Operation Pawn Storm targets out of date iOS users

I often tell people who are looking for a cheap computer that there are numerous costs beyond the purchase price to consider.

This week on 3 separate occasions this point has popped its head up.

Episode 1: A woman asked me for a recommendation for a new computer – she is an octogenarian that uses it only once or twice a year when she can’t use her Kindle to make travel arrangements.  She was unaware that she could go to websites on her Kindle Fire and be able to make flight reservations.  Instead of showing her an array of computer options, I showed her how to navigate on her tablet.  She breathed a sigh of relief that she would not have to learn a new computer operating system (her old computer was still running XP).

Episode 2: A gentleman that I helped purchase a mac mini about 3 years ago called with a problem that AppleCare had tried to help him fix but couldn’t.  In the interest of saving money at purchase time, we had gotten an inexpensive monitor from CompUSA to pair with his MacMini.  On hearing him describe his symptoms, I knew the solution was to change the input on the monitor, but he had no idea where the button for that was, and I had no idea without being in front of it to hunt for it.  He asked why he got that monitor and not an Apple one, and I reminded him that he (his daughter) didn’t want to spend as much as an Apple monitor would cost.

Epsiode 3: A coworker recently moved to an iMac and was wondering how she was going to be able to back up her computer – a matter of 3 clicks later, TimeMachine was enabled and she was impressed to learn that it would keep hourly backups so in case she accidentally deleted or modified a file, she would have access to recent changes in a very intuitive interface.

It is vitally important to consider the value of your peace of mind when looking at the cost of your new machine.  How much is your aggravation worth?

You may have heard about the FREAK exploit that has been talked about lately, and you might think you are secure using the bank app, or medical records app that you downloaded directly from the Apple Store or Google Play.

A new study just released has shown that isn’t quite the  case, as the FREAK exploit is based on the encryption keys that the server you connect to, not the App on the phone alone.

Ars Technica has an article about the study, and points out that users of apps should contact the vendors to inquire wether they have corrected the app to prevent FREAK attacks.

WHAT SHOULD I DO?

1 – Upgrade your phone to the latest versions, as they have tried to prevent a vast majority of FREAK attacks in the latest versions.  The study found that even after the update on iOS, there were still 7 apps that were vulnerable.

2 – Don’t trust public wifi for secure transactions – you never know when the guy or girl next to you at the library is actually trying to hack your bank account.

Experts are predicting that 2015 will be the worst year ever for credit card fraud, as the US begins transitioning to the EMV card standard.  The US accounts for over 47% of all fraudulent card transaction losses on 23% of all fraudulent transactions.  That is primarily because we haven’t moved to the chip card standard.

So look for your bank to be issuing you a new card with a chip in it soon.

If you are thinking that Apple Pay (the secure credit card transaction method in the new iPhones) will stop this….well not so fast.  Hackers have found a way to use the iPhones as accomplices.  They buy credit card numbers on the black market, and load them into an iPhone, eliminating the need to create fake pieces of plastic.

If you are an Apple Pay using iPhone owner, your information in the phone is not being hacked, so don’t worry.

Kaspersky Labs – the one that says over and over that 20xx is “The Year of the Mac Virus” where xx=(03-15 so far) has released a study about a piece of malware that they have recently uncovered that is groundbreaking in many ways.  It is ALMOST undetectable, and they have been infecting machines for over 14 years.

If you like reading an analysis that reads more like a spy novel, the actual report is here.  A more accessible article was posted to Ars Technica on Feb 16, 2015.

“The discovery of the Equation Group is significant because this omnipotent cyber espionage entity managed to stay under the radar for almost 15 years, if not more,” Raiu said. “Their incredible skills and high tech abilities, such as infecting hard drive firmware on a dozen different brands, are unique across all the actors we have seen and second to none. As we discover more and more advanced threat actors, we understand just how little we know. It also makes us reflect about how many other things remain hidden or unknown.”

Kaspersky also claims that iOS and MacOS systems have been infected:

Redirects that sent iPhone users to unique exploit Web pages. In addition, infected machines reporting to Equation Group command servers identified themselves as Macs, an indication that the group successfully compromised both iOS and OS X devices.

It will be interesting to see if this discovery of Kaspersky Labs turns out to be something more than the active imagination of a FUD dealing protection peddler.

There is a new attempt to compromise your iPhone or iPad.  It attempts to load a rogue application onto your phone using a method used by developers to test their software before it is approved by the Apple App Store Process.

There may be other methods of infection that are used to install this particular malware. One possible scenario is infecting an iPhone after connecting it to a compromised or infected Windows laptop via a USB cable.

However, in order to do this, you have to help the hackers.  The attempt will pop a number of dialog boxes asking for your confirmation to install an app.

What should I do?

Make sure you are running the most recent version of the operating system for your device.  If you have an older device that cannot run iOS8, be sure not to just click allow.

For more information see the Trend Micro Blog