Friday Five: Meta Fined, Critical Infrastructure at Risk, & Spyware in Action
A massive GDPR fine, threats against critical infrastructure, and spyware took over the headlines this past week. Catch up on all of these stories in this week’s Friday Five!
EU SLAPS META WITH $1.3 BILLION FINE FOR MOVING DATA TO US SERVERS BY BILL TOULAS
After finding that Facebook transferred data of EU-based users of the platform to the United States servers, the Irish Data Protection Commission (DPC) announced a $1.3 billion fine on the company, claiming that their actions violated Article 46(1) of the GDPR (General Data Protection Regulation). Meta will additionally be required to stop processing or holding any data illegally transferred from the EU to the U.S. within six months of DPA's announcement. Read more about the timeline of events leading up to the massive fine and how Meta is responding in the full story from BleepingComputer.
CHINESE STATE HACKERS INFECT CRITICAL INFRASTRUCTURE THROUGHOUT THE US AND GUAM BY DAN GOODIN
Microsoft and governments from the US and four other countries claim that a Chinese government hacking group--tracked under the name Volt Typhoon--has acquired a significant foothold inside critical infrastructure environments throughout the US and Guam and is actively stealing network credentials and sensitive data. Microsoft researchers said that the campaign is likely designed to develop capabilities for “disrupting critical communications infrastructure between the United States and Asia region during future crises.” Read how Volt Typhoon is reportedly remaining mostly undetectable, and why their targeting of Guam holds significance.
MYSTERIOUS MALWARE DESIGNED TO CRIPPLE INDUSTRIAL SYSTEMS LINKED TO RUSSIA BY CHRISTIAN VASQUEZ
According to a recent report, a Russian telecom firm has been linked to a rare form of malicious software designed to infiltrate and disrupt critical systems that run industrial facilities such as power plants. The new malware, dubbed CosmicEnegy, joins a highly specialized group of malware such as Stuxnet, Industroyer, and Trisis that are purpose-built for industrial systems. The malware was discovered after unusually being uploaded to VirusTotal — a service that Google owns that scans URLs and files for malware — in December 2021. It is still unclear whether the malware was intended for use in a cyberattack or if it could have been developed for internal red-teaming exercises.
RESEARCHERS SAY THEY FOUND SPYWARE USED IN WAR FOR THE FIRST TIME BY LORENZO FRANCESCHI-BICCHIERAI
According to digital rights group Access Now, it is believed the government of Azerbaijan used spyware produced by NSO Group to target a government worker, journalists, activists, and the human rights ombudsperson in Armenia as part of a years-long conflict that has at times broken out into an all-out war. And furthermore, these cyberattacks may be the first public cases where commercial spyware was used in the context of war. The victims reportedly include Kristinne Grigoryan, the top human rights defender in Armenia; Karlen Aslanyan and Astghik Bedevyan, two Radio Free Europe/Radio Liberty’s (RFE/RL) Armenian Service journalists; two unnamed United Nations officials; Anna Naghdalyan, a former spokesperson of Armenia’s Foreign Ministry (now an NGO worker); as well as activists, media owners, and academics.
DATA STEALING MALWARE DISCOVERED IN POPULAR ANDROID SCREEN RECORDER APP BY RAVIE LAKSHMANAN
Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after developers updated it with malicious code nearly a year after its release. According to security researcher Lukáš Štefanko, "The malicious code that was added to the clean version of iRecorder is based on the open source AhMyth Android RAT (remote access trojan) and has been customized into what we named AhRat," allowing for the extraction of microphone recordings and harvesting of files with specific extensions. Read more about the malware's discovery and how it's only the latest example of a technique known as "versioning."