• NO Processing Fee, No Diagnosis Fee, NO Data No Charge
12 Apr

SNEAK PEAK INTO BUSINESS EMAIL COMPROMISE ATTACKS

SNEAK PEAK INTO BUSINESS EMAIL COMPROMISE ATTACKS

EAST AFRICAN DATA HANDLERS :  Cyber Security Awareness

Business email compromise (BEC) is a type of email cybercrime scam in which an attacker targets a business to defraud the company. Business email compromise is a large and growing problem that targets organizations of all sizes across every industry around the world. It exploits the fact that so many of us rely on email to conduct business—both personal and professional. In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request.

Types of BEC

  1. CEO Fraud: Here the attackers position themselves as the CEO or executive of a company and typically email an individual within the finance department, requesting funds to be transferred to an account controlled by the attacker.
  2. Account Compromise: An employee’s email account is hacked and is used to request payments to vendors. Payments are then sent to fraudulent bank accounts owned by the attacker.
  3. False Invoice Scheme: Attackers commonly target foreign suppliers through this tactic. The scammer acts as if they are the supplier and request fund transfers to fraudulent accounts.
  4. Attorney Impersonation: This is when an attacker impersonates a lawyer or legal representative. Lower level employees are commonly targeted through these types of attacks where one wouldn’t have the knowledge to question the validity of the request.
  5. Data Theft: These types of attacks typically target HR employees in an attempt to obtain personal or sensitive information about individuals within the company such as CEOs and executives. This data can then be leveraged for future attacks such as CEO Fraud.

How Criminals Carry Out BEC Scams

A scammer might:

  • Spoof an email account or website. Slight variations on legitimate addresses (john.kelly@examplecompany.com vs. john.kelley@examplecompany.com) fool victims into thinking fake accounts are authentic.
  • Send spear phishing emails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. That information let criminals to access company accounts, calendars, and data that gives them the details they need to carry out the BEC schemes.
  • Use malware. Malicious software can infiltrate company networks and gain access to legitimate email threads about billing and invoices.

How to Protect Yourself against BEC

  1. Be careful with what information you share online or on social media. By openly sharing things like pet names, schools you attended, links to family members, and your birthday, you can give a scammer all the information they need to guess your password or answer your security questions.
  2. Don’t click on anything in an unsolicited email or text message asking you to update or verify account information. Look up the company’s phone number on your own and call the company to ask if the request is legitimate.
  3. Carefully examine the email address, URL, and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
  4. Be careful what you download. Never open an email attachment from someone you don’t know, and be wary of email attachments forwarded to you.
  5. Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.
  6. Verify payment and purchase requests in person if possible or by calling the person to make sure it is legitimate. You should verify any change in account number or payment procedures with the person making the request.
  7. Be especially wary if the requestor is pressing you to act quickly.

As BEC cybercriminals usually target larger corporations which will potentially lead to bigger pay-outs, the likely reason for the lower proportion of BEC attempts in Africa is the relatively smaller concentration of large businesses and corporations there.

However, there are several offshore companies based in Africa, and the COVID-19 pandemic situation contributed to the increase in this type of cybercrime. Their employees rely heavily on wire transfer transactions, opening up more opportunities for cybercriminals to exploit. Within Africa, it was mainly detected in countries like South Africa, Tunisia, Morocco, Mauritius, Nigeria and Kenya.

 

Looking for Digital Forensics Services in Kenya and Africa? Contact   East African Data Handlers now for unrivalled support! Call 0711 051 000 

Contact us Now



    Your Message

    [recaptcha]

     

    Share this
    22 Jan

    Data expert helping trace data crime

    Data expert helping trace data crime

    On many occasions during tense court proceedings for a Data Crime Related case, George Njoroge, the CEO of East Africa Data Handlers, has felt like punching the air in exasperation as he listened to his lawyer go off-script. In some of those instances, he has ended up losing data litigations he should have won with ease.

    He had lost enough suits by the time he decided to enrol for a law degree at the University of Nairobi two years ago. His vision was not to become a lawyer.

