personal information Archives – Gridinsoft Blog Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Thu, 30 May 2024 17:36:23 +0000 en-US hourly 1 https://wordpress.org/?v=78322 200474804 Joint Operation: SSNDOB Personal Data Darknet Market Seized https://gridinsoft.com/blogs/ssndob-seized/ https://gridinsoft.com/blogs/ssndob-seized/#respond Thu, 09 Jun 2022 23:29:53 +0000 https://gridinsoft.com/blogs/?p=8425 What SSNDOB Was Before Its Servers Were Seized The US Department of Justice, Internal Revenue Service, and Federal Bureau of Investigation have joined forces with law enforcement authorities in Latvia and Cyprus to seize the SSNDOB darknet market. They informed the public about the operation in the official report on June 7, 2022. SSNDOB used… Continue reading Joint Operation: SSNDOB Personal Data Darknet Market Seized

The post Joint Operation: SSNDOB Personal Data Darknet Market Seized appeared first on Gridinsoft Blog.

]]>
What SSNDOB Was Before Its Servers Were Seized

The US Department of Justice, Internal Revenue Service, and Federal Bureau of Investigation have joined forces with law enforcement authorities in Latvia and Cyprus to seize the SSNDOB darknet market. They informed the public about the operation in the official report on June 7, 2022.

SSNDOB used to be a large market for personal data. The name of the market is the combination of two abbreviations: SSN (social security number) and DOB (date of birth.) Thus, names, dates of birth, social security numbers, and other data of about 24 million citizens of the United States had flocked to the servers of SSNDOB, generating profit for the marketplace owners.

Leaked data vendors used to place advertisements of what they had to sell on dark web announcement boards and forums. The deals were stricken afterward on the notorious marketplace. SSNDOB administration urged its clients to pay for the data in cryptocurrency. As for the application of personal data purchased on SSNDOB, buyers used it in illegal machinations of various kinds, including tax and banking frauds. The revenue generated from such deals amounted to $19 million. The leaked information mostly came to SSNDOB from healthcare institutions.

The four seized domains were ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz. They served as mirrors, which allowed the marketplace to avoid disruption in work, should even one of the servers be shut down due to criminal investigations. However, the joint and simultaneous actions led to the effective seizure of SSNDOB operations with the marketplace infrastructure dismantled.

The Context

The context of the SSNDOB servers seizure would not be complete without a suspicion outspoken by the researchers at Chinalysis, who have traced a connection between SSNDOB and Joker’s Stash, a dark web market selling credit card details (stolen, of course.) Joker’s Stash was shut down in February 2021. But before that, around 100 thousand dollars in cryptocurrency were transferred from SSNDOB to Jocker’s Stash. Chinalysis even presume that both resources belonged to the same owners.

Following the shutting down of Hydra and RaidForums, the seizure of SSNDOB is another battle won in America’s decisive war on cybercriminals.

The post Joint Operation: SSNDOB Personal Data Darknet Market Seized appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/ssndob-seized/feed/ 0 8425
Meta Infostealer Malware Spread via Spam https://gridinsoft.com/blogs/meta-infostealer-malware/ https://gridinsoft.com/blogs/meta-infostealer-malware/#respond Tue, 12 Apr 2022 15:09:51 +0000 https://gridinsoft.com/blogs/?p=7271 Meta, a newly crafted information-stealing malware, is distributed via a vast spam spree. The mechanism of the stealer injection within this campaign is already well-known. However, Meta is now a mainstream tool among hackers. Therefore, further attacks featuring this software but with different scenarios are inevitable. This article explains how the current malspam scheme works.… Continue reading Meta Infostealer Malware Spread via Spam

The post Meta Infostealer Malware Spread via Spam appeared first on Gridinsoft Blog.

