Weekly Threat Report - 2nd August 2019
Google highlights vulnerabilities found in iMessage
Five flaws in Apple’s iMessage software could make devices vulnerable to attack according to bug-hunters at Google.
In one example, the researchers commented that the only way to rescue a targeted iPhone would be to delete all the data from it whilst another highlighted issue could see files being copied from a devicewithout the owner actually doing anything to aid the hack.
Apple released fixes last week that would protect devices from these flaws. Recovering devices affected will result in all data being wiped.
A sixth flaw was also reported to Apple by the bug-hunters which, at the time of writing, has not yet been rectified.
In their own notes about iOS 12.4, Apple have indicated that the unfixed flaw could give an attacker the opportunity to crash an app or execute commands. iPhone 5 and later, iPad Air and later, and iPod Touch 6th generation and later could all potentially be affected.
Apple have not commented on this specific issue but have told users to update devices to the latest version of iOS which addresses Google’s other discoveries as well as a number of other issues.
Weaknesses in software and apps can allow cyber criminals to take advantage of your unsecured devices. One of the best forms of defence is to ensure your devices have the latest software and app updates issued by the provider.
Symantec report a revival in extortion scam emails
Symantec has revealed that they blocked almost 300 million extortion scam emails in the first five months of 2019, with a visible peak in a two-week period in February.
The surge was not associated with one particular scam, although sextortion emails are seen frequently by the company. Other variations include:
English language: Plaintext, no URL in body
Bomb threat theme
Using PNG and JPEG images: Email has a PNG or JPEG attachment, which contains the Bitcoin wallet address
Using PDF attachment: Coin wallet address present in the PDF
Use of SegWit Bitcoin address
Interestingly, their analysis suggests that cyber criminals are making just over US$1.2 million in a year through such scams.
The NCSC has published guidance on how to protect yourself against sextortion scams. As with other phishes, our advice is not to engage with the phisher, delete the email and report it to Action Fraud.
Celebrity Twitter accounts compromised
The past week has seen two high profile Twitter accounts ‘hacked’ in order to send out offensive and extreme content.
Actress Jessica Alba’s account was used to send out anti-Semitic and homophobic content and comedy stuntman Steve-O’s Twitter account sent racist and other offensive tweets. They both join the list of celebrities, politicians and organisations who have had their social media accounts compromised.
Anybody's personal social media accounts are a potential target given the cache of private messages, personal data and, increasingly, payment information.
The NCSC has published guidance on making passwords more secure, on passwords management and guidance on how to set up effective two-factor authentication. These methods will make it much more difficult for attackers to take control of your social media accounts. For further advice on steps you can take to protect your online presence, check out the NCSC’s top tips for staying secure online.