From 1971, when a few troublemakers realized they could access AT&T’s long distance communication system by whistling at just the right pitch, hacking has come a long way. When it first used to be performed only for personal entertainment, the interception of wires and interconnected communication networks quickly increased. Then, the legal system was only able to charge these talented whistlers with a minor harassment count described similar to “prank-calling” and an enthusiastic, curious community of tech-savvy individuals was created.
The era where we now see video-game competitions streaming on ESPN, we frequently see hacking or hack-a-thon events being held by companies such as Google. The hackers (the good kind) who can find the loopholes within the targeted network are often presented with rewards such as big-buck checks and most likely will receive a ridiculous offer to work for the company and find more network loopholes for better cyber security defense.
Here are some recent shocking hacking incidents that may grow in popularity and help us keep on eye on the increase of cyber attacks and hackers (the bad kind) as they continue creating more sophisticated methods to access your network.
Real Speeding Ticket or Malware Scam?
SC Magazine notified its viewers last week that residents of Pennsylvania had received emails posing as speeding citations containing people’s actual driving history. These emails look as if they are from a local police department and contain deceiving links leading to malware. Because of how accurate the fake citation describes the reader’s’ actual driving history (street names, driving speed, time, etc.) they’ve been quite successful into persuading readers that they’ve actually been cited for driving over the speed limit.
Assumptions are being made that navigation apps are being compromised which reveals the app holder’s personal information and driving record. The app(s) that were compromised were most likely a victim of SQL injection, which is when seemingly credible files or links containing hidden commands allow access to private data. For the time being, reports of this type of hack have only been made locally, however, precautions are being made to observe how widespread this cyber attacking tactic can grow.
Who Said Mac Devices Can’t Get Viruses?
A commonly believed perk of owning a Mac was that they are not prone to viruses whereas a Windows PC might be. However, recently researchers reported to have successfully found functional ransomware during the beginning of this month.
It’s still unclear exactly how the ransomware was able to find it’s way onto Palo Alto Network’s client, Transmission, but it is possible certain files being downloaded on a user’s Mac and were replaced with malicious files containing ransomware causing the costly infection. Luckily, the ransomware was found and removed within 3 days of its arrival so the requested payment of 1 bitcoin, or approximately $400, remained with the startled executives of Transmission.
Typosquatting — Now Typos Are A Much Larger Burden
Ever misspelled the url of a website? Recently, “typosquatters” were discovered after Netflix was typed as “netflix.om” instead of “netflix.com”. Most internet users are familiar with Google’s “Did You Mean?” page, but it turns out that the unintended domain being observed by typosquatters is actually the country code belonging to Oman.
The URL hijacking technique called Typosquatting leads you to a pop-up warning suggesting to update your Flash player, which may potentially trick you into downloading to the latest version of malware instead. According to the Coalition Against Domain Name Abuse (CADNA), there are not enough resources to legally protect brand owners sufficiently. [link]
All these hacking techniques are variations of popular hacking techniques we’ve seen within the cyber security industry, but now new spin-offs of well-known strategies are being created. As the cyber security industry is constantly evolving, it’s important to stay aware of these new methods and prevent hackers from compromising our eBusinesses and data.