Cybercrime rising across Africa’s financial sector

Incidents of cybercrime continue to plague Africa’s banking sector. Regional media claim that several banking institutions are being investigated in cybercrime cases.

These investigations are said to include inquiries about illegal online transfer of funds according to a CIO East Africa report.

The report says that The Economic and Financial Crimes Commission (EFCC) in Nigeria has confirmed its investigation of certain banks for cybercrime complicity.

EFCC Chairman Ibrahim Lamorde is quoted by the publication as saying, “Several banks which allegedly had insiders conniving with the suspects are being directly investigated and cautioned on the issue.”

The issue has also impacted on Zambia. Authorities are said to be concerned over what the report describes as “the sudden rise in cybercrime that has hit the financial sector.” Police officials are said to be aware of escalating levels of cybercrime and have cited illegal online transfers and conspiracy between bank officials and outside parties as a growing problem

Read More

Special Cybercrime Unit for Kenya

As cyber-crime activities across the continent cripple business and government websites, Kenya’s Director of Public Prosecutions Keriako Tobiko announced last week that the country is taking steps to combat cyber-crime by forming a dedicated unit.

Kenya’s Director of Public Prosecutions Keriako Tobiko

Tobiko revealed that Kenya looses in excess of $23.3 million a year to cyber-crime.

“In view of the rising incidents of cyber-crime, the Office of the Director of Public Prosecutions (ODPP) has established a dedicated unit to spearhead the prosecution of cyber criminals. Kenya is losing an estimated 2 billion shillings ($23.3 million) annually through cyber-crime,” said.

He added that the ODPP would review the existing laws pertaining to the prosecution of cyber-criminals.

“In recognising that there are inadequate laws currently in place for the prosecution of cyber-crimes, the ODPP has organised a workshop to review existing laws and develop a comprehensive draft bill on cyber-crime in line with relevant international best practices,” he concluded.

Read More

ESET NOD32 Antivirus

ESET NOD32 Kenya offers the legendary ESET NOD32 antivirus at discounted rates. Get this all-round, award winning antivirus that provides fast,proactive and powerful detection.

ESET NOD32 antivirus  protects  you from fake websites that try to acquire your personal information.   

For 1500/= Kenya shillings only, protect your PC from the ever evolving malware.

To place your order, call 0718724186 or send an email sales@esetkenya.co.ke

Read More

LinkedIn Files Lawsuit against Fake Account Creators

LinkedIn filed a lawsuit against 10 people who created thousands of abusive accounts, according to the Wall Street Journal. The action comes less than two months after security experts warned about fake recruiters enticing users of the social network with well-paid jobs.

On Monday, LinkedIn filed a lawsuit in the U.S. District Court for the Northern District of California. The social network’s representatives said they deleted the fake profiles and traced them to an account registered at cloud computing giant Amazon Web Services.

One of the fake LinkedIn profiles
was put up by an attractive,
bogus recruiter, named Annabella Erica. 

LinkedIn accused the suspects of distributing malware on computers and puffing up users’ profiles. The business-focused network said cyber-criminals violated its user agreement by creating multiple fake accounts that stole data from legitimate profiles through a method known as scraping.

“It undermines the integrity and effectiveness of LinkedIn’s platform in several ways,” court documents read. “The world’s professionals utilize LinkedIn with the expectation that its contents are accurate and its user profiles legitimate.”

Court documents show no evidence that the fake-account creators tried to break into LinkedIn systems. The filing doesn’t specify what the suspects were doing with the fake resumes, either.

LinkedIn asked Amazon Web Services for the names of the owners of the bogus accounts. The cloud computing giant did not immediately respond to a request for comment, according to the Wall Street Journal.

In November, experts warned about fake LinkedIn profiles that gather personal details and lead users to dangerous websites. Amid research into the growing number of social media scams, ESET detected several virulent campaigns that lured victims with exciting job offers from attractive female recruiters.

