins extends beyond mere transactional efficiency; they are fundamentally reshaping financial access and economic resilience in emerging markets. By offering a stable, globally accessible digital currency, stablecoins provide a practical and often superior alternative to volatile local fiat currencies and expensive, slow traditional cross-border services. This empowers individuals and businesses in these regions to participate more effectively in the global digital economy, fostering financial inclusion and potentially driving grassroots economic growth by bypassing legacy banking bottlenecks. This points to a significant socio-economic transformation, not just a technological upgrade. Blockchain-Enabled Security and Transparency Payments conducted via stablecoins, leveraging blockchain technology, inherently provide a degree of transparency and enhanced fraud protection. Transactions are encrypted and verifiably recorded on an immutable public ledger. Issuers of stablecoins typically aim to provide transparency regarding the assets backing their tokens, which is intended to foster trust and confidence among users. For instance, Circle, the issuer of USDC, is known for providing monthly attestation reports from independent accounting firms, which enhances perceived transparency. While the underlying blockchain technology offers inherent transparency for transaction records, the actual transparency and trustworthiness of stablecoins, particularly fiat-backed ones, are not automatically guaranteed. They heavily depend on the issuer's commitment to verifiable proof of reserves and adherence to evolving regulatory standards. Research highlights "Transparency Concerns," noting that some stablecoin issuers have failed to provide sufficient proof of valid audits for their reserves, leading to a degree of mistrust. Recognizing this gap, regulatory bodies are increasingly demanding audited reserves. For example, the EU's Markets in Crypto Assets Regulation (MiCA) specifically mandates that issuers of e-money tokens and asset-referenced tokens maintain reserves to fully back stablecoins, manage them properly, and ensure redeemability at face value. This suggests that "blockchain transparency" is a necessary but insufficient condition for overall stablecoin transparency; robust regulatory oversight and consistent, independent auditing of reserves are equally, if not more, critical for building widespread user confidence and mitigating systemic risks. Comparative Transaction Costs and Speeds: Comparative Transaction Costs and Speeds Stablecoins Cons: Consumer Protection: Fiat (credit card) vs. Stablecoin. It is obvious that stablecoin offers a great advantage in terms of transaction cost and speed will lag behind fiat in terms of fraud protection. It is therefore only natural to incorporate stablecoins into Pay with TRIO, thus offering unprecedented transaction cost, speed, and fraud protection for buyers and Sellers worldwide. Pay with TRIO offers:
Phone Arena
17-05-2025
- Phone Arena
Don't be a victim! FBI warns iOS, Android users about the latest scam
The latest warning from the FBI for iOS and Android users comes in the form of a Public Service Announcement. The warning says that since last month, malicious actors have impersonated senior US officials to target individuals. Many of those targeted are current or former senior US federal or state government officials themselves. The FBI suggests that if you receive a message from someone claiming to be a senior US official, "do not assume that it is authentic." These attacks have come in the form of fake texts, a practice known as "smishing," and via fake AI-generated phone calls, which is a practice known as "vishing." These texts and calls claim to come from senior US officials and try to cozy up with the targets to gain a rapport with the attackers and their victims. Earning that trust goes a long way toward helping the attackers convince their victims that they need to be sent their personal data, including the credentials they use to sign into personal accounts including banking apps, securities apps, crypto wallets, and other higher sensitive accounts accessible via the target's mobile devices. -FBI Using smishing, vishing, and spear phishing (which is the use of malicious emails to trick the victim into revealing personal data), the threat actor introduces malware or includes hyperlinks with the malicious text that will send the victim to a site controlled by the threat actor that steals usernames and passwords. Smishing attacks generate phone numbers that are used by the attacker to call. The attacker will pretend to be a business associate or a relative to engage with the target and collect log-in credentials. At the top of this story, we told you that the FBI is concerned with the latest smishing and vishing attacks, and victims are receiving texts and AI voice messages that claim to be from senior US officials. The FBI suggests that the first thing you should do if you receive one of these calls or texts is to verify the person and organization that allegedly sent you the text or phone call. The FBI suggests that before responding, research the originating number, organization, and/or person purporting to contact you. Then, independently identify a phone number for the person and call to verify their authenticity." The FBI also says, "Carefully examine the email address; messaging contact information, including phone numbers; URLs; and spelling used in any correspondence or communications. Scammers often use slight differences to deceive you and gain your trust. For instance, actors can incorporate publicly available photographs in text messages, use minor alterations in names and contact information, or use AI-generated voices to masquerade as a known contact." Take a long look at any images and or videos sent to you for "subtle imperfections." Hands or feet could be distorted in AI-generated images, and you might catch irregular facial features, unrealistic accessories such as glasses or jewelry, shadows that look fake, unnatural movements in videos including lags between mouth movement and the words being said. Try to distinguish between a real call and an AI-generated call. If you can't judge the authenticity of a message from someone trying to reach out to you, you can call the FBI for help. In addition, the FBI says that you should not share sensitive information or an associate's contact number with people you've only met online or on the phone. The same applies when it comes to sending cash, gift cards or cryptocurrency. Do not send these items to people you've only met online or on the phone. Do not click on any links found on texts or emails you have received. Additionally, "Never open an email attachment, click on links in messages, or download applications at the request of or from someone you have not verified." Also, you should set up two-factor authentication on all apps that allow it. Never disable it, and never disclose the code to anyone.
