The primary app affected appears to be “419 Dating – Chat & Flirt,” but data from other apps, such as “Meet You – Local Dating App” by Enjoy Social App and “Speed Dating App For American” by MyCircle Network Corp, were also present in the database.
Cybersecurity researcher Jeremiah Fowler of VPNmentor has uncovered a major data breach that affects multiple dating applications. This breach has resulted in the exposure of a significant number of user records, raising serious concerns about user privacy and security.
Data Breach Details:
The data breach involves a total of 2.3 million records, which were found in a non-password-protected database. The primary app affected appears to be “419 Dating – Chat & Flirt,” but data from other apps, such as “Meet You – Local Dating App” by Enjoy Social App and “Speed Dating App For American” by MyCircle Network Corp, were also present in the database.
The presence of logos and development files from these apps suggests a potential connection between them, possibly indicating common ownership or development.
Exposed User Information:
The exposed database contains a vast array of user information, including customer names, account numbers, emails, and passwords. Alarmingly, it also contained 969,571 images of users, some of which were sexually explicit in nature. Furthermore, sensitive user information, such as sexual experiences and details about previous sexual encounters, were also exposed in user profiles.
Risks
According to VPNmentor’s report, the severity of the breach is further heightened by the presence of a significant number of email addresses from various providers, including Gmail, Yahoo Mail, and iCloud, within a single backup log. Moreover, the database includes records of over 500 profiles offering sexual services, along with associated phone numbers, email addresses, and social media accounts.
Software Development Kit (SDK) Files:
Another critical concern is the exposure of Software Development Kit (SDK) files, which could potentially lead to the creation of applications with hidden malicious functionalities or vulnerabilities. This poses a severe risk to users’ privacy and security.
Private Key Exposure:
One particularly alarming discovery by Jeremiah Fowler is the exposure of a private key associated with “419 Dating’s” Google API service account. A private key is a cryptographic secret, and if obtained by cybercriminals, it could grant unauthorized access to sensitive data and other resources related to the application.
Immediate Action Taken:
As soon as Jeremiah Fowler discovered the exposed database, he promptly sent a responsible disclosure notice to the Chinese company SILING APP, which developed “419 Dating – Chat & Flirt.” Consequently, the company took immediate action to secure the database, rendering the data no longer openly available.
Takeaway
The massive data breach affecting these dating apps highlights the critical need for robust cybersecurity measures to protect user information. Users are urged to be vigilant and consider changing their passwords, especially if they have used the affected dating apps. Additionally, developers must prioritize the security of their applications and databases to prevent such incidents in the future.
There are dangers associated with AI models, and this Google Bard security flaw highlights some. The flaw that Bard possesses allows some bad actors to get a bit more creative while phishing. This sounds scary, but some cybersecurity experts have already put the flaw to the test and the results are shocking.
With big tech companies navigating into the AI industry, there is a constant security concern. How do these companies train their AI models and what sort of information is attainable from them? Are these tools just another window through which scammers and bad actors can get the information they need to attack other people?
The concerns around AI are fast rising and are important for top competitors in the industry to look into. Companies like OpenAI, the founders of ChatGPT, are training their AI model to avoid certain requests from users. Google on their part is being a bit slow to train their AI model to understand and avoid certain requests.
This Google Bard security flaw is a real cause for concern and needs to be fixed
The Check Point cybersecurity research team has uncovered a flaw with the Google AI model. This research was a comparison between Google Bard and ChatGPT. It aimed to find out how Bard compared with ChatGPT security-wise.
With this test in place, the team was on the lookout for how these AI models react to certain requests. Before the research, the team knew that ChatGPT has protective security protection against specific responses. But they weren’t so sure that Google Bard had something similar in place.
The team asked Google Bard to produce phishing emails and a few other malicious data. Directly asking the AI model this question pulled up no response but rephrasing it gave them lots of answers. ChatGPT, on the other hand, tagged the same request as being illegal, hence giving no response.
Google Bard’s giving out phishing emails, malware keyloggers, and some basic ransomware codes is concerning. Scammers and bad actors could employ its services to commit cyber crimes. With this tool available to all, it won’t take so long before bad actors start using it to constitute a menace on the internet.
Google needs to sit up and look into how it prevents Bard’s users from abusing its services. There are good things that generative AI models can do, but they can also be used for bad reasons. Arming bad actors with unrestricted generative AI tools will only mean harm to innocent users of the internet.
