Meta Archives – Gridinsoft Blog Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Sat, 15 Jun 2024 16:12:07 +0000 en-US hourly 1 https://wordpress.org/?v=94035 200474804 Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users https://gridinsoft.com/blogs/meta-and-chinese-apps/ https://gridinsoft.com/blogs/meta-and-chinese-apps/#respond Wed, 12 Oct 2022 17:51:38 +0000 https://gridinsoft.com/blogs/?p=11059 Meta has sued several Chinese companies (including HeyMods, Highlight Mobi and HeyWhatsApp) for developing and using “unofficial” WhatsApp apps for Android. The fact is that since May 2022, these applications have been used to steal more than a million WhatsApp accounts. By the way, also read our article: Top Facebook Scams 2024: How to Avoid… Continue reading Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users

The post Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users appeared first on Gridinsoft Blog.

]]>
Meta has sued several Chinese companies (including HeyMods, Highlight Mobi and HeyWhatsApp) for developing and using “unofficial” WhatsApp apps for Android. The fact is that since May 2022, these applications have been used to steal more than a million WhatsApp accounts.

By the way, also read our article: Top Facebook Scams 2024: How to Avoid Them.

According to court documents shared by Bleeping Computer journalists, malicious applications, in particular, were available for download from the websites of the companies themselves, as well as through the Google Play Store, APK Pure, APKSFree, iDescargar and Malavida.

After installing applications (including AppUpdater for WhatsPlus 2021 GB Yo FM HeyMods and Theme Store for Zap), they used the built-in malware to collect sensitive user information, including authentication data, and then took over other people’s WhatsApp accounts to send spam.

After the victims installed the malicious apps, they were prompted to enter their WhatsApp user credentials and grant access to WhatsApp to the malicious apps.the documents state.

At the same time, according to the official statistics of the Google Play Store, only the AppUpdater for WhatsPlus application has been installed more than a million times.

Meta and Chinese Apps

A gambling site that spammers advertised on WhatsApp

Will Cathcar
Will Cathcar

It is worth noting that last summer, the head of WhatsApp, Will Cathcar, warned users not to download modified versions of WhatsApp, and cited HeyMods and HeyWhatsApp as examples. Cathcart wrote that the company’s security service discovered hidden malware in these applications, and their main goal is to steal users’ personal information.

Interestingly, at the same time that the media learned about this lawsuit, Meta published an official press release in which it also stated that it had discovered more than 400 malicious applications that stole user data. However, here we are talking not only about applications for Android (355 pieces), but also about applications for iOS (47 pieces), and theft of credentials from Facebook accounts was named as their purpose.

Meta and Chinese Apps

These apps were hosted on the Google Play Store and the Apple App Store and disguised as photo editors, games, VPNs, business apps, and other utilities to trick people into downloading them.the company said.

By prompting victims to “Log in with Facebook,” the apps ended up stealing user credentials, hijacking other people’s accounts, and being able to “perform activities such as sending messages to friends and gaining access to personal information.”

More than a million users have reportedly been notified of the potential compromise and are now urged to change their passwords and enable two-factor authentication.

The post Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/meta-and-chinese-apps/feed/ 0 11059
Meta to Give up its Discriminating Ad-Targeting System https://gridinsoft.com/blogs/meta-lawsuit-discrimination/ https://gridinsoft.com/blogs/meta-lawsuit-discrimination/#respond Wed, 22 Jun 2022 15:53:03 +0000 https://gridinsoft.com/blogs/?p=8763 Meta Cooperates Facing Chargers of Digital Discrimination A historic legal event took place when, after accusations of unlawful discrimination put in the design of the targeted advertising system employed by Meta, the company agreed to cease using the tool and pay the penalty of around $115,000. The source of the news is the June 21… Continue reading Meta to Give up its Discriminating Ad-Targeting System

The post Meta to Give up its Discriminating Ad-Targeting System appeared first on Gridinsoft Blog.

]]>
Meta Cooperates Facing Chargers of Digital Discrimination

A historic legal event took place when, after accusations of unlawful discrimination put in the design of the targeted advertising system employed by Meta, the company agreed to cease using the tool and pay the penalty of around $115,000.

