Episode 338 of the Transatlantic Cable podcast kicks off with the story of the year (so far) as some people see it – the Kate Middleton / photoshop mess. Is it really as big a deal as some believe it to be, or is it just a silly mistake?

From there the team discuss news that South Korea have developed a tool to help scan images for deepfakes, but will it be useful enough to be of any use? Additionally, the team talk about the Play ransomware gang and will GDPR shut down WorldCoin?

If you liked what you heard, please consider subscribing.

Kate photo withdrawn by five news agencies amid ‘manipulation’ concerns
South Korean Police Develops Deepfake Detection Tool
Worldcoin hit with temporary ban in Spain over privacy concerns
Play ransomware leaked 65,000 government documents

Kaspersky official blog – ​Read More

In this special episode of the Transatlantic Cable Podcast, we engage in a thoughtful conversation with guests Genie Gan and Ekaterina Burdova about the pivotal topic of Women in Technology, coinciding with the celebration of International Women’s Day. Throughout the episode, we delve into various aspects of empowering women in STEM fields, touching on strategies for governmental and academic institutions to foster greater female participation, community-driven initiatives aimed at providing support and encouragement, and corporate measures to promote gender diversity and create inclusive workplaces. Additionally, the discussion explores the influence of media representation, citing examples like “The Queen’s Gambit” and its impact on shaping perceptions of female protagonists in male-dominated spheres. Emphasizing the significance of representation for aspiring female leaders, the guests also discuss ways to serve as role models for young girls interested in pursuing careers in technology. Furthermore, the conversation highlights the importance of mentoring programs in women’s professional development, as well as the challenges and strategies for maintaining a healthy work-life-family-education balance. Ultimately, the episode aims to challenge myths surrounding women in tech and inspire meaningful change within the industry.

If you liked what you heard, please consider subscribing.

Kaspersky official blog – ​Read More

Taking place every year on March 8 in many countries across the world, International Women’s Day is celebrated differently depending on the country: in some it’s a national holiday; in others it’s not a holiday but still widely observed. But what’s the same everywhere is that it’s a day when everyone’s eyes are on women from all walks of life; and when I write everyone’s, that includes scammers’ eyes too. The feverish days running up to March 8 (ordering this, buying that – and all in good time, but not too early if we’re talking fresh flowers) provide a perfect opportunity for cybercriminals to make money, so they triple-down on sending links to fake sites, generating countless fake promotional codes, and making false promises of valuable gifts for every purchase.

In this post, we discuss ways in which women can protect themselves from falling prey to these scams.

Fake marketplace gifts

Statistics show that women are far more likely to shop at online marketplaces than men: 43 percent against 32 percent. Thus, women are more likely to be targeted by promotions that appear in dazzling quantities ahead of any public holiday. Sadly, these campaigns aren’t always legal and run by the brands whose names are used in sending out unprecedentedly generous offers.

For several years in a row, shortly before March 8, young women receive WhatsApp messages purportedly from Amazon and offering a valuable gift: “Welcome to the Amazon International Women’s Day Giveaway! We have more than 10,000 free gifts!” To participate, the recipient is asked to follow a link and fill out a quick survey, and then share the message with a few dozen friends and verify their identity through email. Needless to say, respondents get no fancy smartphones, hair dryers, or laptops. Instead, according to security researchers, victims’ devices may have been compromised, with the scammers getting access to the camera, microphone, banking apps, contacts, and gallery.

In fact, some brands do employ instant messaging services and email to spread promotional offers, and Amazon is no exception. So, if you receive such a message, start by carefully scanning it: suspicious generosity, grammatical errors, an odd sender’s address, and an urgent call to follow a link “while it still lasts” may be a sign that it’s a scam. Remember the rules for safe online shopping and use reliable security to be confident you’re following a link to an official website — not a fake.

“Flowers for our regular customers!”

The tradition of giving women flowers on March 8 dates back to 1946, when Italian women’s rights activists chose the yellow mimosa as a symbol of resilience, sustained growth, and solidarity. Young women still get flowers from their friends and family every March 8. Scammers exploit this sweet tradition too.

