Categories
Engadget

Hackers briefly swap out a page on the Trump campaign site

With less than a week to go before the US presidential election, election security is a hot-button topic, and hackers have already struck. TechCrunch and the New York Times report that the About page on DonaldJTrump.com was briefly replaced by an unknown party. Gabriel Lorenzo Greschler grabbed a screenshot and video of the hacked page. Here’s a video of it. This is when you click on the “coalitions” tab. pic.twitter.com/iqLgxNezsO — Gabriel Lorenzo Greschler (@ggreschler) October 27, 2020 In a message, it threatened to “discredit” Trump as president and said the attackers would choose to share or keep secret their incriminating data based on which option received more votes in the form of cryptocurrency sent to their accounts, as well as a supposed encryption key to verify their identity. It’s unclear how they pulled off the attack, or the seriousness of the threat, but the page was apparently up for about thirty minutes. Source linkContinue readingHackers briefly swap out a page on the Trump campaign site

Categories
Tech Radar

Emotet urges users to upgrade Microsoft Word in latest spam campaign

After disguising itself as a Windows 10 update earlier this month, the Emotet malware has now adopted a new template in which it pretends to be a message from Microsoft Office urging users to update Word in order to add a new feature. The cybercriminals behind Emotet use a variety of different lures to trick unsuspecting users into opening their malicious attachments. In the past, Emotet spam campaigns have pretended to be invoices, shipping notices, purchase orders and even information about Covid-19. All of these spam emails contain malicious Word documents that are either attached to the email itself or are downloaded by clicking on a link inside the email. Once a user opens one of these documents, they are prompted to “Enable Content” so that the malicious macros contained in the Word file will run and install the Emotet malware on a victim’s computer. To help trick unsuspecting users into enabling macros, Emotet spam campaigns use a number of different templates to create a sense of urgency. For instance, a spam email may request that a user sign off on an invoice or that they need to update their software, as is the case in this latest template. Microsoft Word upgrade In an effort to try and trick even more users, Emotet recently switched to a new template that pretends to be a message from Microsoft Office urging users to update Word in order to add a new feature. The subject of these new emails is “Upgrade your edition…Continue readingEmotet urges users to upgrade Microsoft Word in latest spam campaign

Categories
The Verge

Google says Chinese hackers who targeted Biden campaign are faking McAfee software

Google said in a new blog post that hackers linked to the Chinese government have been impersonating antivirus software McAfee to try to infect victims’ machines with malware. And, Google says, the hackers appear to be the same group that unsuccessfully targeted the presidential campaign of former Vice President Joe Biden with a phishing attack earlier this year. A similar group of hackers based in Iran had tried to target President Trump’s campaign, but also was unsuccessful. The group, which Google refers to as APT 31 (short for Advanced Persistent Threat), would email links to users which would download malware hosted on GitHub, allowing the attacker to upload and download files and execute commands. Since the group used services like GitHub and Dropbox to carry out the attacks, it made it more difficult to track them. “Every malicious piece of this attack was hosted on legitimate services, making it harder for defenders to rely on network signals for detection,” the head of Google’s Threat Analysis Group Shane Huntley wrote in the blog post. Google In the McAfee impersonation scam, the recipient of the email would be prompted to install a legitimate version of McAfee software from GitHub, while at the same time malware was installed without the user being aware. Huntley noted that whenever Google detects that a user has been the victim of a government-backed attack, it sends them a warning. The blog post doesn’t mention who was affected by APT-31’s latest attacks, but said there had been “increased…Continue readingGoogle says Chinese hackers who targeted Biden campaign are faking McAfee software

Categories
Engadget

Biden campaign says Facebook is failing to tackle election lies

Dillon adds that the campaign, as well as several other organizations, raised concerns over the post, but Facebook chose not to remove it. When the campaign contacted Facebook for an explanation as to why the video was not removed, the letter adds, the platform neglected to provide any additional detail. The only amendment the platform made was to add a content label, which Dillon says was “buried on the top right corner of the screen where many viewers will miss it.” “When we asked for a written explanation of how assertions that millions of votes will be fraudulent, that millions of others will be “cancelled,” and that the solution was to “enlist” in an “army for Trump’s election security,” could possibly be consistent with your policies that prohibit all of these claims, you provided none.” Jen O’Malley Dillon “No company that considers itself a force for good in democracy,” writes Dillon “would allow this dangerous claptrap to be spread to millions of people.” The letter goes on to cite additional posts, including from Trump Sr., that appear to delegitimize the outcome of the election or sow misinformation around the voting process. In addition, Dillon highlights the fact that the “hyperpartisan propaganda organ […] the Daily Wire is Facebook’s top web publisher” as more evidence of Facebook’s laxity.   The letter ends by suggesting that Facebook’s decision making is either biased in favor, or is being influenced by the current administration. Facebook’s critics often imply that Zuckerberg and/or VP Global Policy…Continue readingBiden campaign says Facebook is failing to tackle election lies

