Security News

Facebook shuts down facial recognition

Plus, scan your eyes for Worldcoin, and watch what you rent on Craigslist

“In the coming weeks, Meta will shut down the Face Recognition system on Facebook as part of a company-wide move to limit the use of facial recognition in our products,” wrote Meta VP of Artificial Intelligence Jerome Pesenti in a blog post this week. Meta, the new name for Mark Zuckerberg’s company as of late October, will phase out the facial rec tech used on the social media platform over the next few weeks and will delete over a billion users’ facial rec templates. Pesenti cites “growing societal concerns” and the lack of AI regulation as reasons for the company’s sudden turnaround on facial recognition. “This move is probably not related to protecting users' privacy,” commented Avast’s Luis Corrons. “It most likely just doesn't fit in with their business plans anymore. Maybe the fact that we won't be using our real faces in the metaverse they are designing has had an influence too.” 

While Meta is dialing down the facial rec used on Facebook, the company does plan to continue developing the tech for identity verification. “We believe facial recognition can help for products like these with privacy, transparency and control in place,” wrote Pesenti, “so you decide if and how your face is used. We will continue working on these technologies and engaging outside experts.” For more, go to CNN Business

Scan your eyes for free Worldcoin cryptocurrency 

In an ambitious project aimed at giving out free cryptocurrency to 1 billion people over the next two years, Worldcoin has distributed about 30 iris-scanning devices called “orbs” to 12 countries in South America, Africa, Europe, and Asia. The orbs take photos of users’ eyes and convert them into individual codes that can then be used to claim the free digital tokens. Worldcoin has not said how much money each new user will receive, but the plan is to deliver hundreds more in the immediate future, slowly building up to distributing 4,000 orbs every month. For more on this story, see Ars Technica.

FBI says ransomware gangs look for mergers and acquisitions  

In a notification released this week, the FBI warned private industries that ransomware gangs were increasingly targeting companies “involved in significant, time-sensitive financial events” such as mergers and acquisitions. After infecting the companies with malware, these gangs perform initial reconnaissance to find non-publicly available information in the company’s files. Then, the gangs use that information as leverage to get the victim to pay, threatening to make the data public which would in turn hurt the oncoming merger or acquisition. For more, see ZDNet.

Two individuals sentenced for providing bulletproof hosting

The U.S. Department of Justice reported that two Eastern European men were sentenced in Michigan for providing bulletproof hosting to cybercriminals. Bulletproof hosting services are servers that allow clients to engage in illegal activities like Magecart attacks and other cyberattacks. “Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said Special Agent Timothy Waters of the FBI’s Detroit Field Office. Pavel Stassi, 30, of Estonia was sentenced to 24 months in prison, and Aleksandr Skorodumov, 33, of Lithuania was sentenced to 48 months. 

Scammers lie in wait on Craigslist vacation rentals

After an eager young couple showed up at her door claiming to have rented her home on Craigslist, Valerie Kumra of Bodega Bay, California checked the popular classified ad site and found her house and many others she recognized in the neighborhood wrongly listed for rent. Scammers had pulled photos from other sites like Zillow or Vrbo to create phony rental ads where they would require prospective renters to pay by bank transfer. Since that night, Valerie has scanned Craigslist at least once a week to flag false ads. “I will never stop,” she said. “It’s a justice issue.” Read the whole story at SFGATE

This week’s ‘must-read’ on The Avast Blog

Avast researcher Jakub Vavra recently found fraudulent sites posing as national postal service sites in Germany, Austria, the UK, Belarus, Czech Republic, Russia, and Slovakia, as well as retail shops from the Ukraine and Russia. So how do people end up downloading fleeceware apps in the first place? Read up as we shed more light on the problem and answer this question.