Illustration file picture shows a man typing on a computer keyboard in Warsaw

Online spies: concerns, act and examples.

Why do people become spies ? Why do people spy on each other?

Many motivations can be brought to consideration: money, intelligence, competition, lust.

Privacy is one of the rights citizens demand the most but still, one that we respect the less.

Technology applied to the cyberspace has brought up new ways for people to expose themselves and for spies to achieve their goals. Over the past few weeks, several incidents have proven that in the cyberspace, spying is within reach of anybody.

 

Voyeurs meet hackers

In March 2018, several incidents were released in the news regarding the leakage of sauna videos, in the Netherlands. These videos went viral, mainly for they showed the Dutch national team. It is important to enhance though, that thousands, probably millions of videos like these exist without victims knowing it. Websites like www.shodan.io provides information about connected devices and abused, can become a door for spies.  

While some cases used basic physical tricks, like hiding a camera in a bag or  a towel, other cases like the one regarding the Dutch Handball team involved hijacked cameras. The camera was illegally set by the owner who got hacked in 2015. The hack seemed to have been committed with ideological motivations, as the hacker formally asked the owner of the sauna to remove the devices, threatening to publish the videos. They eventually went online and were discovered recently, along with other footage from the same wellness center.

These materials illegally obtained were then published on adult websites, where the leak was picked up.

 

Spies in your own home

RedSocks’ Threat Intelligence team has set IoT as a top threat for 2018. IoT devices are interesting for criminals as they connect the end users in their most private environment to the cyberspace.

What and why?

Hackers exploit the vulnerability of IoT products to get access. Once access has been gained, hackers will try to get audios and videos. Above all, spies using IoT devices will try to track behaviors and movements to collect data. Footage can be used to gain information or to demand ransom. A recent research from Kapersky Lab found many vulnerabilities on devices with cameras. These vulnerabilities are mainly linked to the design of the cloud-backbone, originally created for customers to get remote access.  

The report also reveals cameras can be used as bridges to launch attacks on other devices, used to steal credentials and be cryptojacked.

Eventually, criminals are not the only ones who could get interested in spying users through their connected devices; about two years ago, the director of the US National Intelligence had claimed they could be used to collect intel on relevant cases. The Wiki leaks from last year revealed a program named Weeping Angel, developed to record audio from Samsung TV, while end-users believe their TV is switched off.

 

 

Spies sneaking into one’s computer

Spyware is another way for criminal to gain access to your private life through one’s devices. Two of them were exposed this week, one related to governments, one to mobile devices:

  • Finfisher: Finfisher is a campaign using a surveillance software for law enforcement channels. Devices are infected through spear phishing, watering-hole attacks, 0-day exploits and manual installations. The spyware can keylog, exfiltrate files and execute live visual and audio live surveillance. More info.
  • Reddrop: Reddrop has been described as one of the most persistent malware ever seen by the researchers who have found it. This malware infect Android devices by lurking into 53 apps. The criminals behind it use 4,000 malicious domains to distribute the apps containing the malware. It uses a complex Content Distribution Network, which made it harder to find its origin. The malware sends premium sms to some mobile-based services, unknowingly charging the owner of the device. The malware also gets access and steals encrypted and on-encrypted personal data such as photo, contacts and network codes. More info.

 

How to avoid these risks?

  • Security policy: cyber hygiene, phishing awareness, safe downloads, regular updates, turn off devices when not used, cover your webcam.

 

  • Vulnerabilities patch: companies, especially in IoT need to get ahead of the exploitation of vulnerabilities.

 

  • Governments and law enforcement need to keep on addressing privacy and security issues deeper, as it is expected as the GDPR comes into force in May.

 

 

These news enhance how concerning privacy issues are, as both the physical and cyberspace meet for criminal purposes. Eventually, privacy incidents lead to more security issues.

Privacy is Security and Security is Privacy.

 

Infected by a spyware? Contact us!

osint@redsocks.nl

 

 

 

Back to overview