Read More

World of Warcraft malware

A malicious Trojan hiding in a legitimate World of Warcraft (WoW) add-on is infecting players’ accounts, according to a note by Blizzard, the game’s developer.

“We’ve been receiving reports regarding a dangerous Trojan that is being used to compromise players’ accounts even if they are using an authenticator for protection,” Blizzard says.

It seems the malware is posing as Curse, a genuine WoW add-on that can be downloaded from a fake Curse website. Once installed on the user’s computer, the Trojan takes over the player’s account.

 ”The Trojan acts in real time to do this by stealing both your account information and the authenticator password at the time you enter them,” the developer adds.

In a recent update, the company advises players to solve the problem by deleting the fake Curse Client and running scans with an antivirus solution. ESET Nod32 antivirus is up to date and removes this type of malware.

Blizzard also recommends changing account passwords regularly and downloading software only from official providers, for safety reasons.

World of Warcraft is one of the most popular multiplayer online games with over 7 million subscribers worldwide.

Read More

Nigeria’s Premium Times suffers cyber-attack

Nigeria’s Premium Times news website was hit by a cyber-attack over the weekend, leaving many readers and internet users confused as to why they couldn’t access the website.

Nigeria’s Premium Times news website was hit by a cyber-attack
over the weekend 

“Visitors to the Premium Times site struggled in vain early Sunday January 5 to access our news platform, premiumtimesng.com. The one-word report that the site had been “blocked” was the depressing information, which alerted them that we had come under a ferocious and hostile cyber-attack, a process, which actually started Friday January 3,” the site said in a statement.

The website explains that they were able to perform the necessary recovery procedures, which lasted almost 9 hours. “After a drenching 9-hour recovery operation which brought together wonderful minds across three continents, we were finally able to restore hope and keep the site alive again. We thank thousands of worried readers and colleagues who saw the vivid outlines of a nefarious and sponsored plot against the media and free expression in this onslaught directed at Premium Times.”

Editor in Chief of Premium Times, Dapo Olorunyomi, said “we may have succeeded in fending off the wild wolves for a while, but it is typical and in the nature of the beast to return in greed.”

“What is at stake is not the publishing rights of a newspaper but the fate of democracy, an accountable polity, and the possibility of an open and transparent society” Olorunyomi said, urging Nigerians to sacrifice all they have to retain an independent, pluralist, and ethical media.

Read More

A Cybersecurity New Year’s Resolution: Simplify Security

With the closing of another year, we look ahead to 2014 and many of us turn our attention to New Year’s resolutions. Losing weight, quitting smoking or getting fitare all popular goals. But as our lives become more complex and harried, one resolution that I hear with increasing frequency is: I want to simplify my life.

Many of the world’s greatest thinkers have touted the virtues of simplicity:

Simplicity is the ultimate sophistication. – Leonard da Vinci

Our life is frittered away by detail…Simplify, simplify. – Henry Thoreau

Life is really simple, but we insist on making it complicated. – Confucius

And this got me thinking about simplifying security. Cybersecurity is becoming so complicated that you could argue that complexity is one of our biggest security challenges. The evolving trends of mobility, bring-your-own-device (BYOD), cloud computing and advanced targeted attacks are driving this complexity. Today’s networks go beyond traditional walls and include data centers, endpoints, virtual and mobile. These networks and their components constantly evolve and spawn new attack vectors including: mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers and home computers.

As threats and our IT environments have become increasingly sophisticated, they’ve collided with traditional security methods that have not followed suit. Is it possible to simplify security yet increase its ‘sophistication’?

Most organizations attempt to secure these extended networks with disparate technologies that don’t – and can’t – work together. Not only are these structures difficult to manage but theycreate security gaps sophisticated attackers exploit with methodical approaches that leverage time, patience and nearly imperceptible indicators of compromise to accomplish their mission.We find ourselves ‘frittering away’ too many resources manually managing more and more security tools,yet breaches happen and go undiscovered for much too long.

