Avira’s free cryptocurrency mining service

By admin On Apr 14, 2022

Credit: Matyuschenko/Shutterstock.com.

Verdict lists five of the most popular cybersecurity tweets in Q1 2022 based on data from GlobalData’s technology influencer platform.

Top Tweets are based on the total number of engagements (likes and retweets) received on tweets from over 150 cybersecurity experts tracked by GlobalData’s Technology Influencer Platform during the first quarter (Q1) of 2022.

The most popular tweets on cyber security in Q1 2022: Top 5

1. Briankrebs’ tweet about Avira’s free cryptocurrency mining service

Briankrebs, a freelance investigative journalist, shared an article about Avira Free Security antivirus software users being introduced to crypto mining. A product of software company Avira Operations, the free antivirus has over 80 million users who recently discovered a service called Avira Crypto that allows customers to earn money by mining virtual currency. Avira Operations was acquired in January 2021 by cybersecurity software and services provider NortonLifeLock (formerly Symantec), which also owns Norton 360 antivirus and security software.

The Avira Crypto service allows users to use their computer’s idle time to mine Ethereum (ETH) digital currency, the rewards of which are distributed to all members of the mining pool. The article pointed out that Avira was introducing crypto mining for users unfamiliar with cryptocurrency, which comes with its own set of security and privacy challenges.

Norton360 is not the only antivirus product to install cryptominers. Avira, a “free” antivirus product with over 500 million users, recently introduced Avira Crypto to users. Avira is now owned by NortonLifeLock, which also just bought Avast antivirus (500 million users) https://t.co/ew7RbHZ6aT

— Briankrebs (@briankrebs) January 8, 2022

Username: briankrebs

Twitter username: @briankrebs

Likes: 1,371

Retweets: 1,139

2. Joseph Cox’s tweet about the hackers who hacked into the website of the Russian Institute for Space Research

Joseph Cox, a cybersecurity reporter at a technology website Motherboard, shared an article about hackers breaking into a website linked to the Russian Space Research Institute (IKI). The hackers posted messages on a subdomain of the site and also leaked numerous files from Roscosmos, the coordination center for Russian space activities. The hacking incident follows an upsurge in cyberattacks against Russia due to its military invasion of Ukraine. The impact of the hack appears limited although some people claim it compromised Russian targets, the article notes.

Hackers called v0g3lsec took responsibility for the attack on Twitter. The hackers further claimed that the leaked Roscosmos files included handwritten forms and spreadsheets in Russian and English on lunar missions, as well as other PDF files, the article points out.

New: Hackers have hacked into a website linked to the Russian Space Research Institute. Defaced a section with a message against Russia’s threats to withdraw from operation of the International Space Station. Also leaked a number of files they claimed from Roscosmos https://t.co/5kKbTooGjH

— Joseph Cox (@josephfcox) March 3, 2022

Username: Joseph Cox

Twitter username: @josephfcox

Likes: 938

Retweets: 274

3. Tweet by Chris Wysopal about Korean researchers developing a set of attacks against SSDs

Chris Wysopal, co-founder and chief technology officer of software company Veracode, shared an article about researchers at Korea University developing a set of attacks against certain solid-state drives (SSDs) that can implant malware in a location inaccessible to the user or security solutions. The attack patterns target a hidden area on the device called overprovisioning (OP), which is used by SSD manufacturers to improve performance on NAND flash storage systems, the article details.

One of the attacks modeled by the researchers targets an invalid area with unerased information that lies between the SSD space and the over-provisioning (OP) area, the size of which directly depends on the two areas. A hacker can use the firmware manager to change the size of the OP area, resulting in a vulnerable invalid data space, the researchers concluded. In a second attack model, the OP area is used by the hacker as a secret place where users cannot monitor and where a malicious actor can place the malware.

The article pointed out that the research demonstrates how the OP area can be accessed without permission, although such attacks are unlikely to take place currently. Strong defenses must be placed against unauthorized access to the SSD management application, the article adds.

Korean researchers have developed a set of attacks against certain SSD drives that could allow malware to be planted in a place beyond the reach of the user and security solutions. https://t.co/g6m4FgprJf

— Chris Wysopal (@WeldPond) January 1, 2022

Username: Chris Wysopal

Twitter username: @WeldPond

Likes: 852

Retweets: 344

4. Kim Zetter’s tweet about FBI warnings about using QR codes for malware attacks

Kim Zetter, an investigative journalist, shared an article about the United States Federal Bureau of Investigation (FBI) raising awareness that cybercriminals forge quick response (QR) codes to redirect users to malicious sites capable of steal login credentials and financial information. QR codes are used by businesses to provide contactless access, which have become more common during the Covid-19 pandemic.

However, the technology is used by cyber criminals to lure victims to fraudulent websites to steal their personal and financial information, and to insert malware to gain access to the victim’s device and redirect payments for cyber criminal purposes. . The FBI has listed some measures to protect users from scanning QR codes, such as checking the website’s Uniform Resource Locator (URL), preventing app downloads from a QR code, and preventing QR code scanner app downloads, notes the article.

Username: Kim Zetter

Twitter username: @Kim Zetter

Likes: 556

Retweets: 333

5. Tweet by Lorenzo Franceschi Bicchierai about the Chinese cybersecurity company accusing the NSA of being a hacking tool

Lorenzo Franceschi Bicchierai, senior writer at Motherboard, shared an article about Chinese cybersecurity company Pangu Lab accusing the US National Security Agency (NSA) of being behind a decade-old hacking tool . A report prepared by researchers at the company detailed that the malware was first encountered in 2013 during a hack investigation against a key national department. Researchers could not identify the hackers at the time, but leaked NSA data on the world’s leading cyberattack group, the Equation Group, believed to be the NSA, revealed the malware had was created by the NSA.

Cybersecurity experts believe it’s rare, but it’s not the first time a Chinese company has published research on an alleged US intelligence hacking operation. The report also states that Chinese companies and the Chinese government are improving their attribution capabilities, as this will lead to overall geopolitical stability, the article noted.

NEW: A Chinese cybersecurity firm said it found malware made by Equation Group (NSA).

I spoke to experts about what this report means for the future of the industry and how it could signal a change in the way Chinese companies do attribution. https://t.co/YGvOJL01ye

— Lorenzo Franceschi-Bicchierai (@lorenzofb) February 23, 2022

Username: Lorenzo Franceschi-Bicchierai

Twitter username: @lorenzofb

Likes: 210 Retweets: 101