On the eve of International Women’s Day, scammers promise to send women flowers, while the recipient women, they say, will only need to pay for delivery. If a woman agrees, she receives a payment link in an instant messaging app. To no one’s surprise, after following all the instructions, the victim gets no flowers, and the florist shop’s phone number turns out to be somehow unavailable.

The whole story is a typical delivery scam, which we’ve written about earlier. Losses in this case include both the “cost of delivery” and the bank card details, which can later be used to steal far larger sums. Here’s a golden rule for you if you want to avoid being scammed: never pay for a gift. After all, it should be free because it’s a gift. If a florist shop, nail salon, or spa decides to be nice and send you flowers all of a sudden, make sure they don’t charge you for this.

“Anything you say can be used against you”

You must have heard the Miranda warning in movies: “Anything you say can be used against you…”. Well, it’s just as true for digital life as it is for real life. We’re talking about doxers. These are people who collect any and all information available about their potential victims — information the victims themselves have published — and threaten to make it public. This type of threat is known as doxing.

Young women are especially defenseless before doxers. A malicious actor can use data on the victim for catfishing: creating a fake online identity with the victim’s name, face, and other personal details to set up further scams on social networks and in dating services. The least they can do is harass you with text messages, phone calls, fake deliveries, or even swatting. Popular streamer Amouranth, with more than 6.3 million Twitch followers, says she gets swatted several times a month.

Streamer Wolfabelle experienced a different kind of doxing: a stalker found out her address and threatened to publish it unless she gave him sexual favors. She even received a photo of her house made by the doxer to prove he wasn’t bluffing.

On a positive note, this isn’t something you can’t prevent. In a nutshell, here’s what you should do: avoid sharing your geolocation, publish only a minimum of information that can appear in online searches, or make your social profiles private. If you’ve already been a victim of doxing, please refer to our other post.

Celebrating March 8 safely

Keep your eyes open when accepting promotional offers. Gifts and giveaways are nice, but as soon as they ask you to pay or share the link with your friends, that’s when you know you’re dealing with scammers.
Avoid clicking suspicious links in instant messages. Please read our detailed anti-phishing tips and remember that malicious actors become more active in the run-up to and during holidays.
Publish your personal details in private social profiles only. This life hack will go at least some way toward keeping you safe from doxing. Remember to carefully select followers and friends who can view your profile details.
Use comprehensive security that keeps you from visiting phishing and scam sites, protects your payment and personal details, and prevents identity theft.

Kaspersky official blog – ​Read More

Of all the accusations routinely hurled Google’s way, there’s one that especially alarms users: the company can track the location of all Android — and to some extent, Apple — phones. Past experience suggests that Google indeed does this — not only using this data to display ads, but also storing it in Location History and even providing it to law enforcement agencies. Now Google promises to only store Location History on the device. Should we believe it?

What’s wrong with Location History?

Location History lets you easily view the places a user visited and when they did so. You can use it for all kinds of things: remembering the name of that beach or restaurant you went to while on vacation two years ago, finding the address of a place your better half often goes to after work, getting new bar suggestions based on the ones you’ve been to, locating the florist that delivered the surprise bouquet for a party, and many more. The different ways this feature both benefits and harms Google account holders are commonly reported. Little wonder then that many — even those with a clean consciences — often want to turn it off completely.

Regrettably, Google has often been caught abusing its Location History setting. Even if explicitly disabled, Location History was still collected under “Web & App Activity”. This led to a series of lawsuits, which Google lost. In 2023, the company was ordered to pay $93 million under one suit, and a year earlier $392 million under another. These fines were but a pinprick to a corporation with hundreds of billions of dollars in revenue, but at least the court had Google revise its location tracking practices.

The combined legal and public pressure apparently led to the company announcing at the end of 2023 a drastic change: now, according to Google, Location History will be collected and stored on users’ devices only. But does that make the feature any more secure?

How does Location History (supposedly) work in 2024?

First of all, check that the feature has been updated on your device. As is wont with Google, updates for the billions of Android devices roll out in waves, and to relatively recent OS versions only. So, unless you see an alert that looks like the one below, it’s likely your device hasn’t received the update, and enabling Location History will save the data on Google’s servers.

If your Location History is now stored locally, however, Google Maps will offer options for centralized management of your “places”. By selecting a point on the map, such as a coffee shop, and opening its description, you’ll see all the times you visited the place in the past, all searches for the place on the map, and other things like that. One tap on the location card can delete all of your activity associated with the place.