    “I would be very clear about the assignment at hand, but I just could not articulate the brief to the lawyer in proper legal terms. I needed a grasp of the law to be able to instruct my legal team better.”

    Wearing a smile with as much swank as his blue tuxedo, he tells me that helping people and businesses to mitigate different issues through data has been the biggest fulfilment of his life. But his experiences have also been an opportunity to “understand our naivety about the complexities of data.”

    That he is in the right place at the right time could not be truer. Fifteen years ago, he set up East Africa Data Handlers, the only such business in Kenya. For 10 years, the firm built a reputation for helping clients recover lost data.

    Now the business has expanded to six markets in Africa. But the scene is different. He tells me the data recovery segment of the business is no longer viable. “Few people lose their data anymore. Recovering lost data constitutes only about 20 percent of our work or less.”

    Instead, there is an almost infinite and untapped mine in forensics work “which is the future for data professionals.”

    Forensics is exciting, lucrative but a dangerous territory with clientele spanning powerful people, corporations, and State agencies.

    To get a feel of his world, George is hesitant to do this interview in either of his two labs in the city where more than 100 data engineers and analysts, forensics technicians, and reconstruction experts work.

    “This work is sensitive. Essentially, we break into computers to extract vital digital information for use as evidence in court.” The last thing he wants in his labs is prying eyes, I gather.

    On the day of this interview, I run into him in the lift, with a visibly agitated client in tow. From their body language, it is obvious something is off-tangent.

    “Data theft or manipulation often means loss of business or reputation,” he explains about the frantic conversation with the client.

    Many of those who come to see him are in this distraught state. But it is his effortless calm in the face of routine tempests that is admirable about this executive. EADH is betting on two things to grow in this relatively new market; Anton Piller and ransomware decryption.

    “In Anton Piller, data experts search a suspect’s premises, including their computers, to seize evidence needed to prosecute a case.” In this principle, no prior notice is given.

    The company has applied this principle in disputes involving corporations, including one between a leading telco and an associate, and during mergers and acquisitions where skulduggery often thrives.

    “We’ve used Anton Piller to investigate claims of insider trading during a merger between two companies in the energy sector,” he recounts.

    George acknowledges that obtaining evidence this way is often a slippery process, owing to the legal landmines involved. “The product of an [illegal process] is illegality. The first thing you do is to legalise the process by getting a court order from a judge by presenting what you believe is evidence.”

    It is for the same reason that the business runs with exclusivity and, sometimes, secrecy.

    Three years ago, George had toyed with the idea of listing his company. Today, he is glad he held back.

    “Many of the companies who did at the time haven’t gained as much value as the owners had anticipated. Our stock market hasn’t done well in recent years. Privately held companies have dinner better.”

    George does admit, though, that he is an introverted and introspective professional who believes that “things move faster when I act alone.”

    A father of four, he says he wants his children to have a different outlook on education.

    “I want them to appreciate how differently things are done elsewhere and that they can replicate it here by choosing whatever career paths they want.”

    New-age crime

    Nothing excites George quite like the applicability of technology to mitigate issues such as new-age crime.

    Ransomware is his favorite.

    “Today, criminals will hack into a company computer and encrypt their data (putting a password) and then demand a ransom,” he explains.

    For businesses, encryption of their data, usually collected for years, is unthinkable. “It’s this data they use to draw insights that inform their business decisions.”

    As such, many will pay any amount of money to have access to their data “which the hackers have no use for.”

    George says the way of life has made the modern human more vulnerable to data malpractices, mostly because “we’re behavioural and instinctive.”

    Passwords offer little protection for personal data. This is true for individuals and companies.

    “In most cases, the IT manager keeps the password for the company’s computers. Sometimes the password is his girlfriend’s name. You only need to get this detail and all the data is yours to access.”

    This vulnerability will only grow worse in the future. To him, it is up to people to change what details they keep on their phones, for instance. “We’ve our lives compressed in our phones from wallets to personal pictures, certificates, and other documents. This makes us vulnerable.”

