As the world continues to adjust to the reality of the new coronavirus, scammers are increasingly taking advantage as well. But one Twitch streamer has been calling them out before a live audience of thousands. And as health care systems become increasingly overwhelmed, the Army Corps of Engineers has drawn up plans to convert hotels, dorms, and even convention centers into makeshift hospitals.
In non–Covid-19 news, Google security researchers spotted sophisticated hackers using no fewer than five so-called zero days in attacks against North Korea. (That's a lot.) Researchers at Kaspersky have tied the activity to South Korea's DarkHotel team, officially putting the country on the map for advanced cyberattack capabilities.
And while every other major platform had banned Alex Jones' "Infowars" presence in the fall of 2018, Google finally kicked the Android app out of its Play Store after some pretty wild coronavirus claims. Google also booted a bunch of adware-laced apps—many of them targeting kids—out of the Play Store recently, although only after security firm Check Point brought them to the company's attention.
Thinking about jumping from iOS to Android? It's harder than it should be to bring your WhatsApp messages with you. We detailed some simple advice to stay safe from online scams. And we took a look at a little-known policy that puts the US Postal Service on the front lines of a Doomsday response.
But wait, there's more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.
China's APT41 hackers are not exactly wallflowers. The group has conducted state-sponsored espionage since at least 2012. They apparently also saw an opportunity in the recent coronavirus outbreak—despite how hard it hit China itself—embarking on a sweeping campaign in January that targeted more than 75 customers of security firm FireEye alone. The group used recently disclosed flaws in Cisco and Citrix software to target companies in the US, Canada, Britain, and more than a dozen other countries. The broad approach is a marked contrast to China's more targeted efforts of late.
Every version of Windows has a security flaw that attackers discovered before Microsoft did, and the company acknowledged this week that it's been been selectively exploited. It also likely won't have a fix until April 14. The vulnerability relates to how the Windows Adobe Type Manager Library handles a specially crafted font, and a successful hacker can use it to achieve remote code execution. Not great!
Or what about code execution by mail? Security researchers this week disclosed that they had found instances of so-called BadUSB attacks, in which hackers try to get a target to pop a malware-laden USB stick into their computer. You don't see these in the wild very often anymore, but the FIN7 hacking group has apparently been mailing them around willy nilly. Anyone who fell for it would have inadvertently installed a backdoor—and it's not clear yet how many people did.
Security researchers at Trend Micro this week detailed a hacking campaign it calls Operation Poisoned News, which specifically targets iOS users in Hong Kong. Certain links posted to a news discussion forum would lead people to news pages containing a hidden iframe that would deploy code to compromise the victims' phones, in a so-called watering hole attack. It affects iPhone 6S through the iPhone X, although a recent Safari update patches the flaw that the hackers are taking advantage of.