Categories
The Verge

Go read this story about a bizarre harassment campaign by a group of ex-eBay employees

Back in June, authorities in Massachusetts announced they were charging six former eBay employees in connection with the strange harassment campaign of a couple who ran an e-commerce newsletter. The six had sent the couple, Ina and David Steiner, online threats and abuse, and mailed a bizarre collection of items including live insects and a bloody pig face mask, all for the newsletter’s negative coverage of eBay, according to the US Attorney’s Boston office. David Streitfeld of The New York Times spoke with one of the six people charged, Veronica Zea, who said she plans to plead guilty— the charges include conspiring to commit cyberstalking and tamper with witnesses. If you thought the initial story was weird, buckle up, because this report is full of batshit details. The Steiners received a book titled “Grief Diaries: Surviving the Loss of a Spouse” and a funeral wreath. They got fly larvae and live spiders and a box of cockroaches. Copies of the September issue of “Hustler: Barely Legal” touting “eye-popping 18-year-olds” arrived at the homes of neighbors with David Steiner’s name on them. The couple had their home address doxxed, had their car followed while driving around their neighborhood, had pizzas delivered at all hours— the plot even called for Zea and her teammates to put a tracking device on the Steiners’ car (which apparently never happened). Prosecutors say the Global Security and Resiliency team, as the team of ex-eBay employees was known, planned to harass the Steiners secretly, then have eBay…Continue readingGo read this story about a bizarre harassment campaign by a group of ex-eBay employees

Categories
Engadget

Joe Biden’s campaign app had a bug that made it too easy to access voter info

While someone could get some of that same information through other means, the Vote Joe app trivialized obtaining it (among other issues, the software also doesn’t require users to verify their email). Moreover, the App Analyst found Vote Joe pulls in more data than it displays through its user interface, including what seems like a guess on TargetSmart’s part whether a person voted for the Democratic or Republican presidential candidate in a particular election.   The Biden campaign says it fixed the bug on Friday when it rolled out an update for the app. “We were made aware about how our third-party app developer was providing additional fields of information from commercially available data that was not needed,” a spokesperson for the campaign told TechCrunch. “We worked with our vendor quickly to fix the issue and remove the information. We are committed to protecting the privacy of our staff, volunteers and supporters and will always work with our vendors to do so.” Notably, the campaign’s website reveals it’s hiring a cybersecurity analyst, in addition to a cybersecurity manager. As TechCrunch notes, this isn’t the first time data from TargetSmart may have leaked online. In 2017, a cache of nearly every registered voter in Alaska, totaling approximately 600,000 individuals, was exposed through a server misconfiguration by a third-party firm that had access to the data. That information is something that state-sponsored hackers could use to sway an election. It’s also not a hypothetical threat either. Microsoft recently warned that Russia, China and…Continue readingJoe Biden’s campaign app had a bug that made it too easy to access voter info

Categories
Wired

Russia’s Fancy Bear Hackers Are Hitting US Campaign Targets Again

The Russian military intelligence hackers known as Fancy Bear or APT28 wreaked havoc on the 2016 election, breaking into the Democratic National Committee and Hillary Clinton’s campaign to publicly leak their secrets. Ever since, the cybersecurity community has been waiting for the day they would return to sow more chaos. Just in time for the 2020 election, that day has come. According to Microsoft, Fancy Bear has been ramping up its election-targeted attacks for the past full year. On Thursday, Microsoft published a blog post revealing that it has seen Russia’s Fancy Bear hackers, which Microsoft calls Strontium, targeting more than 200 organizations since September 2019. The targets include many election-adjacent organizations, according to researchers at Microsoft’s Threat Intelligence Center, including political campaigns, advocacy groups, think tanks, political parties, and political consultants serving both Republicans and Democrats. Microsoft named the German Marshall Fund of the United States and the European People’s Party as two of the hackers’ targets. The company otherwise declined to publicly name victims or say how many of the attempted intrusions had been successful, though it said that its security measures had prevented the majority of attacks. “The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated,” Microsoft’s blog post reads. “Microsoft has been monitoring these attacks and notifying targeted customers for several months, but only recently reached a point in our investigation where we can attribute the activity to Strontium with…Continue readingRussia’s Fancy Bear Hackers Are Hitting US Campaign Targets Again