The source of the news is the June 21 official statement of the U.S. Department of Justice.

The Department of Housing and Urban Development (HUD) has investigated discrimination in Meta ad-serving software. The official charge (of discrimination) issued by HUD on On March 28, 2019 was a nudge to start the disputed lawsuit. The fact is that in order to select the audience for advertisements for the sale and rental of housing, the Meta ad distribution system employs the criteria mentioned in the Civil Rights Act of 1968, namely its eighth and ninth parts, also known as Fair Housing Act. This law states that the sale or rental of housing must not involve discrimination on the part of the property owner, and this applies to both the transactions themselves and the advertising that precedes them. Advertising must not discriminate against the audience based on race, sex, gender, religion, sexual orientation, etc. The prosecution argues that this is exactly what happens when the ad targeting system, based on the data mentioned, does not allow part of the audience to see some ads at all. At the same time, people are not even aware of such filtering.

Significantly, this is the first time the law has been applied to digital advertising and digital targeting mechanisms. The U.S. Department of Justice noted that the Meta agreed to develop a new tool under the supervision of the DoJ. The new product must exclude discrimination and be built on other filtering criteria. The U.S. Attorney for the Southern District of New York, Damian Williams, said that if Meta continues to use discriminatory technologies, the civil rights lawsuit will not be dismissed and litigation will continue.

For the time being, Meta has a settlement of the lawsuit and seven months (until December 31) to come up with the revised ad-targeting tool. Otherwise, the corporation would have to stand before a federal court.

The post Meta to Give up its Discriminating Ad-Targeting System appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/meta-lawsuit-discrimination/feed/ 0 8763
Meta Infostealer Malware Spread via Spam https://gridinsoft.com/blogs/meta-infostealer-malware/ https://gridinsoft.com/blogs/meta-infostealer-malware/#respond Tue, 12 Apr 2022 15:09:51 +0000 https://gridinsoft.com/blogs/?p=7271 Meta, a newly crafted information-stealing malware, is distributed via a vast spam spree. The mechanism of the stealer injection within this campaign is already well-known. However, Meta is now a mainstream tool among hackers. Therefore, further attacks featuring this software but with different scenarios are inevitable. This article explains how the current malspam scheme works.… Continue reading Meta Infostealer Malware Spread via Spam

The post Meta Infostealer Malware Spread via Spam appeared first on Gridinsoft Blog.

]]>
Meta, a newly crafted information-stealing malware, is distributed via a vast spam spree. The mechanism of the stealer injection within this campaign is already well-known. However, Meta is now a mainstream tool among hackers. Therefore, further attacks featuring this software but with different scenarios are inevitable. This article explains how the current malspam scheme works. We also share the story behind the info stealer.

READ ALSO: Spyware vs. Infostealer – what’s the difference?

The information provided within the current article, including the images, is courtesy of Brad Duncan, an independent cybersecurity analyst, the man behind the malware-traffic-analysis.net blog.

Meta Infostealer Malware Spread via Spam

Spam Campaign details

The Meta infostealer malware gets into the victim’s computer. It begins with an email with an attachment. Already a stay-away thing for the experienced ones, but someone might still buy into that. The bait is classic: you have received payment, and there is a little paperwork to be done before getting your money.

Meta Stealer Infection Scheme
This is a Meta Stealer Infection Scheme provided by Brad Duncan. Source: isc.sans.edu

After the user downloads the attachment (an excel table within the current campaign,) the file will, just as expected, request allowance to execute macros. The sheets file features a DocuSign image to be more persuasive, although it is unnecessary since it is already downloaded. If the victim consents, enabled scripts (VBS) start downloading stuff from several sources.

Request for Macros
The attached excel file with a DocuSign seal asks for macros allowance. Source: isc.sans.edu

The downloaded payload gets encoded with base64 (schemes presenting binary data as text) or undergoes byte reversal. Both methods increase the malware’s chances of passing undetected by antivirus programs. The fetched content constitutes *.dll and *.exe files.