Now that all of the M2-powered Macs have been announced and are now available, it’s time to look forward to M3. And industry experts, including Bloomberg’s Mark Gurman, believe that they will launch as soon as this October.
Typically, Apple launches the new iPhones and Apple Watches in September, with new Macs and iPads in October. So this lines up quite nicely with recent history.
So what models are we expecting this fall? Well, Apple will likely start with the iMac and MacBook Air 13-inch. The iMac is important here, since it was not updated to M2, and still sits on the M1 architecture. It’s also possible that we see a M3 MacBook Pro. This means that Apple is continuing with the cheap MacBook Pro that has no real advantages over the MacBook Air.
M3 is slated to be a pretty big upgrade for Apple
The M3 lineup is set to be a pretty big upgrade for Apple this year. It’s set to be manufactured on the 3nm process. Which is going to help with power efficiency. And we could see an even larger jump in battery life on the M3-powered Macs this year.
3nm is shaping up to be a big deal for Apple this fall. Not only will M3 Macs be using 3nm process, but so will the Apple A17 Bionic chipset in the iPhone 15 series (at least the Pro models).
Currently, Apple uses 5nm process for the M2 and M1 chipsets. The M2 featured an “enhanced” version of the 5nm process. Which is why we saw some increases from the M1 series of chipsets, but nothing crazy. With M3 moving to 3nm, the jump could be rather insane. As the chip will be physically smaller, while also being more efficient and more powerful all at the same time.
As for the M3 Pro and M3 Max chipsets, we likely won’t see those until at least WWDC next year. If not, next October, which would make more sense.
The WordPress security plugin All-in-One Security (AIOS) silently logged users’ sign-in activities and passwords in plaintext. The plugin team fixed the flaw after public disclosure of the matter. Since the patch is now available, WordPress admins must update their websites immediately to prevent potential threats.
AIOS WordPress Plugin Stored Plaintext Passwords
Reportedly, the developer team behind the AIOS WordPress plugin has released a significant update addressing a severe security flaw.
According to their advisory, the plugin vulnerability resulted in logging users’ passwords in plaintext in the WordPress database. The flaw severely risked the WordPress websites’ security if the admins reused the same passwords on other services’ accounts without two-factor authentication.
AIOS – All-in-One Security – is a dedicated WordPress security plugin that protects websites from common cybersecurity threats. These include copywriting protection, iFrame prevention to limit content theft, comment spam filtering, and a web application firewall.
While the plugin boasts tremendous usefulness for websites, the blatant logging of passwords in plaintext seemingly failed the entire purpose of the plugin.
The vulnerability became publicly known after a user reported the matter via the official WordPress support section. As highlighted in the complaint, the plugin logged user login attempts to the aiowps_audit_log database, login and logout attempts, failed sign-in attempts, and the most alarming data – users’ passwords – in plaintext, violating the basic security compliance standards.
In response, the support agent assured the user about an upcoming fix, even sharing the development builds for a quick fix. Nonetheless, given the severity of the issue, the delayed release of the patch concerned numerous users too. Oliver Sild, CEO of Patchstack, also highlighted how the flaw threatened over a million websites in his tweet.
It has more than 1 million active installations btw. So far the developer haven’t even told the users to change all passwords. Due to the scale, we will 100% see hackers harvest the credentials from the logs of compromised sites that run (or has run) this plugin.
The vulnerability affected the AIOS plugin version 5.1.9, and the team subsequently addressed the flaw with the now-released version 5.2.0. The developers have also shared the vulnerability details on the plugin page’s changelog.
Since the patch is now available, all WordPress admins must update their websites with the latest version to avoid potential threats.
A few weeks ago, there was a leak touting how much larger the batteries in the iPhone 15 series were going to be. They are quite a bit larger – that is, if it is true. With some sizes getting nearly a 20% bump over the 14 series. But how is Apple going to do this?
Well, as it turns out, Apple is stealing a technique that EVs use. And that is, stacked batteries. EVs use stacked batteries that go the length of the vehicle, which allows for more battery capacity, but also makes it safer as there is a lower center of gravity, so it’s less likely to flip over in an accident.
This comes from leaker RGcloudS, who claims that this could be used in the iPhone 15, as well as on the Galaxy S24 Ultra and Plus models next year. Which is going to help with Samsung using 65W charging on those models.
What does a stacked battery mean?
Well, it will mean more battery capacity, without making the phone a whole lot larger. It does explain why the iPhone 15 rumor mill is pointing to much larger batteries, of course.
