Eshield business Risk Control Weekly reports security technologies and events worth attention every week, including but not limited to content security, mobile security, business security and network security, to help enterprises enhance vigilance and avoid these seemingly small but actually large security risks that affect the healthy development of business.
According to a report by Xinhua New Media on July 8, 2018, Shandong province recently cracked a huge case of infringing citizens’ personal information. A total of 57 suspects were arrested, 11 companies involved were destroyed, and 4000GB of citizens’ personal information data were seized, amounting to tens of billions of pieces.
According to the investigation, the data hall (831428.OC), a well-known enterprise in the big data industry involved in the case, transmitted more than 130 million pieces of citizens’ personal information on an average day in 8 months, and the cumulative transmitted data was about 4000GB after compression, with tens of billions of pieces of citizens’ personal information, a huge amount of data.
2. Cryptocurrency fraud losses could hit $3 billion by the end of 2018
According to CCN, cryptocurrency scams are on the rise. At a recent U.S. Federal Trade Commission symposium called “Decrypting Crypto Fraud,” it was revealed that consumers lost about $542 million in crypto-related fraud in the first two months of this year. That figure will reach $3 billion by the end of 2018, according to Andrew Smith, director of the FTC’s Bureau of Consumer Protection.
3. The police cracked a major plug-in case involving more than 50 million yuan in PUBG
According to the official account of pubG, nanjing police arrested 141 suspects involved in the country’s largest online game gang, involving more than 50 million yuan.
Pubg’s official account explains the details of the case:
In March this year, Tencent Guardian project security team reported to Nanjing Network security detachment, someone openly selling "PUBG" game plug-ins, seriously undermining the fairness of the game. After initial investigation, the gang operating more than 10 kinds of plug-ins, online players to sell plug-ins "card secret", profit of tens of thousands of yuan a day. Nanjing network security detachment in conjunction with the relevant branch, through the online mining operation, to find out the game plugins of the interests of the "industrial black chain", to find out the identity of more than 100 involved personnel, criminal activities and so on.Copy the codeApril 22 to 26, Nanjing network security detachment mobilized more than 200 police officers, distributed to Beijing, Shanghai, Shandong, Zhejiang and other more than 20 provinces and cities to carry out the arrest operation, the successful arrest of 141 suspects (including 3 plug-in author, 4 card), Seized nearly 200 mobile phones, computers and other items involved, more than 20,000 plug-in program cards, destroyed 6 criminal studios, involving the most popular plug-in software on the market, such as Freezing Point, Angel, TOX, Revenge, Eagle Eye, Purple Dragon, Leaf, Caesar, BATE and so on.
4. Smart voice banking is coming to life and could become a new target for hackers
Bank of America is introducing smart voice banking, a service that can be used to check your account balance, pay a credit card bill or make a mortgage payment via your mobile phone. It will soon be able to transfer money. But because it involves user privacy, it is easy to become the target of hacker attack.
5. Japan sentences the country’s first malware mining case to one year in prison
According to The Japanese daily ほ Umeishu Helicopter UN, Japan has just declared the first case in the country — and perhaps the world — of malicious use of someone else’s computer to mine coal.
Unari Yasuda, 24, an unemployed man from Nizaki city, Kundawa, inserted mining codes into a game cheat program and posted the software on his blog for download. The users of the program would unknowingly mine for Yasuda. By the time it was discovered, the app had been downloaded 90 times, making Yasuda a profit of 5,000 yen.
6. An Israeli exchange was hacked and $13.5 million in virtual currency was stolen
Bancor, an Israeli cryptocurrency exchange, says a criminal stole $13.5 million worth of virtual currency, mostly Ether, from the company. Using emergency agreements, the company managed to freeze another $10 million in Bancor tokens — also known as BNT — limiting the damage from the theft. It said the theft occurred in a wallet used for part of the contract, and investigators were still determining the details of the incident.
7. Over 30,000 websites have built-in mining codes
According to Block Beats, 2.2% of the top 10,000 websites in the world have malicious mining code. As of July 9, more than 30,000 websites have built-in mining codes. As long as users open the website for browsing and other operations, relevant codes will call device resources for mining.
According to Adguard, 500 million computers around the world have been kidnapped to mine.
When browsing the website for mining, the computer or mobile phone will be inexplicably hot, so, when their own devices often appear in this case, you have to think about whether it will be browsing the website there is a problem.
8. Well-known compression software “fast pressure” spread viruses and a number of rogue software, hijacking traffic
Trojan/StartPage. Ff, a popular compression software, is spreading a Trojan that hijacks the home pages of browsers on infected computers, the Tinder security team has discovered. In addition, “quick pressure” itself also exists rogue behavior: pop-up ads, automatically create desktop shortcuts, but also promote “little black Notepad”, “ABC view” and other rogue software. Through querying the enterprise registration information, it was found that although “quick pressure” is a product of Shanghai Guangle Network Technology Co., LTD., “little black Notepad” and “ABC Kantu” are products of Shanghai Zhanmeng Network Technology Co., LTD., the legal person information and registered email address of the two companies are the same, or the same team. Due to the domestic major download station to provide “fast pressure” software download, the spread of a very wide range.
9. 12 people detained by police after e-commerce companies hired “hackers” to attack rival websites
Recently, the Public Security Bureau of Nantong city, Jiangsu Province, cracked a series of traffic attacks on e-commerce websites supervised by the Ministry of Public Security, controlled 12 suspects including Li and seized 36 criminal tools such as computers and mobile phones during the special operation of “Net 2018”, which was launched to crack down on online crimes. The gang made money by taking orders over the Internet and launching attacks that disrupted e-commerce websites and trading platforms. According to the Criminal Law, anyone who, in violation of state regulations, deletes, modifies, increases or interferes with the functions of the computer information system, thus causing the normal operation of the computer information system, if the consequences are serious, shall be sentenced to fixed-term imprisonment of not more than five years or criminal detention; If the consequences are especially serious, he shall be sentenced to fixed-term imprisonment of not less than five years.