]]>
Meta, a newly crafted information-stealing malware, is distributed via a vast spam spree. The mechanism of the stealer injection within this campaign is already well-known. However, Meta is now a mainstream tool among hackers. Therefore, further attacks featuring this software but with different scenarios are inevitable. This article explains how the current malspam scheme works. We also share the story behind the info stealer.

READ ALSO: Spyware vs. Infostealer – what’s the difference?

The information provided within the current article, including the images, is courtesy of Brad Duncan, an independent cybersecurity analyst, the man behind the malware-traffic-analysis.net blog.

Meta Infostealer Malware Spread via Spam

Spam Campaign details

The Meta infostealer malware gets into the victim’s computer. It begins with an email with an attachment. Already a stay-away thing for the experienced ones, but someone might still buy into that. The bait is classic: you have received payment, and there is a little paperwork to be done before getting your money.

Meta Stealer Infection Scheme
This is a Meta Stealer Infection Scheme provided by Brad Duncan. Source: isc.sans.edu

After the user downloads the attachment (an excel table within the current campaign,) the file will, just as expected, request allowance to execute macros. The sheets file features a DocuSign image to be more persuasive, although it is unnecessary since it is already downloaded. If the victim consents, enabled scripts (VBS) start downloading stuff from several sources.

Request for Macros
The attached excel file with a DocuSign seal asks for macros allowance. Source: isc.sans.edu

The downloaded payload gets encoded with base64 (schemes presenting binary data as text) or undergoes byte reversal. Both methods increase the malware’s chances of passing undetected by antivirus programs. The fetched content constitutes *.dll and *.exe files.

Reversed bytes in the downloaded DLL
You can see the reversed byte order in the downloaded DLL. Source: isc.sans.edu

The hacker’s plan succeeds as a malicious executable gets assembled on the victim’s computer, and it starts sending data to the server with 193[.]106[.]191[.]162 address. The file name is ‘qwveqwveqw,’ and it even gets itself a system registry entry. Meta steals passwords for cryptocurrency wallets and web browsers, namely Chrome, Firefox, and Edge. By the way, Meta alters PowerShell and Windows Security settings, excluding *.exe files from antivirus examination.

Meta Stealer's Traffic
Meta-generated traffic. Source: isc.sans.edu

Brief information on Meta malware

The hacker community quickly reacted to the suspension of Raccoon Stealer malware. Its operators stopped selling and supporting the tool as one of the developers became a victim of the war in Ukraine. Meta, advertised as the successor of RedLine, is one of several stealers that arrived to occupy the vacant niche. Its monthly price on the 2Easy botnet marketplace is $125 and a lifetime subscription costs $1000. For a more thorough analysis of the Meta malware, consider reading the original report by Brad Duncan on the Internet Storm Center security forum.

RELATED: Why is the 2easy trading platform gaining popularity?

The post Meta Infostealer Malware Spread via Spam appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/meta-infostealer-malware/feed/ 0 7271
What is Cyberbullying: How to Prevent It https://gridinsoft.com/blogs/what-cyberbullying-is-stop-it/ https://gridinsoft.com/blogs/what-cyberbullying-is-stop-it/#respond Fri, 09 Mar 2018 14:53:23 +0000 https://blog.gridinsoft.com/?p=2170 Cyberbullying (or cyberharassment) is bullying that happens online over digital devices like mobile phones, computers, etc. Usually being an extension of real-life bullying, cyberbullying includes teasing, intimidation, threat, demonstration of dominance, coercion, insult, etc. Just as common bullying, online harassment is repetitive aggression that emphasizes an imbalance of power. The difference is made by the… Continue reading What is Cyberbullying: How to Prevent It

The post What is Cyberbullying: How to Prevent It appeared first on Gridinsoft Blog.

]]>
Cyberbullying (or cyberharassment) is bullying that happens online over digital devices like mobile phones, computers, etc. Usually being an extension of real-life bullying, cyberbullying includes teasing, intimidation, threat, demonstration of dominance, coercion, insult, etc. Just as common bullying, online harassment is repetitive aggression that emphasizes an imbalance of power.