On top of that, it could also let Apple move to faster charging on the iPhone 15. Apple currently limits the iPhone to around 20W charging, which is fairly slow. Especially when OnePlus is doing charging speeds above 100W. But keep in mind, iPhone battery capacities are typically a lot smaller than the Android side. For instance, the iPhone 14 has a 3279mAh capacity battery, in Android, that phone would get laughed out of contention.
But the rumor points that Apple could bump the charging speed up to 40W wired and 20W on MagSafe charging. That would be a nice bump, however, you’ll likely only notice the difference up to about 50% charge. As batteries will charge slower as they get to a higher state of charge.
This combined with a new energy efficient A17 chipset, the iPhone 15 models (particularly the Pro’s) could have some pretty spectacular battery life.
Just in, Facemoji has released its state of emoji report for the year. This report is coming in just before the world observes the global day set aside for emojis. With this insight, you can get to see the most popular emojis around the world and also in certain parts of the world.
The report also enlightens users on the new ways they can put stickers to good use. Have you ever wondered what was the most used emoji on various apps that you use? It’s quite easy to find out what your most used emoji is, but getting an idea of what others actively use is also fun.
This report shows little or no change in the top five most used emojis around the world. But it also points out a shocking change that might be of concern to a few people. Let’s now jump into the details and find out what insights the latest state of emoji report from Facemoji brings.
Insight from the Facemoji keyboard’s state of emoji reports for 2023
If you aren’t aware, Facemoji is a keyboard that comes with a ton of customization as well as other features. It is an alternative to the regular keyboard that comes with your smartphone. The app has over 1 million downloads on the Google Play Store, and it is free.
From its state of emoji report, it is clear that the top five emojis for 2023 remain the same as those from last year. These emojis are the crying, laughing (with tears), laughing rolling, heart, and the pleading face emoji. But the crying emoji has dethroned the laughing (with tears) emoji as the most used option for 2023.
Asides from these five emojis, Facemoji also compiled a list of the 20 most used options. Making the list are two heart emojis, the moai emoji, and the Argentinian flag. These entries join a host of regular face emojis that you use daily while chatting with friends.
A solid reason behind the Argentinian flag being on the list is as a result of their victory in the 2022 FIFA Men’s world cup. The flag also makes the list of the most used emojis in Argentina, Spain, and Italy. In most countries, the heart, crying, pleading face, and laughing (with tears) emojis are the most used options.
Across most social media apps, laughing (with tears) emojis are the most popular. To experience a new way to use emojis, Facemoji is now prompting users to try out emoji stickers. Also, with the keyboard, users can explore text art and use them to form impressive DIY emojis.
Now you have an idea of the most popular emojis among Facemoji users around the world. Possibly other keyboards might release information on the emojis their users frequent. What are your top five emojis, and why do you actively use them?
WormGPT, a black-hat-based tool has been recently launched by cybercriminals and has the potential to conduct various social engineering as well as Business Email Compromise (BEC) attacks. This tool has no limitations towards its use and has no boundaries.
The use of generative AI has seen a remarkable reach in recent times. With the release of ChatGPT in November 2022, there have been several AI tools created and refined for multiple purposes. However, here comes a time in which a new AI has been released specifically designed for Black Hats.
Business email compromise, commonly referred to as CEO fraud or whaling, attacks businesses by impersonating senior executives or reliable partners.
BEC Attacks Revolutionised by WormGPT
As per reports, threat actors have been using ChatGPT and other AI-based tools for generating malicious email that seems legitimate enough to convince an employee in giving sensitive information.
In a forum of cybercriminal discussions, there has been evidence that threat actors rely on ChatGPT for composing BEC emails. Even hackers with low fluency in other languages can use these AI-generative emails for conducting such attacks.
Another discussion mentioned “Jailbreaks” for tools like ChatGPT. These are specially crafted prompts that can make ChatGPT give out sensitive information beyond the scope of its use. It can even provide inappropriate content or generate harmful code.
Jailbreak discussion (Source: Slashnext)
WormGPT
WormGPT was also found on a cybercriminal discussion forum, which was mentioned to be specially designed as a blackhat alternative to other GPTs. It is designed with GPTJ (Generative Pre-trained Transformer-J) language models with a range of features and code formatting capabilities.
WormGPT
In an experiment conducted with WormGPT where it was asked to generate a BEC email for pressurizing an account manager for paying a fraudulent invoice. The results were extremely harmful since they generated a convincing, grammatical error-free, and persuasive email which would convince any employee.
