For this eighth edition of the Weekly Cybernote, we will concentrate on three very different subjects: the hack orchestrated by Iranian cyber-spies through a bogus news website, the music streaming service Spotify whose data had been hacked, and lastly a cybercriminal in Australia who hijacked Apple devices for ransom.
A group of Iranian cyber-spies targeted more than 2000 military officials using a bogus news website
In Iran, a group of cyber-spies managed to spy on more than 2000 people, including American and Israeli military officials using a fake news site called NewsOnAir.org. For three years, these spies used this site to target and establish contact with military personnel in the US and in Israel and hack their personal accounts on social networks. The operation was apparently orchestrated by Iranians but there is still insufficient information to trace back to the main mastermind. According to iSight, the site republished legitimate articles that were first published by actual press organizations, including BBC and press agencies Associated Press and Reuters, but with the bylines replaced by fake reporters’ names. The identities of some journalists were also stolen in this affair.
Spotify victim of a hacking
After eBay, it was Spotify’s turn to get hacked. The Swedish online music giant had in fact detected “unauthorized access” to its systems and internal data. As simple users of the service, there is not much to worry about, as only personal particulars may have been compromised. Anything more confidential, such as passwords or credit card PINs, was not involved in this operation. However, as a precaution, Spotify advises its users to log off and log on again to the service in order to update security measures. Users of the service are also urged to update their Android applications through Google Play, the Amazon Appstore of the official website. As for iOS or Windows Phone, nothing amiss has been reported.
An Australian cybercriminal demands a ransom for unlocking Apple devices
Oleg Pliss is a cybercriminal based in Australia who demanded a ransom for unlocking Apple devices. Pliss apparently “hijacked” several Australian iPhones, iPads and Macs, which he would unlock in exchange for sums ranging from 50 to 100 dollars. For almost a week, several owners of such devices in Australia were woken up by unpleasant messages indicating that their devices had been hacked and that they would need to pay a ransom in order for them to be unlocked. The hacker, who used the name of an engineer at Oracle, demanded payment from targeted users to his PayPal account before he would restore the devices to working order.