Cyber Security News

Beware the Trojan Subscribers [news]

In this cyber security snapshot, we talk about Trojan Subscribers, how they can infiltrate your digital ecosystem and how you can decrease the likelihood of falling victim to them.

A trojan subscriber is a trojan that subscribes victims to paid services without their knowledge or consent.

As one well-known example, Kaspersky reported on Harly, a trojan subscriber targeting Android devices.

Harly can subscribe a victim to a paid service without their knowledge or consent. Harly is named after the DC Comics character Harley Quinn, a companion of the Joker. Kaspersky researchers believe Harly has a common origin with Jocker malware, which is named after the Joker.

Harly is delivered via apps found on the Google Play store. The threat actors take legitimate apps, then inject malicious code into them and upload them to Google Play with a different name. In the past two years, over 190 apps have been infected with Harly. These apps have been downloaded an estimated 4.8 million times. That number continues to rise.

Why not tune into the Cyber Heroes Podcast where we talk about how to protect your people and reputation, strengthen your cyber posture, create a culture of cyber savviness, and the many cybercrime lessons being learned around the world every day.

We tell these stories because statistics show that most people on the planet will, at some stage, become a victim of cybercrime and we don’t want you to one one of them.

Listen on Apple Podcasts

Alright, let's talk about the news.

It's that time when we take a look at the hottest topic in cybersecurity today, you've given us a hint or anybody thought that might be. And as always, you've picked the one which you think will be the most interesting right now.

So you've seeded it. You've teased us with the bread. So tell us all about it. If you're listening to the news, it was in the headlines at the beginning of this week, and actually earlier after they released it.

But Medibank private, is obviously a major health provider, with lots of personal information about a client, and at this point in time, they're talking 10 million Australians have been compromised through Medibank private system. I was in a business meeting this morning. And I asked him if people have Medibank, a private room of 30 people, I had about three or four people put their hands up. So three or four people in 20, across Australia, if I use that sort of analogy, have been, have been compromised by the Medibank. Private situation. What can you do there? Well, obviously one of the systems and health systems that are online, now you'd have a login to that make your claims and things like that, if that password that you use on any bank drive, it's anywhere else, we talked about shared passwords or using the same password everywhere, now's the time to go and change it. Because that data is now as of this morning and I was reading it's been released into the dark web, and they're selling that data off to other hackers.

The whole idea there is to obviously come and try and scam Australian citizens out of money. So really important, then that we have a look at that sort of stuff. I just I'll just quickly share my screen. What I wanted to show there were a few of the news sites that are available. These are just the public news sites, obviously, I'm looking at various other hacking websites and different things like that, which are obviously grant hacking websites. They're not ones that are about the malicious side of things. But you can see here, Sydney Morning Herald Australian Financial Review, they started posting data, many banks' share price has gone in-depth, very, very low.

And the thing with that, as well as if you look at your own business, and you do have a compromise, and you have to report that to your clients, especially if it's not a viable data breach, over 3 million, we have personal identifiable information, that that trust is lost. So many bank, obviously now have a trust issue with their clients.

So that's really begging, I guess, you know, if you ask something like that, you'd like to reach out to us either Medibank customer, we'd be more than happy to give some advice if you need it.

Nothing I'd like to talk about is today. And this is just something that's not sort of mainstream, but it's more about WordPress sites. We look after approximately 500 WordPress sites for our clients. And we've got a lot of people that have this on WordPress. It's one of the most popular blogging systems on the internet and having your website run through it.

And it's the victim of constant attacks because it has so many different plugins, it's not a bad product, it's just that so many people develop software that sits on WordPress is a plugin or bolts into it, or the main actual or the data that you need to keep it up to date.

But one of the things people don't look at is they look at their WordPress site and they go, Well, I've got a lot that says nothing here to update. But they have plugins that may be what we call abandoned and are no longer developed. So there is software out there. And you can ask your web developer if you've got any abandoned plugins on your website, sometimes those abandoned plugins are things that you don't need anymore, and they can be removed. And why don't you want to remove an abandoned plugin? What's old code, it's code that has been developed by someone and then decided to stop actually looking at.

So we use a product called main WP, which I'm going to show you here now and just sort of cover-up that data there for the clients. But you can actually see here that we have our 14 abandoned plugins across about 40 sites that I've got in the system that I need to obviously go and look at the details for I'm not going to click into those.

What I'm sort of showing you there though, is if you have a WordPress site, and you're getting it maintained, which I recommend, or you're maintaining yourself, you need to look at what those abandoned plugins are, and obviously get those updates sorted. Alright, Thanks, Brad. We're coming up on time. And look, we create this content because at some stage everyone on the planet is likely to become a victim of cybercrime and we don't want you to be one of them.

So remember, if you're ever in a position where you think you may have been hacked, go to help.cyber to read and download the cheat sheet that shares with you the five steps that you should follow immediately.

From Brad and I, thanks as always for investing in you.

It's time to keep yourself safe online we'll see you next time


plugins, clients, wordpress site, data, systems, compromised, abandoned, talk, password, news, private, share, victim, bank, australian financial review, hacking, wordpress, sites, australian citizens, developed