As a cybersecurity professional, if you’d like to make a New Year’s resolution to simplify your approach to security while enhancing your defenses, youneed a new model that is threat-centric – meaning focused on the threats themselves versus merely policy or controls. It must provide broad coverage across all potential attack vectors, rapidly adjust to and learn from new attack methods, and implement that intelligence back into the infrastructure after each attack.

Technologies that incorporate the following capabilities can help simplify security.

Visibility:To harness local and global intelligence with the right context to make informed decisions and take immediate actions. This requires the ability to tap into the power of big data analytics for better insights; open interfaces to visibility tools and real-time vulnerability-based research to proactively identify and respond to threats anywhere and anytime; and an open architecture for transparency.

Control: To consistently enforce policies across the entire network and accelerate threat detection and response. This requires anenterprise security architecture to enable unified, automated enforcement of polices from the data center, to the cloud, to the endpoint; enterprise-class, integrated policy and event management for more consistent control and better visibility into security devices; and open interfaces to control platforms to eliminate security gaps and complexities of point solutions.

Advanced Threat Protection: To detect, understand and stop targeted malware and advanced persistent threats across the entire attack continuum. This requires threat protection across the entire organization, from network to endpoint, from mobile to virtual and from email to web; and pervasive protection before, during and after attack, across more attack vectors and points of vulnerability.

Flexibility:To deploy security in a way that best fits and adapts to your changing environment. This requires it to be available in multiple form factors – physical, virtual, cloud and services depending on your business model; and open APIs to manage and support existing and evolving security infrastructure.

You can’t afford to leave gaps in protection that today’s sophisticated attackers exploit. At the same time, you can’t keep adding disparate security solutions that don’t work together.With technologies that enable visibility, control, advanced threat protection and flexibility,it is possible to simplify securityand increase effectiveness. We no longer need to ‘insist’ that security must be complex. Instead, we can simplify.

Read More

Could new malware steal data from INSIDE your SD card?

Two researchers have demonstrated an attack that could allow malware to alter and steal data direct from MicroSD cards, using tiny microcontrollers on the cards themselves. The attack could be used to copy or steal data – and even modify sensitive data such as encryption keys.

Even cards that have, in theory, been ‘erased’ could carry such malware, independent researchers Andrew “bunnie” Huang and Sean “xobs” Cross warned in a talk and blog post this week, and say that in high-sensitivity environments, the best way to dispose of such cards is with a “mortar and pestle”.

In a video demonstration, they describe the vulnerability, which could allow attackers access to “keys” used to access sensitive data, as perfect for “man in the middle” attacks. “Man in the middle” attacks intercept or alter data as it is transmitted, for instance by working within internet browser software, and are used in malware such as the advanced banking Trojan Hesperbot, analyzed by ESET researcher Robert Lipovsky here.

The researchers, who unveiled their technique at the Chaos Computer Congress in Berlin,say that the attack may well be possible against the solid-state drives increasingly used as a replacement for hard drives in PCs, or against the embedded memory in mobile devices such as smartphones, according to CNET’s report.

“Some SD cards contain vulnerabilities that allow arbitrary code execution — on the memory card itself,” the researchers write. “On the dark side, code execution on the memory card enables a class of MITM (man-in-the-middle) attacks, where the card seems to be behaving one way, but in fact it does something else.”

The researchers claim that current memory cards are so riddled with errors that each ships with a microcontroller – and on some models, it is possible to force this controller to execute code. The controllers are put in place to manage the fact that flash memory is “riddled with defects” – the downside of such cheap, portable storage.

“Flash memory is really cheap. So cheap, in fact, that it’s too good to be true. In reality, all flash memory is riddled with defects — without exception. The illusion of a contiguous, reliable storage media is crafted

through sophisticated error correction and bad block management functions,” the researchers say.

