A Claude bug exposes your private data: What happened in cybersec last week, March 30
Here are my picks for the biggest cybersecurity stories of the week
Every day I write five cybersecurity news pieces for a major tech news site. At the end of the week, I choose five that I think are most important and share here so you don’t miss them.
Claude Chrome extension could let hackers hijack your online browsing
Anthropic is shipping an enormous number of new products and features every week. But cybersecurity seems to be an afterthought, as researchers found yet another glaring hole in Claude.
Last week we saw three different bugs that could be chained together for data exfiltration, and this week, we’re seeing the Claude Chrome extension being used the same way.
If you’re running Claude inside your browser, as opposed to the standalone app, you might want to give this article a read:
Virtual Android phones are being used for fraud
Cybercriminals are setting up virtual Android devices on faraway servers as a way to bypass modern security solutions and make fraudulent payments.
In case you are unaware, most banking apps today listen to a lot of on-device signals to make sure they’re not being abused: the IP address, the hardware, device models, different sensors, and more.
By loading your banking app on a virtual instance of an Android phone, they are able to work around these protections to make fraudulent wire transfers without triggering the usual alarms.
Read more:
US workers think they’re good at spotting phishing emails, but they’re really not
Do you think you would be able to spot a well-crafted phishing email? If you’re in the United States, and you answered “yes”, you’re most likely the part of an overconfident majority.
Security pros Darktrace recently polled US workers on this issue and found that 80% were super confident they’d be able to identify a phishing attack. However, when they did a real-world test and mailed these people, less than a third (32%) were actually successful.
Phishing is a lot harder to detect than you think, so think before you click!
Read more:
The Ruskies are targeting Signal and WhatsApp accounts
In a span of just two weeks, we’ve seen two different reports from two different parts of the world, saying the same thing - Russian spies are after people’s Signal and WhatsApp accounts.
First, it was the General Intelligence and Security Service (AIVD), the Netherlands’ primary civilian intelligence and security agency. In mid-March, it said it saw Russian state-sponsored hackers engaging in a “large-scale global cyber campaign” targeting dignitaries, military personnel, and civil servants, including Dutch government employees.
Read more here: Russian cybercriminals are targeting WhatsApp, Signal accounts in 'large-scale global' hacking campaign | TechRadar
Then, two weeks later, a similar report comes out of the FBI.
Both reports said that the hackers are trying to trick people - government employees, journalists, military personnel, and similar - into sharing access to WhatsApp and Signal accounts.
They’re not breaking in through a vulnerability or with malware - they’re tricking people into giving away access - willingly.
Apparently, the campaign is already a success, and some sensitive data was exfiltrated.
Read more:
Signal is being targeted by Russian hackers in a huge new phishing campaign, FBI says | TechRadar
Global Europol crackdown knocks over 373,000 dark web sites offline
Europol announced it led a major global operation that shut down a large cybercriminal network. It took down hundreds of thousands of dark web websites, seized hundreds of servers and other hardware, and even identified some cybercriminals and crime facilitators.
These sites offered child pornography and other disgusting content.
Good riddance!
Read more:
Global Europol crackdown knocks over 373,000 dark web sites offline | TechRadar