    Then there are the deep fakes, which run wide and against which no one is safe. Personalities have fallen victim to the use of footage, images, and audio from different contexts combined to create a narrative that either embarrasses them or hurts their brand.

    “The complexity of telling the difference between what’s authentic and what’s fake is very high today,” George says, revealing that he is currently working on “one of the biggest cases locally” where the data of a business has been compromised.

    He has a name for it: corporate thuggery. “It’s becoming an area of focus for us as a business. We’re constantly working to prove that certain things [about our clients] didn’t happen.”

    On the future of data litigation, George insists that the judge, prosecutor, and lawyer of the future will have to be tech-savvy.

    “I see a possibility where to study law one will be required to have an undergraduate degree in the various disciplines in technology.” His indulgence With nearly 20 timepieces, buying collector watches is George’s way of rewarding himself. He tells me that investing money in property has never appealed to him. If he could, he would invest his wealth in crypto currency, a possibility he has considered since 2015. “When I learnt about it, one Bitcoin cost $2,000 (Sh220,000). Today, the coin costs $50,000 (Sh5.5 million).” Why then didn’t he invest when he had a chance and could afford it?

    “At one point, the crypto market crashed. I was also not sure whether it was the right time to invest. At the time, and even today, I still haven’t figured out how crypto currencies work.”

    A General Election is coming in under seven months, and once again, data on voters is priceless in the development of campaign messaging. It is also a period that is awash with data manipulation, misinformation, and malice. George’s take is straightforward and blunt.

    “The battle will be won digitally. You can’t wish away the power of technology to influence and shape the opinions and actions of people.”

    If hiring a data expert is an expensive undertaking for many businesses, setting up a data department is nearly inconceivable. How has he managed to hire such a large team of highly sought-after professionals?

    George argues that his focus has always been to attract and retain talent. “We’ve been around for 15 years. This has allowed us to develop the right talent and skills.”

    Companies, he says, cannot continue to hold back investment in data.

    “The future of business is in data-driven decision making. It’s in innovation. No CEO can afford to make decisions on a whim anymore. A must-have in many businesses today is an accountant. The must-have in companies of the future will be data analysts.”

     

    Full Interview Courtesy of: Business Daily Africa.

    https://www.businessdailyafrica.com/bd/lifestyle/profiles/data-expert-helping-trace-crime-3688706

    Looking For  Data Digital Forensics Experts in Kenya And Africa”

    Talks to out Data Experts:

    Contact

    +254 722 435 163 or +254 711 051 000.

    WhatsApp Us On https://wa.me/254722435163

     

    Share this
    26 Aug

    Hacking Techniques

    Top 10 Common Hacking Techniques You Should Know About

    Below are some of the hacking techniques that are commonly used to get your personal information in an unauthorized way.

    1.ClickJacking Attacks: ClickJacking is also known by a different name, UI Redress. In this attack, the hacker hides the actual UI where the victim is supposed to click. This behavior is very common in-app download, movie streaming, and torrent websites.
    2.Virus, Trojan: Viruses or Trojans are malicious software programs that get installed into the victim’s system and keep sending the victim’s data to the hacker.
    3.Phishing: Phishing is a hacking technique using which a hacker replicates the most-accessed sites and traps the victim by sending that spoofed link.
    4.Eavesdropping (Passive Attacks): Unlike other attacks that are active in nature, using a passive attack, a hacker can monitor the computer systems and networks to gain some unwanted information.
    5.Fake WAP: Just for fun, a hacker can use software to fake a wireless access point. This WAP connects to the official public place WAP. Once you get connected to the fake WAP, a hacker can access your data, just like in the case above.
    6.Waterhole attacks: If you are a big fan of Discovery or National Geographic channels, you could relate easily with the waterhole attacks. To poison a place, in this case, the hacker hits the most accessible physical point of the victim.
    7.Denial of Service (DoS\DDoS): A Denial of Service attack is a hacking technique of taking down a site or server by flooding that site or server with a huge amount of traffic so that the server is unable to process all the requests in real-time and finally crashes down.
    8.Keylogger:  A keylogger is a simple software that records the key sequence and strokes of your keyboard into a log file on your machine.
    9.Cookie theft: The cookies in our browser store personal data such as browsing history, username, and passwords for different sites we access. Once the hacker gets access to your cookie, he can even authenticate himself as you on a browser. A popular method to carry out this attack is to manipulate a user’s IP packets to pass through attacker’s machine.
    10. Bait and Switch: Using Bait and Switch hacking technique, an attacker can buy advertising spaces on the websites. The hacker can run a malicious program that the user believes to be authentic. This way, after installing the malicious program on your computer, the hacker gets unprivileged access to your computer.