The difference is made by the more intense psychological tension that victims suffer, as cyberbullying, despite being less “physical,” creates a higher density of harassment since victims and aggressors are almost always online.

As the phenomenon is more likely to occur in hard-to-escape semi-closed communities like schools, cyberbullying often remains unknown. In countries where bullying is out of the law, cyberbullying is also illegal.

How Does It Work

So, what is cyberbullying? Cyberbullying occurs mainly on social media, especially on Facebook (which works as a magnifying glass of all social processes), in messenger apps on phones and tablets. Harassment is also possible on forums, message boards, and other online platforms for theme-based discussions. Emails are also used, especially for threats.

Although SMS might also be regarded as a channel of cyberbullying, it is not. Classic short messages remain a form of modernized ordinary bullying. What is specific about the disputed phenomenon is that cyberharassment gains some peculiar features. People stay online most of their wake time.

Cyberbullying in Online Communities?

People mostly associate their leisure time with being online. Therefore cyberbullying is a modern and intensified version of bullying. People cannot simply leave the environment where the mockery happens because, in the case of the Internet and social media, victims tie their hopes with the same space where the harassment takes place. It is hardly thinkable for a modern person to leave social media or the Internet whatsoever.

Cyberbullying in communities of online computer games is the most representative phenomenon, as nobody forces the victims of harassment to participate in those communities. But that is precisely how cyberbullying works! People are bullied in that very place where they expect to find joy. Unlike that, real-life harassment most often happens in groups wherein people are forced or need to participate.

Lawas and Regulations

Cyberbullying is illegal in countries where common bullying is banned. There is no reason to downplay the significance of Internet bullying against real-life harassment, especially considering that written messages were always typical of old-fashioned mockery and threats. The presence of evidence (chat logs, emails, screenshots, audio/video records) only makes investigations easier. Authorities can either interpret cyberbullying as a case of usual harassment or, if local legislation allows it, classify the violation as cyberbullying itself.

What varies throughout countries is whether the offense is considered a crime or an administrative violation. There are sub-cases of bullying that are especially sensitive in the context of criminal responsibility. These activities are violent threats, blackmail, and stalking.

Examples Of Cyberbullying In Social Media

Lawyers who deal with cyberbullying experience difficulties because harassment on the Internet is an age-related disease in children and adolescents. Governments do their best to spare school kids from being prosecuted as criminals, so schools are given a lot of power to stop cyberbullying as a local phenomenon through organizational methods. In some states, however, and countries, general intention, flagrant cases, such as intimidation, can be taken to court even with the juvenile delinquent. It is so, for example, in the state of Missouri (US.)

What is Cyberbullying: How to Prevent It

Six stories listed below are cases of cyberbullying that led to the death of the victims. These tragedies happened within a time span of sixteen years and reflect different aspects of cyberbullying.

  • Story #1. Ryan Halligan was a school student whose emotional insecurity was exploited during two years of his school time, from his fifth to seventh grade. Cyberbullying episode was Ryan’s communication over AOL Instant Messenger with the girl who made Halligan believe she was romantically engaged with him. As it turned out, the romance was staged. In 2003 Halligan hanged himself in the bathroom at home.
  • Story #2. Megan Meier was a 13-years old girl who committed suicide in 2006 after receiving insulting and mocking messages on MySpace. The death of Megan became a starting point for a court process that led to the eventual acquittal of the accused person. Tendencies were obvious: Federal grand jury indicted the harasser, a Missouri woman, but a district judge acquitted her.
  • Story #3. Jessica Logan, a Sycamore High School student whose nude photo was spread on the Internet by her ex-boyfriend, underwent bullying on MySpace and Facebook platforms. She killed herself in 2008. Jessica’s parents filed a lawsuit against the university for not stopping the harassment of their daughter despite being informed about it. The 2012 Jessica Logan Act expanded anti-harassment policies addressing cyberbullying.
  • Story #4. Tyler Clementi was a Rutgers University student whose kiss with a man was streamed via a webcam. The spreading of the video led to a form of mockery of Tyler by his mates. Tyler Clementi killed himself by jumping off a bridge in 2010. Tyler Clementi Higher Education Anti-Harassment Act was introduced after the case and reintroduced in 2013. This act would require colleges and universities to have anti-harassment policies.
  • Story #5. Amanda Todd was a victim of cyberstalking by a person who previously fished a topless photo out of Amanda and then shared it on social media. Amanda changed schools after bullying, but the stalker kept befriending her again and again from a secret account. After posting a video on YouTube about her sorry experience in 2012, Amanda Todd eventually hanged herself.

