Microsoft gives us an important Patch Tuesday, a crypto-heist affects Bitcoin value, and security experts find too many Android devices at risk.
International tech company Dixons Carphone, based in the UK, has admitted it suffered a data breach which began in July 2017. The breach involved credit and debit cards for 5.9 million customers, and personal data records for 1.2 million. Fortunately, as of yet, no fraudulent payments seem to have been made with the stolen card numbers. Dixons Carphone reports that all but 100,000 of the cards were protected with chips and pins, and the stolen data did not include authentication or pin codes.
Luis Corrons, resident Avast Security Evangelist, points to the recent activation of the new GDPR rules as the mark of a new era. “The number of breaches at companies in the news is going to increase dramatically,” he predicts. “Not because there are more breaches, but because now they have to report it. Until now, most of the attacks were being hidden under the carpet.” To Corrons’ point, the UK Information Commissioner’s Office is indeed investigating why Dixons has only now reported the breach, when it began almost a year ago.
Coinrail, a relatively minor player in the cryptocurrency world, nevertheless caused major ripples in the market when it reported that it had been hacked over the weekend. Bitcoin value dropped to a two-month low as widespread concern over cryptocurrency security flared up. Cybercriminals stole approximately 30% of the exchange’s coins, and while Coinrail has not publicly stated the value of the loss, experts speculate the thieves made off with roughly $37M. While authorities investigate the hacking, Coinrail has placed the remaining 70% of their coins in cold storage, which has no direct line to the internet.
Android Debug Bridge (ADB) is a feature that allows developers to assume remote control of a device for maintenance reasons such as installing and debugging apps. It has its uses, but security watchdogs are alarmed to learn that so many companies ship their devices with this feature enabled. The problem lies in the fact that using this feature requires no authentication. Anyone who knows how to communicate to the device through port 5555 can take full control of it. The types of devices found vulnerable include DVRs, mobile phones, TV devices, and even some tankers. Security experts are calling for OEMs to be mindful of the vulnerability and take appropriate actions to secure their devices before they ship to market.
Further on the story above, thousands of Amazon Fire TV Sticks have been infected by a worm that takes advantage of the Android Debug Bridge vulnerability. The malware is called ADB.miner, and it accomplishes two damaging tasks — it converts your streaming device into a cryptomining machine and it also actively seeks out other devices to infect. The miner targets Monero, and experts believe the number of infected devices is currently somewhere between 10,000 and 100,000.
“It is critical for all of us to be aware of all the devices connected to our home networks,” Luis Corrons at Avast warns. “As long as they are switched on and connected to the internet, they become a target of cybercriminals looking for easy money.”
Corrons strongly suggests IoT owners invest in cybersecurity. “Tools like Avast Wi-Fi Inspector allow us to scan our network for any potential issues in our IoT devices so we can be protected against these kinds of attacks.” The Avast Wi-Fi Inspector feature can be found in all Avast antivirus products from 2017 onward.
Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Learn more about products that protect your digital life at avast.com. And get all the latest news on today's cyberthreats and how to beat them at blog.avast.com.
Read what Avast CEO Ondrej Vlcek believes can be a “big picture” solution for Internet of Things security vulnerability.
Find out what you need to know about the leak of a half-million security credentials for routers and Internet of Things devices.