Subscribe

0

  • Sign in with Email

By clicking the button, I accept the Terms of Use of the service and its Privacy Policy, as well as consent to the processing of personal data.

Don’t have an account? Signup

  • Bookmarks
  • My Profile
  • Log Out
  • NEWS
  • POLICIES
  • MSME OPPORTUNITIES
  • BANKING & FINANCE
  • TECHNOLOGY FOR SMES
  • SECTORS
  • GLOBAL
  • Investment
  • LEGAL
  • KNOWLEDGE QUEST
  • Future Ready Forum 2025
  • Ek Nayi Udaan
  • Future Ready Summit 2024
  • ADVERTISE WITH US
ad_close_btn
  • News
  • Policies
  • Banking & Finance
  • MSME Opportunities
  • Web Stories
  • InFocus
  • Technology For SMEs
  • Sectors
  • Global
  • Fashion

Powered by :

You have successfully subscribed the newsletter.
Technology For SMEs Digital India

Hacking Group Caught Stealing Terabytes of Data, Tips to Stay Digitally Safe!

Humans are the weakest link in cybersecurity and hackers know that. Hence, it’s not the first time when cyber criminals have leveraged social engineering tactics to infiltrate into personal/professional lives. "Your security is in your own hands and you should be cautious with which messages, websites, emails and phone calls you trust," Ankush Johar said.

author-image
Faiz Askari
21 Jan 2018 05:11 IST

Follow Us

New Update
Digital MSME Scheme, SMEStreet, Kunal Singhal, TCIL, Eazy ERP, Cloud Computing, Faiz Askari

Malicious Facebook password stealing apps found on Google play store. A global mobile espionage campaign that was in operation since 2012 was recently uncovered due to an exposed server on the open internet. This article not just unleashed such digital security threats but also advises the common digital users how to stay safe. 

According to the researchers, the espionage group was linked with Lebanese General Directorate of General Security (GDGS) and was able to collect hundreds of gigabytes of data, including personally identifiable information and intellectual property, from thousands of victims in more than 21 different countries

The espionage group dubbed Dark Caracal have targeted military personnel, medical professionals, journalists, lawyers, activists and more. The data stolen by them include call records, documents, secure messaging client content, browsing history, contact information, photos, and location data - enough information to identify a person and closely monitor his/her life.

How It works?

As strange as it may sound, the hackers did not use any advanced ways to hack into their victim’s system. Instead, the hackers used basic social engineering techniques that include sending posts on Facebook groups and WhatsApp messages, encouraging users to visit a website controlled by the hackers and application permissions.

Once tricked into landing on the malicious websites, the victims were served fake updates to secure messenger apps, including WhatsApp, Signal, Threema Telegram, and Orbot (an open source Tor client for Android), which eventually downloaded the Dark Caracal malware, dubbed Pallas, on targets' mobile devices.

Pallas is a malware that's capable of taking photographs, stealing data, spying on communications apps, recording video and audio, acquiring location data, and stealing text messages, including two-factor authentication codes.

Read More:

https://motherboard.vice.com/en_us/article/gyw3n9/lebanese-government-hackers-hit-thousands-of-victims-with-incredibly-simple-campaign

http://www.ibtimes.co.uk/dark-caracal-hackers-spied-targets-over-21-countries-stole-hundreds-gigabytes-data-1655838

Experts Opion for Your Digital Security

Ankush Johar, Director at Infosec Ventures - an organisation that provides complete infrastructure security solutions for commercial and government clients of all sizes suggested that, in the modern era, mobile phones have become not only the most used digital equipment but a virtual organ of every user in the absence of which, most of us will have a hard time surviving.

"Your smartphone is basically a blueprint of you and your behaviours. It holds each an every detail of your day to day activity, be it access to your social media account, the log of places you’ve been and regularly visit, people in your life, how important they are or even your extremely personal information such as your identification tokens like biometrics and private conversations and digital media. it’s all there," says Johar.

Humans are the weakest link in cybersecurity and hackers know that. Hence, it’s not the first time when cyber criminals have leveraged social engineering tactics to infiltrate into personal/professional lives. "Your security is in your own hands and you should be cautious with which messages, websites, emails and phone calls you trust," he said.

If a hacker manages to gain access of the device he/she can access your messages, photographs, documents, contacts, email, social media accounts,  mobile wallets, bank account details the log of places you’ve been - in short, everything that if misused can destroy you financially as well as socially.

Tips to stay Safe!

Here are some following tips that should help you keep your mobile device secure :

  • Always check what all permission the app requires the users to allow before installation. Stay cautious with permissions that don't seem legitimate, for instance, if a calculator app wants to access your call logs or messages it is clear that the app wants unnecessary permission and can be malicious. Trust your gut!

  • Don’t download apps from unknown sources, they can be infected with data-stealing malware hidden behind a genuine looking app. Stay away from pirated apps too as they are the main source of malware.

  • Google recently launched “Google play protect”. Make sure that an application is verified by “Google Play Protect” else avoid downloading the app when using an Android device.

  • Do not enter your confidential information like bank account details, personal identifiers, OTPs, passwords etc. on arbitrary applications. Carefully verify that the application is what it is claiming to be before entering any data into it.

  • For added security, set your app store settings to “Do not allow third-party app downloads from untrusted sites.”

  • Check the number of download before installing, if the number is less than 50,000, it might not be completely safe and legitimate.

  • Check the reviews and ratings given by others users who have installed the application. If the ratings are unsatisfactory it is not preferable to download the app.

  • Think Before you click! Your security is in your own hands, if you feel something seems phishy, go with your gut and stay away from it.

 

Hacking Digital Security Data Internet safety Security Tips Facebook Hacking Group
Subscribe to our Newsletter! Be the first to get exclusive offers and the latest news
logo

Related Articles
Read the Next Article
Latest Stories
Subscribe to our Newsletter! Be the first to get exclusive offers and the latest news

Latest Stories
Latest Stories
    Powered by


    Subscribe to our Newsletter!




    Powered by
    Select Language
    English

    Share this article

    If you liked this article share it with your friends.
    they will thank you later

    Facebook
    Twitter
    Whatsapp

    Copied!