This means that every “managed flash” device – including, the researchers claim, “microSD, SD, MMC as well as the eMMC and iNAND devices typically soldered onto the mainboards of smartphones and used to store the OS and other private user data,” has a microcontroller that can be subverted, and that “similar classes of vulnerabilities exist in related devices, such as USB flash drives and SSDs.”

“Even the diminutive microSD card contains not one, but at least two chips — a controller, and at least one flash chip (high density cards will stack multiple flash die).” The vulnerability comes due to the fact that manufacturers need to update code on these controllers, according to Boy Genius Report.

“In some cases, the microcontroller and its firmware are not secured,” the site reported, “Hackers who knew how to take advantage of this series of flaws… would be able to replace the default firmware on the microcontroller with malware.”

The researchers demonstrated an attack against two models of Apppotech SD card which would allow a simple sequence of commands to ‘force’ the card to run the next 512 bytes of information it received as code – enough, the researchers say, to take over the card and run programmes of their own.

“From the security perspective, our findings indicate that even though memory cards look inert, they run a body of code that can be modified to perform a class of MITM attacks that could be difficult to detect; there is no standard protocol or method to inspect and attest to the contents of the code running on the memory card’s microcontroller,” the researchers say.

“Those in high-risk, high-sensitivity situations should assume that a “secure-erase” of a card is insufficient to guarantee the complete erasure of sensitive data. Therefore, it’s recommended to dispose of memory cards through total physical destruction (e.g., grind it up with a mortar and pestle).”

Read More

12 tips to toughen up your new Android device for the real world

If you’re one of the lucky ones who unwrapped a Google Nexus tablet or one of Samsung’s army of different-sized Androids, congratulations – but there are a few sensible steps to take before taking that device into the ‘real world’, especially if you intend to use it for work.

There have been many scare stories about Android this year, often relating to malware targeting the OS – some rather overstated, but many, sadly close to the truth.

ESET’s Annual Threat Trends Predictions report for 2014 found that detections of Android malware have increased 63% from 2012 to 2013 – with new strains of malware posing serious threats, such as Trojans targeting  online banking apps. Previous generations of phone malware often merely ran up bills using premium SMS numbers, or assaulted users with unwanted adverts.

If you’re a user ‘switching sides’ from an Apple iDevice, you might be alarmed – and it’s easy to feel at risk when you’re getting used to a new system. But it’s not quite as bad as it seems.

Thankfully, Android itself now offers some great built-in protection against theft and malware – including a great anti-theft system quietly rolled out by Google to many Android users.

Downloading free AV software such as ESET’s Mobile Security and Antivirus is a great way to ensure your device – and your data – are safe, but our tips should help even novices get the most out of their new Androids, and ensure that even if the worst happens, and a cellphone is stolen, the data on it will remain safe.

Once it’s started up, lock it down

Various Android devices from different manufacturers offer their own different security systems built in, but the really bulletproof ones are Google’s, and common to all up-to-date Android devices – the most basic one is getting a screen lock in place, and it’s common to every model. Do this before you take your device anywhere. Head to Settings > Security > Screen Lock. On new devices, you’ll usually get a choice of pattern, PIN, or password. A pattern’s less secure than a PIN, and a password is your best choice. If you’re using your tablet or smartphone for business, be extra careful. Talk to your IT department, and read our guide to encrypting data on Android here.

While you’re at it, double-lock the important stuff
If someone does crack your code (sometimes possible simply by turning a handset sideways and looking for greasy finger marks – which is why choosing a pattern code can be risky), you can add another line of defense by locking individual apps – a very sensible step, and the reason that the excellent, free App Lock is, its makers claim, the most-downloaded app on Google’s Play Store.

App lock lets you create a PIN which locks important apps – your email, Dropbox, or anything else which could hand data to cybercriminals. Better still, App Lock is pretty good at defending itself – it has mechanisms to ensure it can’t be uninstalled unless you have the PIN. 