It is recommended for organizations train their employees about these kinds of phishing emails and have appropriate email filters in place for preventing such AI-generative email-based attacks.
Currently, the campaign has affected approximately 800 individuals and businesses globally, including 310 in the United States, with an ad budget compromise of $180,000.
Facebook serves as a thriving platform for optimizing ad campaigns, making it a crucial tool for businesses worldwide to boost their revenues. However, it is not without its downsides, as the platform has been exploited by cybercriminals to spread malware and, even worse, ransomware.
A recent warning issued by Malwarebytes’ senior threat researcher, Jérôme Segura, highlights the need for businesses to be vigilant. He cautions against falling victim to malicious Meta ad manager downloaders and Chrome extensions, particularly when faced with offers that seem too good to be true and involve clicking on suspicious URLs. The primary targets of these attacks are often business account users who are willing to invest their ad dollars in Meta platforms.
According to Malwarebyte’s latest blog post, a newly identified cybercrime gang originating from Vietnam has been engaging in targeted attacks on Facebook business users, with the aim of stealing advertising accounts. What makes this situation even more alarming is that victims are not limited to a specific geographic region; the attacks have been reported worldwide.
Jérôme Segura, in his analysis, reported a noticeable surge in sponsored posts and accounts that are attempting to impersonate Meta/Facebook Ad Manager in recent weeks. Delving deeper into the matter, investigators uncovered that the cybercriminals are distributing counterfeit software, falsely promoting it as a more effective tool for optimizing ads on Facebook. Businesses and advertisers need to be aware of this emerging threat to safeguard their accounts and assets.
The cybercrime gang employs malware-infected Chrome extensions as their method of choice to steal Facebook business account credentials. What is particularly intriguing is that Jérôme Segura was able to detect their campaign thanks to a mistake made by the threat actors themselves.
Apparently, the attackers accidentally placed one of the malware files in the wrong location, which ultimately led to the inadvertent exposure of stolen data. This fortunate error provided valuable insights to the researchers at Malwarebytes, aiding them in their investigation and analysis of the cybercrime operation.
What Happens When Meta Business Accounts Get Infected with Malware?
Once the malicious extension is downloaded, the attackers gain control over the business’s ad budget, allowing them to exploit it according to their own agenda. The campaign came to light in early June when the threat actors enticed businesses with deceptive Facebook Ads Manager program installers, distributed through URLs, promising to enhance ad revenues.
To make their scheme more convincing, the attackers utilized fraudulent accounts with thousands of followers. Consequently, the posts made through these accounts quickly went viral, further deceiving unsuspecting victims and expanding the impact of the attack.
The victims are redirected to phishing pages that imitate the appearance of Meta’s official logo and branding. Upon downloading the program file, several components of an MSI installer package are installed in the directory: C:\Program Files (x86)\Ads Manager\Ads Manager. Subsequently, a batch script is initiated, opening a new browser window displaying a custom extension.
In this window, the unsuspecting victim is prompted to enter their Facebook credentials on a deceptive login page. It is through this fraudulent login page that the cybercriminals aim to harvest the victims’ login credentials, granting them unauthorized access to the victims’ Facebook business accounts.
The custom extension cleverly masquerades as an unpacked Google Translate extension, making it appear innocuous and legitimate. However, upon reverse engineering, it becomes evident that the extension’s code is entirely unrelated to its purported function. Instead, the sole purpose of this deceptive extension is to illicitly gather Facebook login credentials and cookies from unsuspecting users.
Image: Malwarebytes
To exfiltrate the stolen data, the cybercriminals employ a cunning technique of bypassing Content Security Policy (CSP) restrictions by leveraging Google Analytics. This allows them to transmit the stolen information undetected and without triggering any alarms. In effect, the attackers exploit the widely-used Google Analytics service as a conduit to sneak the stolen data out of the victim’s system and into their own malicious infrastructure.
This sophisticated method allows the cybercrime gang to continue their illicit activities discreetly, evading detection while compromising the security and privacy of Facebook business account users.
Just for your information, Facebook Ad Manager is a tool that enables users to run online ads on various social media platforms owned by Meta, including Instagram. Recently, cybersecurity researchers detected approximately 20 malicious ad manager archives, which were used to distribute Chrome extensions with the intention of hijacking Facebook business accounts.
During their investigation, researchers stumbled upon a newly discovered phishing site and found an unexpected mistake made by the cybercriminals. The attackers had failed to include the payload but inadvertently leaked the stolen data.
