French tax office uses AI to find swimming pools

Plus, LastPass gets hacked and a cryptojacker hides in legit apps.

Using an AI computer vision system in conjunction with Google’s cloud processing, the French tax office has identified 20,356 residential swimming pools that had previously gone undeclared. As a result, the tax office was able to bring in an additional 10 million euros in tax revenue. The AI software recognizes pools in aerial photographs and compares them to records in real estate and tax databases. The program has only been in the test phase so far, but the tax office plans to roll it out nationwide soon. It is expected to result in an additional 40 million euros in tax revenue. For more on this story, see Ars Technica

LastPass gets hacked

Password management system LastPass reported to its customers that a “recent security incident” led to an unauthorized party gaining access to some parts of the LastPass development environment. The company reported that the intruder took “portions of source code and some proprietary LastPass technical information,” but there was no evidence that any customer data or the encrypted password vaults were compromised. “Our products and services are operating normally,” the company wrote. Investigation into the incident is ongoing, and the company says it has engaged a leading cybersecurity and forensics firm to help. See ZDNet for more. 

Drummond Reed, Director, Digital Trust Services, at Avast, says, “LastPass is correct that what they call their ‘zero-knowledge’ architecture, where LastPass does not know and cannot access a customer's master password (needed to unlock their encrypted vault) is what keeps it safe from most (but not all) internal breaches.

That said, it certainly doesn't increase confidence in password managers. THAT said, using a password manager is still about 10x better security than any other option. So this should not deter anyone who has a password manager from not using it, or anyone who doesn't from getting one. We at Avast continue to work on smarter digital services that go way beyond password managers — and should make the security even stronger. But they too will never be invulnerable — no security is perfect — so it will always be a threat that the security could be broken somehow. But just as no one worries about being hit by a meteor, we need to reduce the chance to small enough that it’s not worth thinking about.

Cryptojacker hides in legit apps

Researchers have discovered a cryptojacking malware that is planted in legitimate apps and avoids detection by stealthily launching its attack in stages. Turkish-speaking software developer Nitrokod, which boasts 500,000 installs on its website, seems to be behind the campaign. Nitrokod claims to develop a host of free apps that include video and music converters, video downloaders, and music players. The multi-stage attack stretches out over weeks before the cryptojacking payload is deployed. Some of Nitrokod’s trojanized apps can be found on download sites like Softpedia and Uptodown. To learn more, see CSO

Facebook Gaming app shutting down

Meta is closing down its Facebook Gaming app on October 28 this year, just two years after it was launched. “You’ll still be able to find your games, streamers and groups when you visit Gaming in the Facebook app,” the company wrote in a tweet. Facebook did not provide the reason it is shutting down the gaming app, but the platform does rank third in popularity after Twitch and YouTube. “We want to extend our heartfelt thanks to all of you for everything you have done to build a thriving community for gamers and fans since the app first launched,” the tweet read. See more at The Verge

Agenda ransomware is customizable

A new customizable ransomware strain known as Agenda has been spotted in the wild targeting healthcare and education entities in Indonesia, Saudi Arabia, South Africa, and Thailand. The strain was written in Golang, and it has the ability to reboot systems in safe mode. It is said to provide attackers with options to tailor the payloads for each victim, as well as customize the ransom note, the encryption extension, and the list of processes targeted to terminate before commencing the encryption process. Ransom demands have varied, but the range has been between $50,000 and $800,000. For more on this story, see The Hacker News

This week’s must-read on the Avast blog 

There’s a common conception that most Millennials are super tech savvy. And while that’s at least partially true, it also means that they've likely spent the most time online in more capacities. Read up on why Millennials are the most likely to fall for online scams and what to do about it.

--> -->