    Ways to protect yourself from hackers.

    1: Don’t access personal or financial data with public Wi-Fi.
    2: Turn off anything you don’t need.
    3: Choose your apps wisely.
    4: Use a password, lock code or encryption.
    5: Be skeptical about links and attachments.
    6: Make us of Trace or erase on Mobile Devices: You can set up your device to lock itself after a pre-set number  of failed log-in attempts.

     Need help contact us.

    Do you suspect you have been hacked? Do you need help investigate?
    Call us  +254 722 435 163 or +254 711 051 000.

    Share this
    19 Aug

    6 Ways to Protect Yourself From Hackers

    6 Ways to Protect Yourself From Hackers

    All the information on your phone or devices could be easily be made available to hackers in the area, unless you’ve taken steps to secure and protect your data. Find out how to prevent hackers from accessing your data.

    What you need to do to prevent your devices from being hijacked by hackers.

    1. Don’t access personal or financial data with public Wi-Fi.

    Hackers offer free public internet to install malwares in target devices randomly.

    2. Turn off anything you don’t need.

    Devices that have been hacked before or have vulnerable application running silently in the background, the hackers use this loopholes to install malicious files, live virus or even do remote access of your device to exploit your data.

    3. Choose your apps wisely.

    Hackers are have created a habit of cloning genuine application to unsuspecting victims. Before installing any application, ensure it’s legitimate , secure and up-to-date. Always read the reviews from past users experience to see if there are faults faced and vulnerability reports sent.

    4. Use a password, lock code or encryption.

    A habit to constantly changing your password will help reduce chances of hackers accessing  your devices.

    5. Be skeptical about links and attachments.

    Before you open any link and downloads or attachments ensure you have scanned  them or any URL is scanned before clicking as hackers use fake links and attachments to redirect victims to their target vulnerable area. In the process they install malwares silently.

    6. Trace or erase.

    Always remember you can set up your device to lock itself after a pre-set number of failed log-in attempts. This reduces chances of the hackers accessing your data.

    Do you suspect you have been hacked or hackers have attacked?

    CALL US ON +254 722 435 163 or +254 711 051 000 to talk to our experts now.

    You can also always  send us a WhatsApp via this link: https://wa.me/254722435163

     

    Share this
    22 Jun

    9 Reasons Digital Fraud Is On The Rise

    9 Reasons Digital Fraud Is On The Rise.

    What Is Digital Fraud? Digital fraud is when criminals try to use email, websites, malicious software or other methods to learn your personal details or trick you into paying . Digital fraud entails the use of phishing emails, phony websites, bogus mobile apps, fake social media profiles, and other mechanisms to illegally obtain information and defraud consumers and businesses

    1: Chaos caused by the global COVID-19 crisis.

    Opportunistic hackers are taking advantage of the chaotic, global crisis to commit even more fraudulent activity. There is an extensive monitoring going on done by hackers as people work from home with the lockdown, all their digital payments are being monitored, communications and any other activity, hence digital fraud is becoming more rampant.

    2: A changing e-commerce landscape.

    Another trend impacting the rise in digital fraud is more retail purchases shifting online.

    3: The advent of new marketplace platforms.

    From social networks and dating apps to food delivery, alternative transportation, and vacation rentals, digital channels have revolutionized almost every industry. This new platforms are creating stepping stones for trails for digital fraud with baits being set by hackers to lure users with fake pseudo accounts look as if they are genuine.

    4: Payments moving online.

