Facebook Research App Removed from App Store

After seeing their Onavo VPN application removed from the Apple App Store last year, Facebook has re-branded the service as a “research” app and made it available through non-Apple testing services. The app itself requires users download and install a Facebook Enterprise Developer Certificate and essentially allow the company complete access to the device. While many users seem to be in it only for the monthly gift cards, they remain unaware of the extreme levels of surveillance the app is capable of conducting, including accessing all social media messages, sent and received SMS messages and images, and more. Apple has since completely removed Facebook’s iOS developer certificate after seeing how they collect data on their customers.

Japan Overwhelmed by Love Letter Malware Campaign

Following the discovery of the Love Letter malware a couple weeks ago, the campaign has been determined to be responsible for a massive spike in malicious emails. Hidden amongst the contents of the suspiciously-titled attachments are several harmful elements, ranging from cryptocurrency miners to the latest version of the GandCrab ransomware. Unfortunately for users outside of the origin country of Japan, the initial payload is able to determine the system’s location and download additional malicious payloads based on the specific country.

Apple FaceTime Bug Leads to Lawsuit

With the recent announcement of a critical vulnerability for Apple’s FaceTime app, the manufacturer has been forced to take the application offline. Unfortunately, prior to the shutdown, one Houston lawyer filed a case alleging that the vulnerability allowed for unauthorized callers to eavesdrop on a private deposition without any consent. By simply adding a user to a group FaceTime call, callers were able to listen through the other device’s microphone without that user answering the call.

Authorities Seize Servers for Dark Online Marketplace

Authorities from the US and Europe announced this week that, through their combined efforts, they had successfully located and seized servers belonging to an illicit online marketplace known as xDedic. While this was only one of many such server sites, administrators could have used it to facilitate over $68 million in fraudulent ad revenue and other malicious activities. Hopefully, this seizure will help law enforcement gain an understanding of how such marketplaces operate and assist with uncovering larger operations.

French Engineering Firm Hit with Ransomware

Late last week the French engineering firm Altran Technologies was forced to take its central network and supported applications offline after suffering a ransomware attack. While not yet confirmed, the malware used in the attack has likely been traced to a LockerGoga ransomware sample uploaded to a malware engine detection site the very same day. Along with appending extensions to “.locked”, LockerGoga has been spotted in multiple European countries and seems to spread via an initial phishing campaign, and then through compromised internal networks.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This