Google says it will store the history for each place for three months by default and then delete it. To change this setting or disable history, simply tap the blue dot on the map that shows your current location and turn off Location History in the window that pops up.

An obvious downside to offline Location History is that it won’t be accessible to the user on their other devices. As a workaround, Google suggests storing an encrypted backup on its servers.

Keep in mind that what we’re discussing here is the new implementation of Location History as described by Google. Detailed analysis of how this new pattern actually works may reveal pitfalls and caveats that no one except Google’s developers knows about at this point.

What threats does this update eliminate?

Although the new storage method improves the privacy of location data, it can’t be considered a one-size-fits-all solution to all existing issues. So how does it affect various hypothetical threat scenarios?

Tracking you to customize ads. This is unlikely to be affected in any way: Google can continue to collect data on places you visit in an anonymized, generalized form. You’ll keep seeing ads linked to your current or past locations unless you disable either that or all targeted ads entirely. Remember that Google isn’t the only one out there tracking your location. Other apps and services have been found guilty of abusing this data as well; here are a few examples: one, two, and three.
Evil hackers and cyberspies. These malicious groups typically use commercial spyware (stalkerware) or malicious implants, so the changes to Google’s Location History will hardly affect them.
Jealous partner or prying relative. It’ll be harder to use a computer on which you’re signed in to your Google account to track your location. Someone could still quietly snoop on your phone while it’s unlocked, as well as secretly install commercial spyware such as stalkerware, which we mentioned above. Therefore, it’s general steps to protect smartphones from mobile spyware, not the updates to Google Maps, that are crucial to addressing this.
Law enforcement. This isn’t likely to change much, as, in addition to asking Google, the police can request your location data from the mobile carrier or deduce it from surveillance camera footage, which is both easier and faster.

So, the update doesn’t help user privacy all that much, does it? We’re afraid not.

How do I effectively protect my location data?

You’re limited to fairly drastic options these days if you want to prevent location tracking. We list these here in ascending order of extremity.

Use comprehensive security on all your devices, including phones and tablets. This will reduce the likelihood of being exposed to malware, including stalkerware.
Disable Google Location History and Web & App Activity, avoid giving location permissions to any apps except navigation apps, turn off personalized ads, and use a DNS service that filters ads.
Turn off all geo-tracking features (GPS, Google location services, and others) on your smartphone.
When on an especially important trip, activate flight mode for an hour or two, or just turn off your smartphone.
Ditch smartphones in favor of the most basic dumbphones.
Ultimately, stop carrying around any kind of phone at all.
Live 100% off-grid; e.g., in a cave.

Kaspersky official blog – ​Read More

A group of researchers from the University of Florida has published a study on a type of attack using Qi wireless chargers, which they’ve dubbed VoltSchemer. In the study, they describe in detail how these attacks work, what makes them possible, and what results they’ve achieved.

In this post, first we’ll discuss the researchers’ main findings. Then we’ll explore what it all means practically speaking — and whether you should be concerned about someone roasting your smartphone through a wireless charger.

The main idea behind the VoltSchemer attacks

The Qi standard has become the dominant one in its field: it’s supported by all the latest wireless chargers and smartphones capable of wireless charging. VoltSchemer attacks exploit two fundamental features of the Qi standard.

The first is the way the smartphone and wireless charger exchange information to coordinate the battery charging process: the Qi standard has a communication protocol that uses the only “thing” connecting the charger and the smartphone — a magnetic field — to transmit messages.

The second feature is the way that wireless chargers are intended for anyone to freely use. That is, any smartphone can be placed on any wireless charger without any kind of prior pairing, and the battery will start charging immediately. Thus, the Qi communication protocol involves no encryption — all commands are transmitted in plain text.

It is this lack of encryption that makes communication between charger and smartphone susceptible to man-in-the-middle attacks; that is, said communication can be intercepted and tampered with. That, coupled with the first feature (use of the magnetic field), means such tampering  is not even that hard to accomplish: to send malicious commands, attackers only need to be able to manipulate the magnetic field to mimic Qi-standard signals.

