Differences Between Hollywood Hackers and the Real Deal

hackers

In many television shows and movies today, hackers and cybercriminals take the form of evil villains or mischievous antiheroes. While this characterization is undoubtedly fun to watch, they don’t quite get the facts right. Most of the computing constructs demonstrated in entertainment don’t actually exist in real life. This week, let’s discuss what real-life hackers are like, and how they’re different from your favorite computer genius characters.

Hacking Isn’t So Up Tempo

In entertainment, hacking is often portrayed as a fast-paced exercise. Typically, the hacker completes their job in minutes, if not seconds, while exciting music races in the background. The actual work that the, always handsome, hacker is doing consists of typing about 20 lines of code with no mistakes, having a quick revelation as the music swells, and finishing with a flourish of key pressing that results in the victim’s computer crashing or, even more ludicrous, spontaneously combusting. 

While not all television and movie representations are this dramatic, they’re usually still much faster than actual hacking.

Real hacking takes hours, if not more, and isn’t nearly as easy as entertainment makes it seem. Hackers are sometimes sitting in front of their computers for long periods of time reading hundreds of lines of code to try and find some vulnerability. 

Real Hacking Wouldn’t be Fun to Watch

The reason most entertainment platforms depict hacking this way is that the real stuff is…actually pretty boring. This characterization of the insanely smart and good-looking techy hacker that can make technology do anything they want it to is far from the truth. Hackers are usually just average people, or sometimes loners, that often work in a boring office setting to find cracks in networks so they can extract data. 

Real hackers often use automated tools to send out phishing emails, crack passwords, or create scams that fool users into giving them access to their information. None of which would be enjoyable to watch on television. 

Also, a hacker’s goal is usually to collect sensitive information or, at most, install malware on your device. The idea that with a few clicks a hacker could crash your computer or make it explode is absolutely preposterous. 

Why It’s Important to Know the Difference

You may be thinking, “but it’s just entertainment! Why do we care what real hackers do?”. Well, let’s face it, these acts are illegal, and glorifying them the way so many movies and television shows can make it seem like hacking is an acceptable or even cool thing to do. It’s not. Hacking is a crime and these unrealistic characterizations of hackers could give people the wrong impression about the reality of cybercriminals. 

So, should Hollywood change how they portray hackers in entertainment? Not necessarily. It’s true that these depictions of hackers are much more interesting to watch. However, it’s important to know that Hollywood hackers aren’t real and shouldn’t be taken seriously. If anything, view them as comic relief for how ridiculous they are.

What are your thoughts on hackers in movies and television? Do you have a favorite Hollywood hacker? Leave your comments below and check back soon for more great technology content!

Contact Us Today!

Ads Can Carry Malicious Code

malware

Sometimes you might be browsing the Internet and come across an advertisement for free downloads of Windows applications. Obviously, this is too good to be true, and hackers tend to exploit advertisements to spread their malware across devices. Malvertising is used to deliver various types of threats, all of which can cause considerable harm to unprepared businesses. 

 

The particular malvertisement threat in question is a new campaign targeting users in Canada, the United States, Europe, Australia, and Nigeria, and it aims to steal information like usernames, passwords, and other sensitive credentials. 

 

ZDNet reports that this new malvertising campaign—called Magnat by Cisco Talos—spreads a malicious browser extension using Trojan malware, providing a backdoor entrance to the user’s device. This new, as-yet-undocumented threat appears to be custom-built over the past several years. Other types of malware used in this campaign include a password stealer which is installed on the user’s device through the use of the backdoor. 

 

The browser extension (also a keylogger) and the password stealer are standard fare for threats, but the backdoor, called MagnatBackdoor, is a special type that allows attacks to gain remote control over a PC without detection. It also adds a new user to the device and installs keyloggers, as well as other malware, that enable the attacker to steal sensitive information. Researchers believe that the threat works like a banking trojan with the primary aim being to steal credentials for individual sale on the Dark Web. Of course, the credentials could also be used by the attackers, too. 

 

This malware is distributed primarily through advertisements that link to malicious file downloads, with the big kicker being that these adverts advertise popular software applications. While there is reason to be concerned about this campaign, however, it’s also important to know that it’s nothing new. These threats are commonplace and security researchers, as well as security professionals in the field like ourselves, fully understand how to keep your devices as safe as possible. 