If you share ANY devices, be careful with Google Now

Google’s Now service can be accessed on Android via either a swipe up from the bottom of the screen, or via a Google Search box on screen, depending on which make of Android you choose – offering “predictive search” – ie guessing information you might need, based on your habits. Used carefully, it’s great – offering reminders of flights you have to catch (culled from Gmail), and traffic conditions on your commute (based on GPS data harvested by the handset).

But while the ‘predictive’ search experience adds a lot to Android, it can also give a lot away. Any device signed in to the same Google account – ie a tablet you share at home – will ‘know’ whatever information you opt to share with Now, including potential privacy minefields such as your web search history. Thankfully, you can tailor how it works for you from Now, or from Google’s dashboard page – do so carefully.

Taking your phone to work? Talk to IT first

The trend for workers “bringing their own devices” to work is increasing year-on-year – but your boss, and your IT department will thank you if you ask first. Around 30-40% of devices in workplaces fly “under the radar”, according to former vice-president of security body ISACA Rolf von Roessing, who warned that workplaces faced a “tidal wave” of threats unless users were educated about risks, as reported by We Live Security here.

If you’re taking your own phone to work, ask your IT department for advice – and remember that even an email ‘Sent’ box can contain information invaluable to a criminal looking to penetrate a company network. Your boss will thank you if you’re open about using your own smartphone in the workplace – or even for working from home. Our in-depth guide to bringing devices to work – and not bringing disasters with them – can be found here.

Lost it already? Don’t panic!

Despite frequent malware attacks – and an official app store that is still home to thousands of malicious and spammy apps – Google offers a pretty decent selection of security features built in – including a location tracker, which can help find a lost device, even if it’s just down the back of the sofa.

Visit  Google’s Android Device Manager page to activate it, while logged into your Google account, and you’ll be able to force a device on silent mode to ring, remote-lock a device, and view its location on a map. If you own several Androids, you’ll be able to see them all. More advanced protection is offered by AV programs such as ESET’s Mobile Security and Antivirus, but Google’s own, rolled out quietly to any users of Android 2.2 and above last autumn, is a good first stop.

Keeping sensitive info on your smartphone? Don’t store it on a removable SD card

If you are keeping sensitive information on your phone – you really shouldn’t, if at all possible – don’t keep it on a removable SD card. This makes it easier for attackers to access data. If, for instance, your photos include an image of your credit card or passport, don’t store them in external memory.  

Ensure anything you want to keep safe is stored in your device’s internal memory, and protect this using a strong password. Google’s Android Device Manager page offers useful options to wipe data remotely if a phone is stolen – and AV apps such as ESET’s Mobile Security and Antivirus  offer more options for users who have lost a handset, including playing sounds and remotely locking devices (with built-in password protection so criminals can’t disable the anti-theft functions.

 Encrypting your phone WILL slow it down – but keep your data safe

Encrypting your device – so that all data on board is PIN-protected – isn’t for everyone – it will slow your device down, which can be painful if you’ve just unwrapped a top-of-the-range smartphone. But if you are carrying work information on it, it’s a good way to ensure sensitive data is safe, even if the device falls into the wrong hands. 

Thankfully, it’s easy to encrypt your device in Android’s own settings menu – Settings/Security/Encryption – in an option available since  Android Gingerbread 2.3.4. Choose Encrypt Device and Encrypt External SD Card, then wait while the device crunches your data (this takes a while). After that point, your data is PIN-protected. This will slow your device, though.

A more detailed We Live Security guide to encryption – on mobile and PC – can be found here, with explanations of when and why you might want to encrypt data.

 Google’s Play store isn’t perfect – but it’s FAR safer than most ‘unofficial’ stores
For ‘defectors’ moving from iOS to Android, the fact that malicious and spammy apps sneak into Google’s official Play store may be a shock – unlike Apple’s App Store, there is not an approval process, so ‘bad’ apps can sneak onto Play.