    In addition to consumers transacting more in online marketplaces, they are also using peer-to-peer payment (P2P) and e-Wallet apps more often. The easiest way a digital fraud takes place is interception of the P2P by hackers to divert the funds.

    5:Increasingly digital banking services.

    Today’s consumers demand more online and mobile services from their financial institutions. As a result, legacy banks are going digital. This is opening a Pandora box for hackers to take advantage of loopholes for applications that are not secure enough causing digital fraud to take place.

    6: New consumer expectations.

    Today’s consumers also expect their data to be secure. Yet they will abandon any transaction that takes too long, requires too much data, or is too complex. Whenever a consumer ignores to fully comply to the terms and conditions that help secure a transaction this leads to digital fraud taking place as hackers intercept this  incomplete transactions and change credentials.

    7:More sophisticated fraud tactics.

    Due to an increasing number of data breaches over recent years, fraudsters can more easily access PII (personally identifiable information) and use it against consumers.

    8:Unclear legal jurisdiction of cross-border fraud.

    Global commerce gives today’s online retailers and marketplaces an opportunity to reach even more customers.

    9:Technological advancements.

    Today, digital fraud has also accelerated and grown even more sophisticated due to the rise of e-commerce, mobile payments, and computing power.

    Share this
    08 Jun

    Cyber Attacks Protection

    How to Protect Your Organization Against Cyber Attacks?

    Witnessing the extent of damage cyber attacks can cause should be reason enough to take the necessary preventive measures right away. So, here are some steps you can take to reinforce your organization’s cyber security framework and keep it shielded from cyber attacks.
    1) Generate Cyber Security Awareness:
    2) Implement a Phishing Incident Response Tool for Cyber Attacks
    3) Carry Out Cyber VAPT
    4) Keep the Systems Updated:
    5) Implement MFA: Enable Multi-Factor Authentication (MFA) across all the applicable endpoints of your organization’s networks to prevent Cyber Attacks.

    Conclusion

    So, don’t wait for your company’s name to be on the list of cyber attack victims and take the necessary precautions immediately.
    Would you like Cyber Attacks Protection Services  for the above in your organization?
    For your consultation please call us today on +254 722 435163 or +254 711 051 000. | Talk to our Experts #Fraud #Ransomwar. #cyberattack #cybercrime #hackers #ransomwareremoval #ransomwareattack #hackers Visit us here :https://goo.gl/maps/KcpRLuJBc3qi
    Share this
    20 Aug

    Why CEO’s Shouldn’t Ignore the Human Factor in Cyber Security in Kenya

    Why CEO’s Shouldn’t Ignore the Human Factor in Cyber Security in Kenya

    In this era and with the world COVID pandemic, the majority of CEO’s are still taking cyber security requirements too lightly leading to serious consequences. The human element is still playing the biggest role in rendering most businesses vulnerable to cyber security threats and attacks. A recent study conducted by Kaspersky Lab on over 5,000 businesses around the globe revealed that about 52% (which is more than half) of businesses believe they are at risk from within. This is to say, the staff, either intentionally or unintentionally through acts of carelessness or lack of knowledge put the businesses they work for at great risk of cyber-related threats. 

    Kenya is not exceptional when it comes to cyber risks, therefore CEO’s ought to be aware of how easy it is for employees or the human factor to impact a company’s security by exposing the companies to security breaches. On many occasions, the same employees can be used as the attack vectors by being careless or uninformed hence becoming prone to threats such as phishing and social engineering since they do not know how to spot the difference between a legitimate application or fake one to lure them opening a malicious malware or virus application.

    It is very important for businesses not to consider policies alone as a way of covering cyber-related risks since not all policies are always followed. CEO’s therefore should consider solutions that provide more visibility and centralized security management of corporate networks, regular employee awareness training on cyber security so that they can be conscious of the impacts if they are ignoring the risk, they are exposing the company by their null or negative actions to safeguard the company data.

