Chrome Password Risk, Tycoon Sanctioned Cyber, Election Panic Rumors
Hello again! We are back with the third edition of the month, and this time, we have got some super juicy details. We are sure you must be eager to learn about the latest cybersecurity events going on across the globe. The highlight of the week is a group of hackers who are forcing Chrome users to hand over their Google passwords. Next is the news about a Cambodian businessman who has been sanctioned by the US Treasury Department. Lastly, we will conclude today’s edition by discussing a group of threat actors who are trying to bring a bad reputation to the US election infrastructure.
Let’s get started!
Hey, Chrome users! Your Google password may be at risk
A group of hackers has recently started targeting Chrome users. They have devised a new hack that compels Chrome users to hand over their Google passwords. The hackers do so by locking the users in ‘Kiosk mode.’
The threat actors use a type of malware called StealC to prevent Chrome users from exiting the full screen. They do so by disabling two main keys- F11 and Esc. Now Chrome users, when stuck on a fake Google page, can be tricked into typing in their Google account credentials.
The ultimate goal of this attack is to access the Google passwords of these victims. Next, the threat actors can then leverage the passwords for different malicious activities such as unauthorized access to financial and personal data, identity theft and so on.
Experts recommend Chrome users stay vigilant while using the internet. If you are unable to close the browser window, do not panic. Also, avoid entering your personal details even if prompted to do so. Keeping yourself educated about ongoing cybersecurity scams and having a robust cybersecurity mechanism in place helps greatly. Also, using two-factor authentication and keeping your software regularly updated can prevent such cyberattacks in the future.
To protect your domain from phishing attacks similar to the Chrome password scam, ensure your email security by implementing SPF, DKIM, and DMARC to verify email authenticity and prevent unauthorized access.
Cambodian business tycoon sanctioned for cyber trafficking
A business tycoon based in Cambodia has been sanctioned by the US Treasury Department for running a forced labor trafficking scheme. The businessman allegedly lured helpless workers and pretended to help them with respectable jobs. He also targeted those unfortunate ones who had been illegally trafficked to Cambodia from nearby countries.
The moment these workers got recruited, the tycoon and his team confiscated their documents and forced them to indulge in illegal cyber fraud and scams.
The Cambodian tycoon threatened, exploited, and used other forms of human rights abuse to compel and control the workers. There are reports of the victims being tortured with electric shocks and manhandled. Two victims had allegedly jumped to death from O-Smach Resort as well.
The ultimate goal of the sanction is to disrupt the illegal operations going around and create a sense of awareness against cyber labor trafficking. At present, cyber labor trafficking is gradually developing into a global problem that is closely associated with human exploitation and organized crime.
With these sanctions, the US is trying to combat issues like cybercrimes and human trafficking. Also, the nature of such crimes hints towards the staggering risk of eventual overlapping of technology and exploitation. The ultimate effectiveness of these sanctions heavily depends on the cooperation of other nations.
Threat actors are trying to create panic and confusion by spreading rumors about US election infrastructure
At present, threat actors are trying to spread rumors and create chaos among voters by targeting US election infrastructure. CISA (Cybersecurity and Infrastructure Security Agency) and FBI, on the other hand, are working together to spread awareness among voters against the misinformation.
As per the agencies, the ultimate goal of the miscreants is to influence public opinion and impact people’s trust in US democracy. The threat actors managed to access voter registration data and deliberately used the same to spread false rumors about weakening election infrastructure.
The agencies have assured the public that accessing voter registration details in no way indicates a compromise to the election ecosystem. They also clarified that voter registration data can also be accessed publicly. Both the authorities have no information regarding any kind of cyberattack on US election infrastructure. There have been no instances of alterations in the voter registration information. Also, no eligible voter has been prevented from casting their vote.
Authorities have advised voters not to believe the misinformation.
In a sensitive time like this, people are requested to stay cyber-educated and follow election guidelines and protocols in order to avoid any unnecessary instance of chaos and confusion. The top-tier agencies like the FBI and CISA have also been trying to nab the miscreants who are behind this major attack on US democracy.