Recognizing their error, the criminals promptly removed the file from their Google Drive account and then updated the download link on the phishing site with a new file hosted on MediaFire. This move was likely an attempt to cover their tracks and maintain their malicious activities undetected.
Upon further analysis, researchers identified column titles in the Vietnamese language within the stolen data, which were directly related to ad budgets and currencies. This points to the origin of the cybercrime gang or indicates that they might be targeting victims from Vietnamese-speaking regions.
As of now, the campaign has victimized around 800 individuals and businesses, highlighting the severity of the threat and the importance of staying vigilant against such phishing attacks and malware distribution schemes. What’s worse, the threat actors managed to compromise over $180,000 in ad budget including from 300 victims within the United States.
Targeted regions – Image: Malwarebytes
In previous research, Meta disclosed that threat actors like DuckTail, among others, have been targeting Facebook advertising accounts over an extended period. While Jérôme Segura acknowledges the uncertainty regarding the direct attribution of this threat actor to DuckTail, he highlights the undeniable similarities in motives and a shared preference for hacking Facebook business accounts, which raises the possibility of a connection.
In response to the campaign’s discovery, Facebook has been duly notified, and the company has taken prompt action. To protect themselves, users of Facebook business manager accounts are advised to immediately revoke access for any unidentified users and conduct a thorough scan of their computers to identify and remove any potential malware that might have been installed. Taking these precautionary measures will help safeguard their accounts and data from falling victim to these malicious attacks.
The Google Pixel 8 Pro (and Pixel 8) are due to be announced in October, as is typically the case for Google. But that has not stopped concept makers from making some really sweet renders on the Pixel 8 Pro. And this latest one from Twitter user @MichaelBTech looks fantastic. Especially the green one.
He’s also put out a concept video showing off all three colors. That’s the white, black and green colors. It’s not a long video, about 37 seconds, but it will definitely get you excited for the Pixel 8 Pro launch in October.
Editor’s Note: This is a concept, meaning that it is not the final or even an official design of the Pixel 8 Pro. This is just what a concept designer thinks it will look like, based on some leaks. So please keep that in mind here, that nothing here is official.
A much more curved Pixel
As you can see in this concept, the Pixel 8 Pro is a lot more curved here. Especially around the sides and the corners. It gives it a rather interesting look. And, Google is also not adopting the Pixel Fold’s camera bar here. It’s sticking with the same camera bar from the Pixel 6 and Pixel 7 series. The biggest difference here is that all three cameras are in the same cutout, instead of putting the telephoto in a separate cut out.
In the video, we can’t really see the front. And the few seconds we do see the front, it’s the top. Which doesn’t really show us much, other than the camera cutout is still front-and-center. And the bezels look pretty small.
The concept has Google going with a stainless steel frame and camera bar, which looks really nice, however, it will scratched up very easily. As we’ve seen with the Pixel 7 Pro’s camera bar. So hopefully that isn’t part of the final design when Google unveils it in a couple months.
Ever since the start of the AI revolution, data scraping has become a pressing issue for platforms like Twitter, which hold vast amounts of valuable human conversation. Now, in a recent development, X Corp., the company owned by entrepreneur Elon Musk, has reportedly filed a lawsuit against four unidentified individuals for allegedly scraping user data from Twitter and is seeking over $1 million in damages.
What exactly is data scraping, and how does it affect Twitter?
Data scraping refers to the use of automated programs to gather data from publicly accessible websites, which can be utilized for various purposes, such as training artificial intelligence models or targeted online advertising.
According to the complaint, Twitter has accused four unknown identities of violating its terms of service by scraping user data from the platform. Additionally, the company argues that these unknown actors carried out the scraping through “automated requests” that flooded Twitter’s sign-up page, causing disruptions to the platform’s servers and affecting users’ experiences.
Although the report does mention the actors’ IP addresses, X Corp. claims that it has been unable to discover the identities of the four individuals responsible for the scraping activities. However, it is important to note that the legality of data scrapping is still a subject of debate in the US. This is because a ruling in 2022 by the U.S. Ninth Circuit of Appeals reaffirmed that scraping publicly accessible data does not violate the Computer Fraud and Abuse Act, making it generally permissible.
Twitter’s response
To address this, Twitter implemented several measures, including a rate limit that imposed restrictions on the number of posts a user can view in a single day and restricting access to tweets for users who do not have a registered Twitter account.
“By unlawfully scraping data, Defendants flagrantly ignore not only X Corp.’s Terms of Service but also the privacy preferences of Twitter users,” the filing stated.