    Any individual with access to an organization’s systems and data is a potential vulnerability. Most if not all of the high-profile corporate security incidents and breaches involve a human error or intentional, malicious actions. This is because many of them are usually successful cyber-attacks from external attackers who take advantage of the human weaknesses to lure insiders within organizations to provide them with access to sensitive company information. 

    Below are the Human Factor Strategies to consider for your organization

    1. Cyber workforce development:  Build a cyber workforce, capable of rising to the challenge of cyber security through recruiting and retaining efforts. 
    2. Training and awareness: Take a fresh look at information security training & awareness efforts; provide immersive learning opportunities to reinforce behavior change.
    3. Stakeholder and leadership engagement: Set up partnerships with leadership across organizations and ensure that leadership engages and supports cyber security programs.
    4. Finance Security initiatives: Organizations must also adopt more comprehensive strategies and increase their cyber security budgets. Of most importance is the adoption of threat intelligence which is not only based on technology but also human expertise. Threat intelligence systems usually automate the process of identifying important attacks out of vast data, tracking events as they occur with a real-time analysis that monitors the behavior of software, systems, and the human factory to detect a malicious incident. All this has to be planned with a budget in mind.

    Do you need a cyber security training or the implementation of threat intelligence systems? 

    Call East African Data Handlers today ( +254 0711 051 000) remember your employees urgently need an online cyber security training to protect themselves and the company data against any cyber-attacks. Remember by making employees aware of security threats, how they might present, and what procedures to follow when a threat is identified, you‘re indeed strengthening the most vulnerable links in the chain.

    Did you know that Threat Intelligence also enables organizations to draw on evidence-based knowledge, including but not limited to the context, mechanisms, indicators, implications, and actionable advice, about an existing or emerging menace or hazard? Since the event is logged, Threat Intelligence platforms provide forensic data that can be used to conduct the root cause analysis by determining the patterns, predict possible attacks and attack vectors, and help to prevent future attacks.

    Did you recently experience a data breach? Get in touch with us today so that we can help you discover when, how, who, and why the breach was successful.  Call now ( +254 0711 051 000) 

    The most effective strategy is therefore to recreate an actual working environment and putting employees amid a very real cyber-attack that they must defend against. 

    Share this
    20 Feb

    Chinese Spyware Pre-Installed on All Samsung Phones (& Tablets)

    Chinese Spyware Pre-Installed on All Samsung Phones (& Tablets)

    The reddit user throws light on the Samsung’s involvement with Qihoo 360,

    I know the title is rather sensational, however it couldn’t get any closer to the truth.

    For those who are too busy to read the whole post, here’s the TL;DR version: The storage scanner in the Device Care section is made by a super shady Chinese data-mining/antivirus company called Qihoo 360. It comes pre-installed on your Samsung phone or tablet, communicates with Chinese servers, and you CANNOT REMOVE it (unless using ADB or other means).

    This is by no means signaling hate toward Samsung. I have ordered the Galaxy S10+ once it’s available in my region and I’m very happy with it. I have been a long time lurker on r/samsung and r/galaxys10 reading tips and tricks about my phone. However, I want to detail my point of view on this situation.

    For those who don’t know, there’s a Device Care function in Settings. For me, it’s very useful for optimizing my battery usage and I believe most users have a positive feedback about this addition that Samsung has put in our devices. With that being said, I want to go into details regarding the storage cleaner inside Device Care.

    If you go inside the Storage section of Device Care, you’ll see a very tiny printed line “powered by 360”. Those in the west may not be familiar with this company, but it’s a very shady company from China that has utilized many dirty tricks to attempt getting a larger market share. Its antivirus (for PC) is so notorious that it has garnered a meme status in China, Hong Kong, Taiwan and other Chinese speaking countries’ Internet communities. For example, 360 Antivirus on PC would ACTIVELY search for and mark other competitors’ products as a threat and remove them. Others include force installation of 360’s browser bars, using misleading advertisements (e.g. those ‘YOUR DEVICE HAS 2 VIRUSES, DOWNLOAD OUR APP TO SCAN NOW’ ads). These tactics has even got the attention of the Chinese government, and several court cases has already been opened in China to address 360’s terrible business deeds. (On the Chinese version of Wikipedia you can read further about the long list of their terrible misconducts, but there’s already many on its English Wikipedia page: https://en.wikipedia.org/wiki/Qihoo_360).

