#222 Cyberpunk 2077 World Map Leaked!

Question is, is this the official world map or a fake leak? Let’s find out!

Listen Now

We Need You To Join Us

Do you love talking about tech, gadget and/or gaming news? So do we! Join us on Discord!

Article Links:

Did we miss something on the show? Let us know on Twitter at @technewsgadget! Have news you want to share? Submit it here.

Skygofree: Spying on FB, WhatsApp, Skype and Credit Cards On Your Android

Malware is definitely getting more sinister and Skygofree, said to be in existence since 2014, was reported by Kaspersky as vicious enough to steal messages and take over your phone camera and steal data. The ultimate eavesdropper, Skygofree does not actually read WhatsApp and Facebook encrypted messages but goes around this limitation by capitalizing on Android’s Accessibility Services, something that was created for people with disabilities or limited interaction with the smartphone or tablet.

Kaspersky Lab researchers have uncovered an advanced mobile implant, active since 2014 and designed for targeted cyber-surveillance, possibly as an ‘offensive  security’ product. 

Late last year, it was considered one of the most sophisticated malware affecting Android operating systems because it can link-up infected devices to Wi-Fi networks under the control of the attackers. Unlike in the past when malware was released by cyber attackers, word has it that an Italian company selling surveillance systems developed this malware with root access. Hence, it is capable of reading practically anything on your device’s memory including geolocation, text messages, calendared events, business data, and personal information. It can also take photos, record video and conversations automatically without as much as alerting the owner that anything was remiss. It has better control of infected devices and can record the once impregnable Skype conversations.

Skygofree is a sophisticated, multi-stage spyware that gives attackers full remote control of an infected device.  – Kaspersky

You realize the gravity of the security risk when you realize just how much information you’ve entrusted to your smartphone. You read emails, write notes, store passwords, credit card information and even hold virtual work meetings using your Android.

According to Kaspersky, the malware is spread through landing pages that mimic mobile network operators. Users are then tricked into installing and using the app. If you notice your smartphone is fast draining charge and heating up, it may be infected by Skygofree and other Trojans). Aside from the 48 commands it can execute, it can circumvent battery-saving mechanisms (such as in Huawei) and unobtrusively implant itself as a protected app. A particularly dangerous quality because it remains quietly operating in the background when the screen is off.

How does Skygofree do it? Once installed from fake sites, you will see a notification that may be permutations of this “Dear Customer, we’re updating your configuration and it will be ready as soon as possible”. It sounds official and above-board and doesn’t raise suspicions. However, if you detect something off and want to address this by deleting or uninstalling the app, you are in for a big surprise! The trojan hides the icon in background services where it isn’t easily removed from the system. According to Kaspersky, this self-protection feature affects almost all services. Windows itself could be the next target and this has already started with infiltrating Skype.

Prevent infection by Skygofree by:

  • installing antivirus/anti-malware protection such as  Kaspersky Security for Mobile.
  • being cautious when opening mail from unknown sites
  • not opening attachments
  • downloading only from known sites and
  • turning on Application Control if you are the system administrator.

Apple and Google remove ‘Find &Call’ app from their online stores

In order to protect their much beloved clientele, Apple and Google have decided to remove apps from their online stores, after it was revealed that some of this malware infected apps intrude the privacy of their owners.

One such app is the Find and Call app which was initially thought to be as an SMS worm but later on it was found to be a Trojan. Kaspersky discovered the malware and notified both Google and Apple thus, forcing them to remove the app from their online stores (Google Play and Apple App Store).

According to Apple, “The Find and Call app has been removed from the App Store due to tis unauthorized use of users’ Address Book data, a violation of App store guidelines.”

Kaspersky said that the app would trick users to register their email address and phone number and then would ask to find friend’s from their phone book. The data would then be transmitted to a remote server.

The malware would then send to his/her contacts messages that include links to a site that would lead to a malware attack if clicked.

According to Kaspersky, this is the first time that they found out a malware app available on the App Store since its inception.

Thanks Apple and Google!

Image Source: ubergizmo.com

Sony teaming up with Kaspersky for Vaio

One of the leading antivirus security firms in the world has found an ally today, after they announced that they are offering its security products for home PC protection.

Kaspersky Lab announced that the company and Sony have agreed to consolidate in a joint venture that would make Kaspersky Lab’s antivirus program the stock security protection for Sony Vaio devices in America.

This exclusive agreement will give customers premium protection during the first weeks of setup. A 30 day subscription to Kaspersky Internet Security 2012 will come with the Sony Vaio packages in the United States, Latin America and Canada starting May 2012.

