Cross-reading #3


Abstract

Cross-reading is a series in which I present articles that I have read in the last few days and which might be interesting for you as well.

Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files (blog.malwarebytes.com)

We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores. This scheme would not be complete without yet another interesting variation to exfiltrate stolen credit card data. Once again, criminals used the disguise of an image file to collect their loot.

Attackers Cryptojacking Docker Images to Mine for Monero (unit42.paloaltonetworks.com)

The images hosted on this account have been collectively pulled more than two million times. One of the wallet IDs identified has been used to earn more than 525.38 XMR1, which roughly translates to $36,000 USD. Additionally, when we last checked minexmr.com for this wallet ID, we saw recent activity indicating that it’s still being used.

New Mac Ransomware Is Even More Sinister Than It Appears (wired.com)

Perhaps the malware is using ransomware’s2 hallmark file encryption as a destructive tool in an attempt to permanently lock users out of their computers. Or maybe ThiefQuest is just looking to get as much money out of victims as possible. The real question with Mac ransomware, as always, is what will come next?

Inside the Invasive, Secretive “Bossware” Tracking Workers (eff.org)

Let’s be clear: this software is specifically designed to help employers read workers’ private messages without their knowledge or consent. By any measure, this is unnecessary and unethical.

How Police Secretly Took Over a Global Phone Network for Organized Crime (vice.com)

“What seems to be possible only in police thrillers and movies has happened before our own eyes,” Andy Kraag, head of National Criminal Investigations Department in the Netherlands said in a press conference. “We’ve captured messages that give us a view of daily life in the criminal world.”

Apple bleee. Everyone knows What Happens on Your iPhone (hexway.io)

If Bluetooth is ON on your Apple device everyone nearby can understand current status of your device, get info about battery, device name, Wi-Fi status, buffer availability, OS version and even get your mobile phone number

Google Data Center Security: 6 Layers Deep [Video] (youtube.com)

Security is one of the most critical elements of our data centers’ DNA. With dozens of data centers globally, security operations means managing a massively complex network.

Software Entropy (camhashemi.com)

In software, we work in a world where chaos is measurable and cleanliness is achievable. We just need the right set of signals and responses to make it happen.

How to finish your side project (hugozap.com)

It’s good to have an open mind and be ok with finding dead-ends, they are powerful teachers. However, shipping projects is awesome and by reducing scope and anticipating interruptions you will be able to complete your project and release it to the world.

How does SQLite work? (jvns.ca)

Modifying open source programs to print out debug information to understand their internals better: SO FUN.

  1. Monero (XMR) is an open-source cryptocurrency created in April 2014 that focuses on fungibility, privacy and decentralization. Monero uses an obfuscated public ledger, meaning anybody can broadcast or send transactions, but no outside observer can tell the source, amount or destination. — Wikipedia
  2. Ransomware is a type of malware from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. — Wikipedia