It’s been a week into 2018, and here we have four major cyber security breaches.
From Aadhaar details getting compromised to fake apps stealing banking data, 2018 has presented us with four large scale cyber attacks which potentially affect millions, even billions of people.
Here’s a quick read of the 4 attacks…….
Aadhaar data access
Just Rs. 500 for unrestricted access to Aadhaar details
Although the authorities have been claiming over the fact that all Aadhaar data is safe and secure despite all the controversies that were going on. All it took was to pay 500 rupees through Paytm and in 10 minutes you would get all the details. The Tribune was the first to report this through their investigation. One of their own journalist anonymously contacted the person who sold the data illegally and bought it to light.
After Rs. 500 was transferred to them via Paytm, they created an ID for the client, which allowed unrestricted access to the Aadhaar portal.
But that’s not all. For another Rs. 300, the racketeers also let the client print Aadhaar cards. They installed software on the client’s computer while accessing it remotely. Once the job was done, they made sure to delete the software drivers completely from the system.
Android trojan steals banking login data
Quick Heal labs recently reported that an Android malware which could steal banking details of 232 banking apps including SBI, Axis Bank, ICICI, HDFC and few crypto-currency apps too.
Known as Android.banker.A2f8a, the malware is being distributed via a fake Flash Player app on third party stores.
It has the potential of stealing personal data, intercepting SMS which contain OTPs, stealing contacts and tricks users into giving up login details.
It uses the android’s screen overlay mechanism and also shows fake notifications of banking apps and tries to capture login data.
Meltdown and Spectre
Researchers find security flaws in modern chips
Researchers with Google’s Project Zero, along with academic and industry researchers, discovered two security flaws in modern microchips which puts almost all phones and computers at risk.
Meltdown affects Intel chips and has the potential to let hackers read the kernel memory and steal passwords.
This led to a raise in competitors market share, but did not last too long.
Spectre a second major chip vulnerability affects Intel, AMD, and ARM chips, lets hackers steal information from apps.
Now all chip manufacturers will have a tough time this year!
Fake Uber app steals user’s Uber ID and password
Although Uber did not suffer much, researchers at Symantec discovered a fake Uber app for Android smartphones.
The app shows users a mock-up version of Uber’s service which attempts to steal information by asking for users’ Uber IDs and passwords.
Later, the fake app tried to cover its tracks – it started showing screens of the legitimate Uber app with a user’s location.