And that’s exactly what the researchers did: they built a “malicious” power adapter disguised as a wall USB socket, which allowed them to create precisely tuned voltage noise. They were able to send their own commands to the wireless charger, as well as block Qi messages sent by the smartphone.

Thus, VoltSchemer attacks require no modifications to the wireless charger’s hardware or firmware. All that’s necessary is to place a malicious power source in a location suitable for luring unsuspecting victims.

Next, the researchers explored all the ways potential attackers could exploit this method. That is, they considered various possible attack vectors and tested their feasibility in practice.

1. Silent commands to Siri and Google Assistant voice assistants

The first thing the researchers tested was the possibility of sending silent voice commands to the built-in voice assistant of the charging smartphone through the wireless charger. They copied this attack vector from their colleagues at Hong Kong Polytechnic University, who dubbed this attack Heartworm.

The idea here is that the smartphone’s microphone converts sound into electrical vibrations. It’s therefore possible to generate these electrical vibrations in the microphone directly using electricity itself rather than actual sound. To prevent this from happening, microphone manufacturers use electromagnetic shielding — Faraday cages. However, there’s a key nuance here: although these shields are good at suppressing the electrical component, they can be penetrated by magnetic fields.

Smartphones that can charge wirelessly are typically equipped with a ferrite screen, which protects against magnetic fields. However, this screen is located right next to the induction coil, and so doesn’t cover the microphone. Thus, today’s smartphone microphones are quite vulnerable to attacks from devices capable of manipulating magnetic fields — such as wireless chargers.

The creators of VoltSchemer expanded the already known Heartworm attack with the ability to affect the microphone of a charging smartphone using a “malicious” power source. The authors of the original attack used a specially modified wireless charger for this purpose.

2. Overheating a charging smartphone

Next, the researchers tested whether it’s possible to use the VoltSchemer attack to overheat a smartphone charging on the compromised charger. Normally, when the battery reaches the required charge level or the temperature rises to a threshold value, the smartphone sends a command to stop the charging process.

However, the researchers were able to use VoltSchemer to block these commands. Without receiving the command to stop, the compromised charger continues to supply energy to the smartphone, gradually heating it up — and the smartphone can’t do anything about it. For cases such as this, smartphones have emergency defense mechanisms to avoid overheating: first, the device closes applications, and if that doesn’t help it shuts down completely.

Thus, the researchers were able to heat a smartphone up to a temperature of 81°C (178°F), which is quite dangerous for the battery — and in certain circumstances could lead to its catching fire (which could of course lead to other things catching fire if the charging phone is left unattended).

3. “Frying” other stuff

Next, the researchers explored the possibility of “frying” various other devices and everyday items. Of course, under normal circumstances, a wireless charger shouldn’t activate unless it receives a command from the smartphone placed on it. However, with the VoltSchemer attack, such a command can be given at any time, as well as a command to not stop charging.

Now, take a guess what will happen to any items lying on the charger at that moment! Nothing good, that’s for sure. For example, the researchers were able to heat a paperclip to a temperature of 280°C (536°F) — enough to set fire to any attached documents. They also managed to fry to death a car key, a USB flash drive, an SSD drive, and RFID chips embedded in bank cards, office passes, travel cards, biometric passports and other such documents.

In total, the researchers examined nine different models of wireless chargers available in stores, and all of them were vulnerable to VoltSchemer attacks. As you might guess, the models with the highest power pose the greatest danger, as they have the most potential to cause serious damage and overheat smartphones.

Should you fear a VoltSchemer attack in real life?

Protecting against VoltSchemer attacks is fairly straightforward: simply avoid using public wireless chargers and don’t connect your own wireless charger to any suspicious USB ports or power adapters.

While VoltSchemer attacks are quite interesting and can have spectacular results, their real-world practicality is highly questionable. Firstly, such an attack is very difficult to organize. Secondly, it’s not exactly clear what the benefits to an attacker would be — unless they’re a pyromaniac, of course.

But what this research clearly demonstrates is how inherently dangerous wireless chargers can be — especially the more powerful models. So, if you’re not completely sure of the reliability and safety of a particular wireless charger, you’d be wise to avoid using it. While wireless charger hacking is unlikely, the danger of your smartphone randomly getting roasted due to a “rogue” charger that no longer responds to charging commands isn’t entirely absent.

Kaspersky official blog – ​Read More