    If the company’s ethics are not troublesome enough, let me introduce you to the ‘Spyware’ allegation I made in the title. A news report from the Chinese government’s mouthpiece ChinaDaily back in 2017 reveals 360’s plan to partner up with the government to provide more big data insights. In another Taiwanese news report back in 2014, 360’s executive even admits that 360 would hand the data over to the Chinese government whenever he is asked to in an interview (https://www.ithome.com.tw/news/89998). The Storage scanner on your phone have full access to all your personal data (since it’s part of the system), and by Chinese laws and regulations, would send these data to the government when required.

    With that in mind, for those who know intermediate computer networking, I setup a testing environment on my laptop with Wireshark trying to capture the packets and see what domains my phone are talking to. I head over to Device Care’s storage section and tapped update database (this manual update function seems to be missing from One UI 2.0), and voila, I immediately saw my phone communicating to many Chinese servers (including 360 [dot] cn, wshifen [dot] com). I have collected the packets and import them into NetworkMiner, here’s the screenshot of the domains: https://imgur.com/EtfInqv. Unfortunately I wasn’t able to parse what exactly was transferred to the servers, since it would require me to do a man in a middle attack on my phone which required root access (and rooting seemed to be impossible on my Snapdragon variant). If you have a deeper knowledge about how to parse the encrypted packets, please let me know.

    Some may say that it’s paranoia, but please think about it. Being the digital dictatorship that is the Chinese government, it can force 360 to push an update to the storage scanner and scan for files that are against their sentiment, marking these users on their “Big Data platform”, and then swiftly remove all traces through another update. OnePlus has already done something similar by pushing a sketchy Clipboard Capturer to beta versions of Oxygen OS (which compared clipboard contents to a ‘badword’ list), and just call it a mistake later. Since it’s close source, we may really know what’s being transmitted to the said servers. Maybe it was simply contacting the servers for updates and sending none of our personal data, but this may change anytime (considering 360’s notorious history).

    I discovered that the Device Care could not even be disabled in Settings. I went ahead and bought an app called PD MDM (not available on Play Store) and it can disable builtin packages without root (by abusing Samsung’s Knox mechanism, I assume). However I suffered a great battery performance loss by disabling the package, since the battery optimizer is also disabled too.

    After a bit of digging, the storage cleaning in Device Care seemed to be present for a long time, but I’m not sure since which version of Android. It previously seemed to be handled by another sketchy Chinese company called JinShan (but that’s another story), but got replaced by 360 recently.

    Personally, I’m extremely disappointed in Samsung’s business decision. I didn’t know about 360 software’s presence on my phone until I bought it, and no information was ever mentioned about 360 in the initial Setup screen. I could have opted for a OnePlus or Xiaomi with the same specs and spending much less money, but I chose Samsung for its premium build quality, and of course, less involvement from the Chinese government. We, as consumers, paid a premium on our devices, but why are we exposed to the same privacy threats rampant on Chinese phone brands? I get it that Samsung somehow has to monetize their devices with partnerships, but please, partner with a much more reputable company. Even Chinese’s Internet users show a great distrust about the Qihoo 360 company, how can we trust this shady and sketchy company’s software running on our devices?

    This is not about politics, and for those who say ‘USA is doing the same, why aren’t you triggered?’, I want to clarify that, no, if the same type of behavior is observed on USA companies, I will be equally upset. As for those who have the “nothing to hide” mentality, you can buy a Chinese phone brand anytime you like. That is your choice. We choose Samsung because we believe it stand by its values, but this is a clear violation of this kind of trust.

    If you share the same concern, please, let our voices be heard by Samsung. I love Reddit and I believe it’s a great way to get the community’s attention about this issue. Our personal data is at great risk.
    To Samsung, if you’re reading this, please 1.) Partner with an entirely different company or 2.) At least make the Storage scanner optional for us. We really like your devices, please give us a reason to continue buying them.

