In the news this week …
Nintendo Owners: Secure Your Account!
Nintendo Switch owners are being urged to secure their accounts following a wave of fraudulent attacks. Hackers have been logging into Nintendo users’ accounts, often using a linked PayPal account to make expensive purchases.
Several reports say the number of attacks has increased in recent weeks. One staff member at gaming site Eurogamer had their account accessed, the website reported, as did another at Ars Technica.
While Nintendo has not directly addressed the reported increase in attacks, it has tweeted encouraging users to add two-factor authentication (2FA) to their account. That can be done in the settings page of an account in seconds.
Administrators of the Nintendo forum on Reddit also said there had been a “notable” number of reports in the past few days.
Lisa Forte of Red Goat Cyber Security said:
This is incredibly concerning for Nintendo users, …Passwords, for any account, are not the most secure way of signing in. It is essential for users to enable 2FA to make their accounts more secure.
Source & full story: BBC News
Mystery Hacker Returns $25m in Crypto-Currencies
An unknown hacker stole $25m (£20m) in crypto-currencies before returning the funds 48 hours later.
Records reveal that funds in several crypto-currencies were withdrawn from the china-based DForce platform.
$10 million was taken in Ethereum alone, while a further $10m was taken in digital coins linked to the US dollar and $4m in other coins.
Roughly the same amount has now been returned – although in a different mix of crypto-currencies.
DForce is an online service that allows users to make crypto-currency transactions with one another.
Shortly after last Sunday’s attack DForce founder Mindao Yang wrote in a blog:
“The hackers have attempted to contact us and we intend to enter into discussions with them, …This attack not only harmed our users, our partners, and my co-founders, but also me personally. My assets were stolen in this attack, too,
Source & full story: BBC News
Abuse Footage Sharers Target Zoom meetings
Investigations have commenced after at least three Zoom meetings were infiltrated by people sharing video footage of children being sexually abused.
The latest incident occurred last Tuesday during a legal education seminar on the video conferencing platform.
A law lecturer, who was a guest speaker at the online event, said his computer screen was “overtaken” by “incredibly distressing” footage.
Zoom said it was “looking into” what had happened. A company spokesperson said:
These incidents are truly devastating and appalling, and our user policies explicitly prohibit any obscene, indecent, illegal or violent activity or content on the platform. …Zoom strongly condemns such behaviour and recently updated several features to help our users more easily protect their meetings.
The case has been referred to the Child Exploitation and Online Protection Centre, which is part of the National Crime Agency (NCA).
Source & full story: BBC News
iPhone Risk of Hacking via Email App
A bug in Apple’s mobile operating system iOS may have rendered millions of iPad and iPhone users vulnerable to attack by hackers.
Mobile security firm ZecOps reoprted a flaw in Apple’s eMail app making devices susceptible to sophisticated cyber-attacks.
Apple said it had “high confidence” the bug has been used to exploited at least six high-profile victims. A spokesperson for the company told Reuters a fix would be available in upcoming software updates.
In a statement, Apple said:
We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.
ZecOps reported the bug to Apple in March. The tech giant had not previously known about the issue.
To exploit this flaw, hackers would send a seemingly blank message to an iPhone or iPad users Mail account – the email app on iOS devices. When the email was opened it would crash the app forcing the user to reboot. During the reboot, hackers would be able to access information on the device.
Source & full story: BBC News
Australia: Criminal Offence to use Coronavirus Tracing Data for Non-health Purposes
Australia is to make it criminal offence to use Coronavirus tracing data for non-health related purposes, Prime Minister Scott Morrison said on Friday, following privacy concerns raised by the measure.
So far, Australia has not experienced the high numbers of deaths occurred in other countries. With only 78 fatalities, thanks mostly to tough restrictions on movement, bringing daily life to a virtual standstill.
The country’s federal government has said existing “social distancing” measures will remain in place until mid-May at the very least — and its willingness to relax the rules greatly depends on whether people download the smartphone app to identify who a person with the illness has had contact with.
The tracing app, which is yet to be released, has raised concerns from legal and privacy advocates who have said the location data it collects may be used by unrelated bodies like law enforcement agencies.
Prime Minister Morrison said the government would make any use by non-health officials illegal. He added:
It will be illegal for information to go out of that data store to any other person other than that for whom the whole thing is designed, and that is to support the health worker in the state to be able to undertake the contact tracing,
Source & full story: Reuters