Why is Cyberbullying a Problem?

Stopping cyberbullying, just like real-life bullying, is a matter of upbringing, creating a healthy atmosphere within communities, and wise reaction to harassment in case the latter has already happened. Cyberbullying is more problematic than “normal” because of its invisibility. Neither teachers nor school psychologists can witness harassment happening in closed communities on social media. Even less penetrable is direct messaging.

How to Stop Cyberbullying

People responsible for the wholesomeness of endangered groups should be vigilant, watching out for signs of bullying among their wards. Cyberbullying is only a temptation for those people who have nothing more interesting to do. Therefore, keeping students busy with captivating tasks and maintaining their moral self-esteem high, especially in schools, is crucial. If you are a victim of cyberbullying:

  1. Do not blame yourself. Make no mistake here. No one deserves cruel and aggressive treatment. 
  2. Do not respond. Sometimes your reaction is what bullies are after. If you stop reacting, their interest in you might run dry. If you cannot ignore them, make sure your response is calm, firm, and civilized.
  3. Save the evidence. Don’t remove intimidating or mockery emails, messages, audio records, videos, etc. Don’t forget to take screenshots of chats where harassment takes place. Many messengers have a function of chat deletion.
  4. Tell the harassers to stop. It might seem silly and ineffective, but in many cases, the impudent behavior of harassers is explained by the fact that while they are aware of what they are doing, their victim does not understand what is happening to them. Making offenders know that you can see the whole picture might make them cease the harassment.
  5. Seek help from an adult and experienced person you trust. If you do not have such a person – find one. Parents, psychologists, and even police fit that role.
  6. Block and report accounts of the harassers. Social networks feature these functions for a reason, and cyberbullying is a good reason to apply them.
  7. Protect your data. If you find yourself in a cyberbullying situation, make sure offenders do not get their hands on your private information. Use 2-factor authentication on your accounts, log out from public devices, do not share sensitive information, and block screens on your portable devices.

Most Common Effects of Cyberbullying

Example of cyberbullying has its own dangers compared to “classic” localized harassment. Sensitive information on the victim, which is usually a ground for bullying, can be spread without any boundaries via the all-penetrating Net, so changing location, schools, etc., is no longer effective against mockery. Realizing the world-wide-web as the arena for harassment creates angst in victims, an ultimate fear of not being able to avoid bullying.

Cyberbullying is a traumatic experience that causes anxiety, loss of dignity, fear of people, general distrust, and avoidance of social connections. These factors altogether lead to desperation and suicidal tendencies.

The post What is Cyberbullying: How to Prevent It appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/what-cyberbullying-is-stop-it/feed/ 0 2170
The Hidden Risks of Location Sharing on Social Networks https://gridinsoft.com/blogs/dont-know-location-sharing-social-networks/ https://gridinsoft.com/blogs/dont-know-location-sharing-social-networks/#respond Wed, 28 Feb 2018 12:49:26 +0000 https://blog.gridinsoft.com/?p=2136 What You Don’t Know About Location Sharing on Social Networks Location sharing is a common feature on social networks that allow users to share their physical location with their followers. The feature is designed to enable users to share their experiences with their friends and family. Still, it can also have negative consequences, particularly regarding… Continue reading The Hidden Risks of Location Sharing on Social Networks

The post The Hidden Risks of Location Sharing on Social Networks appeared first on Gridinsoft Blog.