 

4 Corner IT wants to help your business keep itself safe from these types of threats (and more). If you need some pointers on how to keep your employees from clicking on these advertisements, we can provide training, as well! To learn more, reach out to us at 954-474-2204. 

Contact Us Today and Check Out Our Blog!

How Prevent Your Network from Being Sold By Hackers

Locked computer ransomware with hands holding money and key flat vector illustration

Believe it or not, your organization’s network can be sold by hackers under the right circumstances. This is the unfortunate reality that we live in, where the commoditization of data and network access has become a real problem. According to a study from KELA, hackers can sell access to compromised networks for a pittance compared to the amount of work you have invested in building your business. If you have your business’s network sold by hackers, it could create a snowball effect of events that can lead to your business’s downfall. Therefore, you must do everything in your power to protect your network and prevent this from happening.

This report from KELA followed Initial Access Brokers, a term used to describe threats that sell access to compromised network infrastructures. These threats are big players in the world of cybercrime, as they can effectively facilitate some of the most devastating threats out there, including ransomware and remote access threats. The report examined one full year of listings by Initial Access Brokers to discover how much value can be assigned to this type of network access.

It is quite shocking to see just how little value is associated with access to your network. Out of the 1,000 listings, KELA found that the average price of network access credentials was about $5,400, with the median price being around $1,000. Other trends examined included the average price of credentials, as well as information on industries affected and countries affected. The top countries affected were the United States, France, the United Kingdom, Australia, and Canada. Top industries affected included manufacturing, education, IT, banking/financial, government, and healthcare.

Just take a moment to imagine how much chaos someone could inject into your business simply by purchasing access to your infrastructure. All it takes is a small investment and access to a VPN for someone to start causing some real trouble for your business. There are quite a few ways that you can minimize the damage done through these methods, including the following:

  • Implement comprehensive security measures

    In terms of sheer security, we recommend unified threat management, or UTM, to handle most of the threats your business could face. This all-in-one solution includes security measures such as a firewall, antivirus, content filter, and spam blocker to minimize exposure to threats.

  • Monitor your network traffic

    If you keep track of who logs onto your network, when, and where they are logging in from, you’ll have a greater chance of identifying suspicious traffic patterns.

  • Implement multi-factor authentication

    Password security is still important, but not nearly as important as having additional measures in place. Multi-factor authentication can help make sure that people logging into your network are who they say they are.

  • Take regular backups of your infrastructure

    You never want to use your data backup, but having it never hurts, and it will give you a nuclear option in the event that someone does manage to gain unauthorized access to your network.

If you have your business’s network sold by hackers, it can damage your business’s entire operations. To learn more about how you can protect your business, reach out to us at (954) 474-2204.

350,000+ Personal Data Exposed After Preen.Me Attack

350000 personal data exposed after preenme attack

It’s the rare business that can survive without marketing and social media efforts, so when a social media marketing company like Preen.Me comes under a cyber attack, it invariably adversely affects many, many interested parties. And with Preen.Me’s recent hack, that’s exactly what happened. Over 100,000 social media influencers have had their personal data stolen because of their connection to Preen.Me. In addition, over 250,000 social media users have had their personal data exposed on a deep web hacking forum from their use of ByteSizedBeauty, a Preen.Me application.

While Preen.Me primarily focuses their marketing efforts on beauty-related content, meaning many other types of businesses were spared, that does not provide any comfort to those whose primary business is related to personal care. Preen.Me boasts big-name customers such as Unilever, Revlon, St. Ives, and Neutrogena, who in turn interact with large customer bases. 

In this post, we will outline how the attack was discovered, the data involved, and discuss the level of sophistication that hackers and data thieves can employ in their efforts to exploit, steal from, and harass innocent parties.

The Discovery  

RBS, a world-renowned leader in cyber security, first discovered the Preen.Me leak on June 6, 2020 after they noted a known threat actor posting a message on a deep web forum about their recent hacking efforts. The attack was confirmed by the actor on the same day when they shared stolen information from 250 beauty influencers on PasteBin. PasteBin is a content hosting website service that allows users to store text on their site for set periods of time. The hacker also threatened to release the personal information of 100,000 records he/she acquired. However, as of this date those records do not seem to have been released.

