New malware campaign has freelance workers in its crosshairs

24 Sep 2018

Image: Foxy burrow/Shutterstock

A new malware campaign is targeting users of freelance work platforms.

The digital age presents us with more infrastructural threats than ever and countries need to be prepared. On that note, the Irish Government announced a set of new mandatory cybersecurity requirements for critical national infrastructure at the Data Summit last week. Industries such as telecommunications, water supply and healthcare will need to comply with the principles in order to best shield themselves from cyberattacks.

Meanwhile, over in Orlando, Microsoft Ignite kicked off with a whole host of announcements, from new threat protection tools to nifty AI features to make life easier for enterprises.

Read on for a round-up of the past week’s enterprise happenings.

Malware campaign targets freelancers

Freelance services platforms such as Fiverr and Freelancer.com are the latest attack method for malware writers, according to MalwareHunterTeam. The researchers told ZDNet that a new campaign is spreading malicious files via documents disguised as work briefs and job offers.

Freelancers and other casual workers often rely on email to liaise with clients, and the dodgy messages do not appear to be suspicious. They ask the intended target to check an attached document and then get back to the attacker with a “cost and time frame”. The documents contain malicious macro-files, a common attack method. Experts recommend a real-time threat detection system for all freelancers.

Google criticised for Chrome 69 login issue

A security researcher recently claimed that any time someone using Chrome 69 logs into a Google service or site, they are also logged into Chrome-as-a-browser with that particular user account. The browser system, dubbed ‘Sync’, has been present for years, but until now it worked independently from the logged-in state of Google accounts.

Google engineers were quick to point out that the automatic login operation does not begin the process of synchronising local data to Google servers, and that a user click is required.

Despite the clarification, some experts are still unhappy. Cryptography expert and professor at Johns Hopkins University, Matthew Green, noted that Google has also redesigned the Sync account interface in a way that makes user login status less clear.

Twitter tells users their DMs may have been leaked

Twitter said that a software bug, which has since been fixed, may have exposed the direct messages (DMs) of some of its users. The firm said the bug had been active since May 2017, but it only affected around 1pc of its users. There are currently 335m monthly people active on the platform.

The company said: “We haven’t found an instance where data was sent to the incorrect party. But we can’t conclusively confirm it didn’t happen, so we’re telling potentially impacted people about the bug.” It added: “If you were potentially involved, we’ll contact you today. We’re sorry that this happened.”

Malicious bot attacks jump 30pc in just two months

Hackers are increasingly using armies of bots to attack multiple accounts at a time, according to the latest State of the Internet report from Akamai. Hackers are using botnets to try stolen credentials on multiple websites at a time, in a practice known as ‘credential stuffing’.

Akamai researchers detected approximately 3.2bn malicious logins per month from January through April 2018. They found 8.3bn malicious login attempts from bots in May and June 2018 – a major increase.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com