Play, though, remains a far safer place to shop than unofficial stores – or bogus ‘review’ sites offering free apps.  Google removes ‘bad’ apps once users complain – but some lurk around for quite a while. Watch out for close-but-not-quite clones of popular apps and games – a classic trick – and in general, think like you are shopping on eBay (ie does the developer sound legitimate? What do the reviews say?).

Most apps on Play, though, ARE safe – if you follow our detailed guide to being a happy app-y shopper here. But the most crucial oogle Play, Amazon’s App Store and GetJar, you will be much safer – although “bad” apps can still sneak into those.

Don’t feel you HAVE to root your Android

For many tech-savvy phone users, the chance to ‘root’ an Android device – gain root access to the phone’s OS, which allows users to, among other things, uninstall all the unwanted apps with which Samsung and other phone makers routinely bloat their devices. There are dozens of tutorials on how to root devices online, and many Android forums make it seem like a “first step” for users, allowing Android fans to run apps which require root access, such as firewalls – normally blocked by the OS.

But rooting a phone opens users up to new risks – and cuts off many of the protections built into Android itself. It will also severely annoy your employer, if the handset happens to be a work one. Malicious apps with root access can cause far more damage than normal ones – and the unofficial app markets where apps for rooted devices are traded are filled with malware, sometimes disguised as popular apps.

“Free” versions of the predictive text app Swiftkey appeared on pirate sites – infecting users foolish enough to download with a keylogger which took note of every keystroke in Swiftkey, with the goal of stealing data.

Read the “permissions” screen EVERY time you install an app

Most computer users are pretty impatient while shopping – and used to skipping straight past huge legal documents without reading a word – but while Android’s App Permissions page looks boring, it’s THE single most important defense built into the system.

 “Bad” apps will request access to and control over huge amounts of your Android’s functions – such as reading all network communications, or sending SMS messages – if an app has a huge list of Permissions, it’s an “alarm bells” moment. Why WOULD a screensaver need to send SMS? Our detailed guide to safe Android app shopping can be found here.

Don’t EVER install a banking app from a link

Governments around the world have warned of the risk to consumers from ‘fake’ banking apps – either delivered on their own, or as part of an attack against a PC, where the malware attempts to fool users into downloading the fake app by delivering messages through bogus bank sites.

An increasing number of PC Trojans target Android devices with fake banking apps – with several families of banking malware  such as Qadars, reported by We Live Security here attempting to fool users into installing malicious apps via their PC’s browser – aiming to bypass two-factor authentication systems used by banking sites.

Banking Trojan Hesperbot, discovered by ESET and reported here uses a malicious webpage to instruct users to enter their cellphone number and make, and attempts to install a malicious app that bypasses security systems. Your bank will NEVER distribute apps in this way – instead, download your bank’s app from Google’s Play, and ensure yours is up to date. . “ESET products like ESET Smart Security and ESET Mobile Security protect against this malware,” says Robert Lipovsky, ESET malware researcher who leads the team analyzing this threat.

Paying for something with your phone? Be VERY careful

Up-to-date Androids such as Samsung’s Galaxy S4 and HTC’s One ship with an NFC (Near Field Communication) chip – a new technology designed to transmit data over short distances, and used in some countries, such as Chile, as a tap-to-pay system in stores. But point-of-sale terminals have become an increasing target for cybercriminals – as witness these We Live Security reports - and ESET researchers warn that NFC payment systems could become a target for cybercriminals this year.

In this year’s Annual Threat Trends Predictions 2014 report, ESET researchers wrote, “Any technology used for bank transfers is a potential target of computer attacks. As this means of payment becomes more popularly used, malicious code may appear to steal information relating to these transactions.” Be cautious about any means of storing money on your phone – such as Bitcoin wallets – or paying direct via NFC.

Read More