Tech Knock

A massive malware outbreak that last week infected nearly  half a million computers  with cryptocurrency mining malware in just a few hours was caused by a backdoored version of popular BitTorrent client called  MediaGet. Dubbed  Dofoil  (also known as Smoke Loader), the malware was found dropping a cryptocurrency miner program as payload on infected Windows computers that mine Electroneum digital coins for attackers using victims' CPU cycles. Dofoil campaign that hit PCs in Russia, Turkey, and Ukraine on 6th March was discovered by Microsoft Windows Defender research department and blocked the attack before it could have done any severe damages. At the time when Windows Defender researchers detected this attack, they did not mention how the malware was delivered to such a massive audience in just 12 hours. However, after investigation Microsoft today revealed that the attackers targeted the update mechanism of MediaGet BitTorrent software to push its trojanized versi

Leaving the social network after Cambridge Analytica scandal, users discover extent of data held   Facebook said: ‘People are expressly asked if they want to give permission to upload their contacts from their phone. As users continue to delete their Facebook accounts in the wake of the  Cambridge Analytica scandal , a number are discovering that the social network holds far more data about them than they expected, including complete logs of incoming and outgoing calls and SMS messages. The #deletefacebook movement took off after the revelations that Facebook had shared with a Cambridge psychologist the personal information of 50 million users, without their explicit consent, which later ended up in the hands of the election consultancy  Cambridge Analytica . Facebook makes it hard for users to delete their accounts,  instead pushing them towards “deactivation” , which leaves all personal data on the company’s servers. When users ask to permanently delete their accounts, the

If you try to keep yourself updated with the latest developments in the technology and security world, you must be knowing about the recent Facebook-CA scandal. While most of us knew about Facebook’s relentless data collection practices, this revelation has forced many of us to raise questions and look for Facebook alternatives. Some are even looking for ways to permanently delete their Facebook account. There are many social networks, messaging apps, and news aggregation sites that you can get as a replacement of Facebook. So, let’s tell you about them in brief: Top 8 alternatives to Facebook’s website and app 1.  Vero The subscriber usage data is the bread and butter of social networks like Facebook. Vero is an option in this case as it’s based on the subscription model; so, it doesn’t show ads and collect data for the same. This fast-growing social media alternative is only app-based. They do collect your usage stats but make it available to you only to monitor how

Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data. VPN, or Virtual Private Network, is a great way to protect your daily online activities that work by encrypting your data and boosting security, as well as useful to obscure your actual IP address. While some choose VPN services for online anonymity and data security, one major reason many people use VPN is to hide their real IP addresses to bypass online censorship and access websites that are blocked by their ISPs. But what if when the VPN you thought is protecting your privacy is actually leaking your sensitive data and real location? A team of three ethical hackers hired by privacy advocate firm VPN Mentor  revealed  that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate—with millions of customers worldwide were found vulnerable to flaws that could compromise user's privacy. The team includes applicati

Security researchers have discovered a massive continuously growing malware campaign that has already infected nearly 5 million mobile devices worldwide. Dubbed  RottenSys , the malware that disguised as a 'System Wi-Fi service' app came pre-installed on millions of brand new smartphones manufactured by Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and GIONEE—added somewhere along the supply chain. All these affected devices were shipped through Tian Pai, a Hangzhou-based mobile phone distributor, but researchers are not sure if the company has direct involvement in this campaign. According to Check Point Mobile Security Team, who  uncovered  this campaign, RottenSys is an advanced piece of malware that doesn't provide any secure Wi-Fi related service but takes almost all sensitive Android permissions to enable its malicious activities. "According to our findings, the RottenSys malware began propagating in September 2016. By March 12, 2018, 4,964,460 devices