The Data at Risk 

The affected clients of Preen.Me are social media influencers involved in the beauty industry. Of course, their social media efforts lead them to collect information about their followers as well. Information from both side of the equation were affected, with the threat actor exposing personal information of the media influencers such as home addresses, phone numbers, email addresses, names, and social media links. In addition, some of these social media influencers have over a half million followers, potentially exposing their information as well.  

Further Exploitation

It wasn’t enough to steal such a large amount of data to potentially hold Preen.Me for a ransom amount. On June 8th, the hacker released detailed information of the over 250,000 users of Preen.Me’s application, ByteSizedBeauty. The details include their Facebook name, ID, URL, and friend’s list, along with their Twitter ID and name. Personal information was also leaked, including their email address(es), date of birth, home address, eye color, and skin tone. 

Also found in the stolen database dump, were 100,000 user authentication tokens for social media, along with a small number of possible password hashes, and a data table consisting of over 250,000 records containing user names, email addresses, customer names, and auto-generated passwords. 

Doxing so many users of Preen.Me’s marketing tools and applications leaves all of them exposed to significant issues with spam, harassment, and especially identity theft. It remains to be seen if the hacker has accomplished their entire “mission” or if they are planning to further exploit Preen.Me and/or their clients. 

A Cautionary Tale 

Preen.Me’s recent attack is a cautionary tale for every other entity that uses the world wide web. Hackers can take very personal information and hold it for ransom, or they can release it on the dark web and allow others to commit further criminal acts against innocent affected parties. Organizations must take technology security seriously and understand their security efforts are not just protecting their own data, but the private data of clients who entrust them oftentimes with very personal information.

If you would like to know more about how to protect your business and the sensitive data of your clients from cyber hackers, please contact us.

The Marriott Breach – We Now Know Everything

marriott breach impacts millions
Marriott Breach Affects Millions

Consumers and many employers suffered a significant blow with the massive data breach recently revealed by Marriott International Hotels. Their hacked data included personal information from nearly half a billion guests. Marriott’s reservation system for their Starwood line of hotels exposed personal data including guest names, passport numbers, phone numbers, email and mailing addresses, along with some credit card information which included the encryption software that could decode the stolen numbers. Along with the enormous number of travelers affected, the fact that the data breach went undetected for approximately four years is particularly disturbing.

In addition to all the Starwood hotels, other affected hotels included Four Points by Sheraton, Tribute Portfolio, Westin Hotels, The Luxury Collection, Sheraton, Design Hotels, Aloft, Element, W Hotels, St. Regis, and Le Méridien. While the mechanism the hackers used to accomplish their heist is still unknown, there are a few things concerned companies can do that may help them avoid issues in the future, particularly if they had any interaction with the affected hotels.

Change Marriott-Related Passwords

As many as 50% of people use passwords that are at least 5 years old. Even if any company interaction with an affected hotel occurred earlier than 2014, it’s time to change all old passwords. For any Marriott passwords shared with other entities, those shared password should be updated as well. It’s also time for companies to seriously consider establishing a standard of using two-factor authentication, along with a password management tool if their corporate devices will allow it. Companies should also establish a standard of changing passwords at regular intervals, such as every 6 months or perhaps even more frequently.

Have a Backup and Disaster Recovery Plan 

Even small businesses are becoming increasingly dependent upon company data. One of the best ways to protect vital corporate data is to have an established and tested backup and disaster recovery plan. In the event a company’s data is held for ransom, they can breathe easier knowing they can restore one of their most vital assets.

Hire Professionals

Large companies can afford to have multiple teams dedicated to protecting their data resources. Small to medium-sized businesses rely on their data just as much, but cannot necessarily afford to hire dedicated staff. This is where a Managed Service Provider can step in and fill the gap. A professional MSP can evaluate a small company and find their security gaps. They can then create a complete security solution, including a backup and disaster recovery plan for their client.

If you would like to know more about how we can develop a complete security plan for your company, please contact us.