    Temporary Solution and Concern to note also.

    Just in case in all the apps you’ve downloaded you spot ads , please note  also the developers of those apps are sharing and selling your data as part of adverts, nothing personal so to speak but those terms and conditions we all ignore to read before installing or are made difficult to locate where the links are. This is what screws everyone for ignoring them. Please read and know what you are bound to or about to give conceit for them to access.

    The authorized system tracks or monitor your browser history, apps, the  music you listen or even stuff you normally buy on Amazon, eBay or even in google and to make matters worse triangulate your location. Well this is the future of A.I for big data being sold shared and sold out by the giants.

    Solution: As a temporary solution, change all your settings for your apps, clear your browser’s history, daily clean all your cache’s out, delete apps you don’t use or need. Please read the terms before installing. This will minimize your exposure.

    Contact us now:

    Call now 0711 051 000. We are the Data recovery Experts in Kenya and Africa.  We also do digital forensics.
    Do not Suffer in Silence we can help.  We are located at Chiromo Court 3rd floor Nairobi Kenya.

     

    This blog is Courtesy of Reddit.com

    Share this
    04 Dec

    Cyber Criminals Are Using YouTube To Install Cryptojacking Malware

    Cyber Criminals Are Using YouTube To Install Cryptojacking Malware

     At East African Data Handlers we have discovered that the  Slovakian software security firm Eset  uncovered that cyber criminals  are behind Cryptojacking Malware, the Stantinko botnet which has been distributed as a Monero (XMR) cryptocurrency mining module via Youtube.

    We wish to warn the public to be careful. Further research indicate that, On Nov. 26, the major antivirus software supplier Eset reported that the Stantinko botnet operators have expanded their criminal reach from click fraud, ad injection, social network fraud and password stealing attacks, into installing Cryptojacking Malware on victims’ devices using Youtube.

    Stantinko botnet has been active since at least 2012

    The Stantinko botnet, which has been active since at least 2012 and predominantly targets users in Russia, Ukraine, Belarus and Kazakhstan, reportedly uses YouTube channels to distribute its Cryptojacking Malware module, which mines the privacy-focused crypto coin Monero on the CPUs of unsuspecting victims.

    This cryptocurrency-stealing malware has reportedly infected around 500,000 devices, and is similar to the recently discovered malicious malware, Dexphot, malware discovered by Microsoft that has already infected more than 80,000 computers.

    These crypto-hijacking codes steal processing resources, take over legitimate system processes and disguise the nefarious activity with the ultimate goal of running a crypto miner on the infected devices.

    Eset informed YouTube, which reportedly responded by removing all the channels that contained traces of Stantinko’s code.

    Malware on Monero’s official website was stealing crypto

    In November, Monero’s core development team said that the software available for download on Monero’s official website might have been compromised to steal cryptocurrency. A professional investigator going by the name of Serhack confirmed that the software distributed after the server was compromised was indeed malicious:

    “I can confirm that the malicious binary is stealing coins. Roughly 9 hours after I ran the binary a single transaction drained the wallet. I downloaded the build yesterday around 6pm Pacific time.”

     Be warned of this trend that  is now slowly coming to Africa. 

    Courtesy of https://cointelegraph.com/

    NEED HELP?

    We are proud to provide you with full Data Recovery Service and Malware investigation services coverage to any part of Kenya; NairobiMombasaKisumu, Eldoret. Data Loss is only temporary and we prove it every day with the highest Hard Drive Recovery Success rate in Kenya. We Recover Data in Kenya from the Following Devices; Hard DrivesLaptopsDesktopsRaid SystemsRAID / NAS / SAN , ServersMemory Cards, Flash Drives, DatabasesSSD Drives etc

    East African Data Handlers ltd no data – no charge policy means you owe us nothing if we are unable to recover your critical files.

    Contact us now

    If you’ve lost valuable, irreplaceable data — We can save it! Call us now at 0711 051 000 or visit our offices Chiromo Court 3rd Floor Westlands

    Share this