Categories
The Verge

Biden campaign enlists teen’s Instagram account for online organizing

The Joe Biden campaign is taking over a popular Instagram account from a teen supporter, who built a huge following over their summer break. Formerly a fan account, @VoteJoe account will now serve as the campaign’s primary point of grassroots outreach on Instagram, supplementing Biden’s personal account. The account began as @TeamJoeBiden and launched earlier this year by a 15-year-old supporter from California. The young supporter spent their summer creating content for the account which quickly grew to over 85,000 followers. The campaign contacted the owner of the account earlier this year asking if they could acquire it and switch it over as an official campaign channel. Now, the account’s former owner will be volunteering for the campaign and will continue to make content after school alongside Biden’s Social Media and Audience Development team. “as a result of COVID, we’re having these political conversations online.” The @VoteJoe account now has over 93,000 followers as of publication. Before joining the campaign, the account largely posted quasi-official content like clips from Billie Eilish’s DNC appearance and information-based Instagram feed galleries that could easily be mistaken for official campaign messaging. Now, the campaign says it plans to use the account to boost user-generated content from Biden supporters, whether it’s videos or screenshots of tweets. The campaign is also planning Instagram stories that mirror the PowerPoint-style activism that’s grown popular on Instagram over the last few months. “What we’ve seen blowing up in places both in and outside of politics is a focus on…Continue readingBiden campaign enlists teen’s Instagram account for online organizing

Categories
Wired

Steve Bannon, a $25M Border Wall Campaign, and a GoFundMe Gone Bad

Ultimately, most donors allowed their contributions to funnel to We Build the Wall rather than accept a refund, under repeated assurances that all of their money would go directly to construction. Several hundred thousands of those dollars, prosecutors say, did not. We Build the Wall did put money toward its stated purpose, although the indictment does not specify how much. But prosecutors allege that Kolfage, Bannon, and Badolato also agreed to pay Kolfage $100,000 upfront and $20,000 per month afterward under the table. To obscure those payments, the indictment says, they routed them through a separate nonprofit that Bannon and Badolato already controlled. The first payout went through on February 11, one month after GoFundMe had first pulled the plug. Every month, like clockwork, another $20,000 was wired from We Build the Wall to Bannon’s nonprofit, and then from the nonprofit’s bank account to Kolfage. The scheme got slightly more sophisticated from there, according to court documents. The nonprofit sent payments to Kolfage’s spouse, claiming on a tax form that it was for “media.” Starting in April 2019, Kolfage’s alleged monthly salary was passed through purported We Build the Wall vendors, including a shell company incorporated by Shea. As before, We Build the Wall paid the shell company, and the shell company turned much of that money around to pay Kolfage, claiming it was for “social media” accounts and pages. Over the course of 10 months, prosecutors say, Kolfage took in over $350,000 that had been passed through friendly third-party…Continue readingSteve Bannon, a $25M Border Wall Campaign, and a GoFundMe Gone Bad

Categories
TechCrunch

Epic Games launches a campaign (and lawsuit) against Apple – TechCrunch

Epic Games is launching an all-out campaign against Apple and its App Store rules. Thursday morning, Epic Games introduced a new payment mechanic through a server side update that allowed gamers to purchase Fortnite’s in-game currency directly, allowing the app to bypass Apple’s in-app purchase framework and the substantial cut that Apple takes. Apple quickly acted in uniformly banning the app from the App Store. Apple soon released a statement: Epic enabled a feature in its app which was not reviewed or approved by Apple, and they did so with the express intent of violating the App Store guidelines regarding in-app payments that apply to every developer who sells digital goods or services. The ban was an action Epic Games was ready for. The company soon shared that they were taking legal action against Apple, alleging that they were abusing their market position, saying in part that “Apple’s removal of Fortnite is yet another example of Apple flexing its enormous power in order to impose unreasonable restraints and unlawfully maintain its 100% monopoly over the iOS In-App Payment Processing Market.” Minutes later, Epic Games broadcasted a short video inside Fortnite Party Royale, presenting a spin on Apple’s iconic “1984” commercial. On-screen text declared, “Epic Games has defied the App Store Monopoly. In retaliation, Apple is blocking Fortnite from a billion devices. Join the fight to stop 2020 from becoming ‘1984’. #FreeFortnite” Any legal action against Apple on monopolistic grounds is going to be an uphill battle given the narrow (relatively…Continue readingEpic Games launches a campaign (and lawsuit) against Apple – TechCrunch