Home » Social

Exploring the Online Economy that Fuels Fake News

Posted on:June 13, 2017 at 5:00 am
Posted in:Bad Sites, Social
Author:
Trend Micro

“Fake news” was relatively unheard of last year—until the U.S. election campaign period started, during which an explosion of misinformation campaigns trended. But despite its seemingly rampant spread, fake news is just one facet of public opinion manipulation and cyber propaganda that we see today. Whether it’s a company trying to promote a brand or a political party pushing an ideal, today’s information wars are often for control of the public’s worldview.

Our latest research paper, “The Fake News Machine: How Propagandists Abuse the Internet and Manipulate the Public”, delves into this phenomenon. It also tackles how a group with means and motivations, use of social media, and online promotion tools and services can effectively spread these campaigns. These are the components of what we call the “Fake News Triangle”, which we’ve found to be the pillars of success for any fake news and public opinion manipulation campaign.

iPhone Phishing Scam Crosses Over Physical Crime

Posted on:May 4, 2017 at 7:28 pm
Posted in:Bad Sites, Social
Author:
Fernando Mercês (Senior Threat Researcher)

Last late April a friend of mine had his iPhone stolen in the streets—an unfortunately familiar occurrence in big, metropolitan areas in countries like Brazil. He managed to buy a new one, but kept the same number for convenience. Nothing appeared to be out of the ordinary at first—until he realized the thief changed his Facebook password.

Fortunately, he was able to recover and update it, as his phone number was tied to his Facebook account. But a pickpocket accessing his victim’s Facebook account is quite unusual. After all, why would a crook be interested with his victim’s Facebook account for when the goal is usually to use or sell the stolen device? It didn’t stop there; a day after, my friend curiously received a phishing SMS message on his new phone.

What’s interesting here is the blurred line between traditional felony and cybercrime—in particular, the apparent teamwork between crooks and cybercriminals that results in further—possibly more sophisticated—attacks.

Tags: Brazilian underground market iphone phishing Physical Crime

How Cyber Propaganda Influenced Politics in 2016

Posted on:January 12, 2017 at 5:00 am
Posted in:Social, Targeted Attacks
Author:
Feike Hacquebord (Senior Threat Researcher)

Throughout history, politically motivated threat actors have been interested in changing the public opinion to reach their goals. In recent years the popularity of the Internet gave these threat actors new tools. Not only do they make use of social media to spin the news, spread rumors and fake news, but they also actively hack into political organizations.

Tags: cyber propaganda Pawn Storm

Selling Online Gaming Currency: How It Makes Way for Attacks Against Enterprises

Posted on:November 23, 2016 at 3:10 am
Posted in:Bad Sites, Malware, Social
Author:Raimund Genes (Chief Technology Officer)

Offhand, companies and enterprises being affected by attacks like DDoS against the online gaming industry may be far-fetched. But the gaming industry, being a billion-dollar business with a continuously growing competitive community, is naturally bound to garner attention from cybercriminals. A recent wire fraud case, for instance, allowed a group of hackers to mine $16 million worth of coins in the hugely popular FIFA series and sell them to buyers in Europe and China. And in our research, we found that the sale of such gaming currencies sends ripples of impact to fund cybercrime operations often targeting entities however unrelated to online gaming.

Tags: cryptocurrency DDoS online gaming online gaming currency

Masque Attack Abuses iOS’s Code Signing to Spoof Apps and Bypass Privacy Protection

Posted on:October 31, 2016 at 1:00 am
Posted in:Mobile, Social, Vulnerabilities
Author:
Trend Micro

First reported in 2014, Masque Attack allowed hackers to replace a genuine app from the App Store with a malformed, enterprise-signed app that had the same Bundle Identifier (Bundle ID). Apple subsequently patched the vulnerabilities (CVE-2015-3772 and CVE-2015-3725), but while it closed a door, scammers seemed to have opened a window. Haima’s repackaged, adware-laden apps and its native helper application prove that App Store scammers are still at it.

This is in light of the significant amount of malicious and potentially unwanted iOS apps we found signed with enterprise certificates and had the same Bundle IDs as their official versions on the App Store. Delving into them, we found that Haima and other third-party app stores were pulling off their scams by abusing a feature in iOS’s code signing process to achieve data inheritance.

Tags: Haima iOS repackaged apps third-party app stores

Page 1 of 2212 › »

Business Process Compromise

Business Email Compromise

Latest Ransomware Posts

Ransomware 101

Stay Updated