Kaspersky is the world’s third largest security vendor. Their products usually earn high rankings from independent security evaluations and security analysts. Kaspersky Internet Security earned a 4.5 out of 5 star rating in an evaluation done by CNET and was awarded the “Product of the Year” last year by AV-Comparatives.

Kaspersky Lab president Steve Orenberg said, “We are genuinely thrilled with the opportunity to work with the Sony Vaio team and its incredible lineup of consumer computing devices. For years, Sony has been the gold-standard of consumer electronic quality and consumer experience, and at Kaspersky Lab, we pride ourselves on delivering the same quality and experience to our own customers.”

Did Sony make the right decision by choosing Kaspersky?

Image Source: egully.com

Malware detected! Cyber-war lunges forward

Now may be a good time to click the update button to your anti-virus software. A couple of weeks ago, while trying to locate and identify a very illusive viper/wiper program that has been infecting Iranian computers, Kaspersky Lab has detected something even larger and more threatening than described. The malware, currently dubbed as “Flame”, is speculated to be another step towards cyber-war.

The malware has been named after a common name in its modules “flame_props”. This malware has been said to be 20 times larger and more complicated than a previous Cyber-war tool named Stuxnet. Stuxnet and Duqu were two of the cyber-war weapons that were launched around 2009 and 2010. These malware were considered monsters of their time. Stuxnet apparently took at least half a year for Kaspersky Lab to analyze and it may take at least 10 years to bust Flame open. These malware ran rampant in Iranian computers and sought to gather data and destroy infrastructure.

Flame has been recorded to be infecting several countries in the Middle East, with Iran as the leading target. The size and scope of Flame’s targets seem to reflect that this is again another Government-backed cyber assault, with goals of espionage in mind. Flame has been reported to be gathering data and even deleting data from target systems. Even the spread of the malware is well controlled and remained undetected for 2 years and maybe even longer. The scope of attack and similarities to Stuxnet rules out independent acts of cyber criminals.

In Kapsersky’s statement, Flame infects its targets by installing a small compressed file into the drive, then further downloads and deploys up to 20 modules that allow the attacker to perform several tasks, taking virtual control over the affected systems. The total size of the toolkit reaches 20 MB, compared to the 500 KB of Stuxnet. The plug-ins can be deployed and turned off at will by the attacker, including well controlled deployment into USB hosts, making the malware harder to detect. It even has the ability to completely wipe itself from a computer, further making it difficult for large anti-virus firms like Kaspersky Lab to detect and analyze. Someone is definitely in the steering wheel of this ride. Flame is a malware that has grown exceedingly complicated compared to its predecessors. Who knows how many more of these are in the wild, still running undetected?

So what can this malware do? Nearly every recording and data gathering capacities of you computer is at its employ. Kaspersky Lab reports that Flame can effectively use your computer’s microphone to record conversations. It can view your keystrokes. It can browse all your data and communications in the internet. It can even use the Bluetooth device of your computer and access other devices in its coverage, gathering personal information, like names and phone numbers. It can choose who to infect and when is the best time to strike. It has all the makings of an espionage tool. No wonder Kaspersky Lab thinks this may very well be a nation’s attack upon another.

This poses a threat not only to the infected countries, but other countries as well who may one day fall on the attacker’s radar. Some can only cry out for the legality of these attacks, as these are basically Government-approved cyber crimes. For this incredibly powerful malware to fall on the wrong hands would be disastrous to the whole internet community. Privacy has become a very sensitive term in the internet, and this privacy may soon be no longer in our control, if stuff like these can be deployed and run undetected for many years. If the government can get away with attacking industries for their data, what is stopping them from spying on each and every one of us regardless of their reasons?

New Facebook phishing scheme steals credit card info

A new phishing scheme was once again discovered in Facebook.

According to David Jacoby of Kaspersky, this new scheme allows access to a user’s account through this method. Once they succeed in gaining access to your account, the scammer would then change the profile picture to the logo of Facebook and change the user’s name into “Facebook Security”. It would now appear to your friends that this is an official Facebook account. The scam artist would then chat with your friends and send them a link that says “Your Facebook account will be turned off because someone has reported you. Please do re-confirm your account security by” ‘Insert Link’ Thank you, The Facebook Team.”

Once you click on the link, it would redirect you to a page outside of Facebook but look similar to that of the social networking site. The page has fields such as name, email, Facebook password, email password and a security question. Once the user fills up the field and clicks on confirm, it would then open a page that would ask the user about his or her credit card information to “confirm” his or her identity. If the user clicks on confirm again, they would then be asked about name, billing address, full credit card number, expiration date and the card’s security code.

Phishing schemes have been common in Facebook so users are warned not to click on any links that seem questionable.

Image source: xcoselete.blogspot.com