]]>
What You Don’t Know About Location Sharing on Social Networks

Location sharing is a common feature on social networks that allow users to share their physical location with their followers. The feature is designed to enable users to share their experiences with their friends and family. Still, it can also have negative consequences, particularly regarding privacy and security. In this article, we’ll explore what you need to know about location sharing on social networks and its potential risks.

How Location Sharing Works

Location sharing works by using the GPS functionality on your smartphone to pinpoint your location. When you use a social network that supports location sharing, you can share your current location with your followers. Your location will then be displayed on a map or as a tag on your posts.

Some social networks, like Facebook and Twitter, allow you to share your location manually. In other words, you must explicitly choose to share your location by turning on the location-sharing feature within the app. Other social networks, like Snapchat and Instagram, have automatic location-sharing features that can be more difficult to turn off.

The Risks of Location Sharing

While location sharing can be useful for keeping friends and family updated on your whereabouts, it also carries several risks that you need to be aware of. Here are some of the most significant risks associated with location sharing:

  1. Stalking and harassment: Location sharing can make it easier for stalkers and harassers to find and target their victims. If you’re sharing your location with the public, anyone can see where you are and track your movements. This can be especially dangerous for people who are in abusive relationships or who have experienced stalking in the past.
  2. Identity theft: Sharing your location can also make it easier for hackers to steal your identity. If a hacker knows where you are, they can use that information to create a convincing phishing scam or to steal your personal information.
  3. Physical safety: Location sharing can also put your physical safety at risk. You never know who might be watching if you share your location with strangers. Several instances have occurred of people being robbed or attacked after sharing their location on social media.
  4. Privacy: Finally, location sharing can be a serious privacy concern. If you share your location with the public, anyone can see where you are and where you’ve been. This can be especially problematic if you’re trying to keep your location private for personal or professional reasons.

How to Stay Safe When Location Sharing

If you decide to use location sharing on social networks, there are several things you can do to stay safe:

  • Be selective about who you share your location: Only share your location with people you trust, and consider using a private account rather than a public one.
  • Disable automatic location sharing: If possible, disable automatic location sharing on social networks like Snapchat and Instagram. This will give you more control over when and where your location is shared.
  • Limit the amount of location data you share: Consider only sharing your general location (e.g., city or neighborhood) rather than your exact location.
  • Regularly review your privacy settings: Make sure you review your privacy settings on social networks regularly and update them as necessary.

Protecting Your Privacy on Social Networks

Location sharing is just one of the many ways that social networks can compromise your privacy. If you want to protect your personal information on social media, here are some additional tips:

  • Be mindful of what you post: Think carefully before posting personal information, such as your full name, phone number, or address, on social media. Hackers or identity thieves can use this information to target you.
  • Use strong passwords: Use strong, unique passwords for each of your social media accounts to prevent hackers from gaining access to your information.
  • Enable two-factor authentication: Enable two-factor authentication on your social media accounts to add an extra layer of security.
  • Regularly review your privacy settings: Make sure you review your privacy settings on social networks regularly and update them as necessary.
  • Be careful with third-party apps: Be careful when granting third-party apps access to your social media accounts. Some apps may be malicious or collect your personal information without your consent.

The Bottom Line

Location sharing on social networks can be useful for keeping friends and family updated on your whereabouts. Still, it also carries several risks you must be aware of. Following the tips outlined in this article can help protect your privacy and stay safe when using social media. Remember, it’s always better to err on the side of caution when sharing personal information online.

The post The Hidden Risks of Location Sharing on Social Networks appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/dont-know-location-sharing-social-networks/feed/ 0 2136