Reversed bytes in the downloaded DLL
You can see the reversed byte order in the downloaded DLL. Source: isc.sans.edu

The hacker’s plan succeeds as a malicious executable gets assembled on the victim’s computer, and it starts sending data to the server with 193[.]106[.]191[.]162 address. The file name is ‘qwveqwveqw,’ and it even gets itself a system registry entry. Meta steals passwords for cryptocurrency wallets and web browsers, namely Chrome, Firefox, and Edge. By the way, Meta alters PowerShell and Windows Security settings, excluding *.exe files from antivirus examination.

Meta Stealer's Traffic
Meta-generated traffic. Source: isc.sans.edu

Brief information on Meta malware

The hacker community quickly reacted to the suspension of Raccoon Stealer malware. Its operators stopped selling and supporting the tool as one of the developers became a victim of the war in Ukraine. Meta, advertised as the successor of RedLine, is one of several stealers that arrived to occupy the vacant niche. Its monthly price on the 2Easy botnet marketplace is $125 and a lifetime subscription costs $1000. For a more thorough analysis of the Meta malware, consider reading the original report by Brad Duncan on the Internet Storm Center security forum.

RELATED: Why is the 2easy trading platform gaining popularity?

The post Meta Infostealer Malware Spread via Spam appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/meta-infostealer-malware/feed/ 0 7271
Major corporations teamed up to fight AI bias https://gridinsoft.com/blogs/major-corporations-teamed-up-to-fight-ai-bias/ https://gridinsoft.com/blogs/major-corporations-teamed-up-to-fight-ai-bias/#respond Mon, 13 Dec 2021 19:54:11 +0000 https://gridinsoft.com/blogs/?p=6645 American corporations have teamed up to form the Data & Trust Alliance, which has developed a software assessment system to fight AI bias. When hiring employees, HR departments are increasingly turning to artificial intelligence (AI) technologies for help. With their help, CVs are analyzed, video interviews are conducted and the mental state of applicants is… Continue reading Major corporations teamed up to fight AI bias

The post Major corporations teamed up to fight AI bias appeared first on Gridinsoft Blog.

]]>
American corporations have teamed up to form the Data & Trust Alliance, which has developed a software assessment system to fight AI bias.

When hiring employees, HR departments are increasingly turning to artificial intelligence (AI) technologies for help. With their help, CVs are analyzed, video interviews are conducted and the mental state of applicants is assessed.

Major American corporations have decided to join forces to prevent these technologies from producing biased results that could perpetuate or even exacerbate discrimination.

According to The New York Times, last week they launched the Data & Trust Alliance, which includes representatives from various industries, in particular CVS Health, Deloitte, General Motors, Humana, IBM, Mastercard, Meta (parent company of Facebook), Nike and Walmart.

The organization does not engage in lobbying or research. With the participation of corporate and third-party experts, the Data & Trust Alliance has developed a system for evaluating software that uses AI. The system consists of 55 questions covering 13 topics, and its purpose is to combat algorithmic bias.

This is not just an acceptance of principles, but a real implementation of concrete measures.said former American Express CEO and co-chairman of the Data & Trust Alliance Kenneth Chenault.

Today’s AI software is data driven, so it matters which data is used and how it is used. If the data for training the algorithms are mostly white males, then the results produced by these algorithms are likely to discriminate against blacks and females. If, for example, the data for predicting success in a company refers to employees who have performed well in the past, the results produced by the algorithm may reinforce pre-existing bias.

Seemingly neutral datasets, when used with others, can lead to results that discriminate against applicants based on race, gender, or age.

Internal research of Data & Trust Alliance companies has shown that their HR departments use AI-based software, often sourced from third-party vendors. Enterprise users generally don’t know what data the vendor used to train the AI models, and how those models work.

To develop the solution, the alliance recruited its employees from HR, data analysis, legal and procurement departments, as well as software vendors and external experts. This collaboration resulted in a bias detection, measurement and mitigation system for learning data processing practices and developing HR software.

Let me remind you that I also wrote that Scientist discovered a vulnerability in the universal Turing machine.

The post Major corporations teamed up to fight AI bias appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/major-corporations-teamed-up-to-fight-ai-bias/feed/ 0 6645