Categories
Capitol riots Donald Trump Email Facebook Intelwars Social Media Twitter

It’s not just Twitter: Numerous online services take action against Trump, Trump-related content

It’s not just Twitter.

The U.S. Capitol riots provoked an avalanche of online backlash against President Donald Trump on Thursday and Friday, causing numerous online services to sever ties with Trump or his associated political activities.

Twitter, of course, permanently banned Trump from the platform late Friday, citing “risk of further incitement of violence.”

Who else is banning/suspending Trump?

Financial Times reporter Dave Lee noted Friday that Trump’s campaign has not been sending emails to its supporters since Wednesday, an indication that its email service providers are severing ties.

In fact, one service provider — Campaign Monitor — confirmed it had suspended the Trump campaign’s access to its service.

The company said:

The self-service account associated with the Donald Trump Campaign has been suspended as of today, January 7th, 2021. Typically, political campaigns use multiple email service providers to send campaign, fundraising, and other emails. Based on the low volume of emails that had been sent from the Campaign Monitor account, this is likely a very small portion of total email activity from the campaign.

Social media platform Reddit also banned its subreddit forum about the president — “r/DonaldTrump” — according to Axios.

“Reddit’s site-wide policies prohibit content that promotes hate, or encourages, glorifies, incites, or calls for violence against groups of people or individuals. In accordance with this, we have been proactively reaching out to moderators to remind them of our policies and to offer support or resources as needed,” a Reddit spokesperson told Axios.

As TheBlaze reported, online retailer Shopify and livestreaming service Twitch have also suspended or banned accounts related to Trump.

Shopify said, “Shopify does not tolerate actions that incite violence. Based on recent events, we have determined that the actions by President Donald J. Trump violate our Acceptable Use Policy, which prohibits promotion or support of organizations, platforms or people that threaten or condone violence to further a cause. As a result, we have terminated stores affiliated with President Trump.”

Twitch said, “In light of yesterday’s shocking attack on the Capitol, we have disabled President Trump’s Twitch channel. Given the current extraordinary circumstances and the President’s incendiary rhetoric, we believe this is a necessary step to protect our community and prevent Twitch from being used to incite further violence.”

Facebook and Instagram have also suspended Trump’s accounts through Inauguration Day. Snapchat also disabled Trump’s account.

Meanwhile, Paypal, Discord, TikTok, YouTube, Pinterest, Google, and Apple have also taken action against Trump-related content, Trump supporters, or Trump-related activities.

Online accounts related to Steve Bannon, Sidney Powell, and Michael Flynn have also been taken down.

Share
Categories
Cybercrime Email hacking Intelwars Malware Phishing Russia

Business Email Compromise (BEC) Criminal Ring

A criminal group called Cosmic Lynx seems to be based in Russia:

Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according to researchers from the email security firm Agari, particularly targeting senior executives at large organizations and corporations in 46 countries. Cosmic Lynx specializes in topical, tailored scams related to mergers and acquisitions; the group typically requests hundreds of thousands or even millions of dollars as part of its hustles.

[…]

For example, rather than use free accounts, Cosmic Lynx will register strategic domain names for each BEC campaign to create more convincing email accounts. And the group knows how to shield these domains so they’re harder to trace to the true owner. Cosmic Lynx also has a strong understanding of the email authentication protocol DMARC and does reconnaissance to assess its targets’ specific system DMARC policies to most effectively circumvent them.

Cosmic Lynx also drafts unusually clean and credible-looking messages to deceive targets. The group will find a company that is about to complete an acquisition and contact one of its top executives posing as the CEO of the organization being bought. This phony CEO will then involve “external legal counsel” to facilitate the necessary payments. This is where Cosmic Lynx adds a second persona to give the process an air of legitimacy, typically impersonating a real lawyer from a well-regarded law firm in the United Kingdom. The fake lawyer will email the same executive that the “CEO” wrote to, often in a new email thread, and share logistics about completing the transaction. Unlike most BEC campaigns, in which the messages often have grammatical mistakes or awkward wording, Cosmic Lynx messages are almost always clean.

Share
Categories
Email exploits Intelwars iPhone patching zeroday

New iPhone Zero-Day Discovered

Last year, ZecOps discovered two iPhone zero-day exploits. They will be patched in the next iOS release:

Avraham declined to disclose many details about who the targets were, and did not say whether they lost any data as a result of the attacks, but said “we were a bit surprised about who was targeted.” He said some of the targets were an executive from a telephone carrier in Japan, a “VIP” from Germany, managed security service providers from Saudi Arabia and Israel, people who work for a Fortune 500 company in North America, and an executive from a Swiss company.

[…]

On the other hand, this is not as polished a hack as others, as it relies on sending an oversized email, which may get blocked by certain email providers. Moreover, Avraham said it only works on the default Apple Mail app, and not on Gmail or Outlook, for example.

Share
Categories
Email GMail google Intelwars machinelearning Malware Phishing

Deep Learning to Find Malicious Email Attachments

Google presented its system of using deep-learning techniques to identify malicious email attachments:

At the RSA security conference in San Francisco on Tuesday, Google’s security and anti-abuse research lead Elie Bursztein will present findings on how the new deep-learning scanner for documents is faring against the 300 billion attachments it has to process each week. It’s challenging to tell the difference between legitimate documents in all their infinite variations and those that have specifically been manipulated to conceal something dangerous. Google says that 63 percent of the malicious documents it blocks each day are different than the ones its systems flagged the day before. But this is exactly the type of pattern-recognition problem where deep learning can be helpful.

[…]

The document analyzer looks for common red flags, probes files if they have components that may have been purposefully obfuscated, and does other checks like examining macros­ — the tool in Microsoft Word documents that chains commands together in a series and is often used in attacks. The volume of malicious documents that attackers send out varies widely day to day. Bursztein says that since its deployment, the document scanner has been particularly good at flagging suspicious documents sent in bursts by malicious botnets or through other mass distribution methods. He was also surprised to discover how effective the scanner is at analyzing Microsoft Excel documents, a complicated file format that can be difficult to assess.

This is the sort of thing that’s pretty well optimized for machine-learning techniques.

Share
Categories
Apple datamining Email Espionage Intelwars Marketing Surveillance

Companies that Scrape Your Email

Motherboard has a long article on apps — Edison, Slice, and Cleanfox — that spy on your email by scraping your screen, and then sell that information to others:

Some of the companies listed in the J.P. Morgan document sell data sourced from “personal inboxes,” the document adds. A spokesperson for J.P. Morgan Research, the part of the company that created the document, told Motherboard that the research “is intended for institutional clients.”

That document describes Edison as providing “consumer purchase metrics including brand loyalty, wallet share, purchase preferences, etc.” The document adds that the “source” of the data is the “Edison Email App.”

[…]

A dataset obtained by Motherboard shows what some of the information pulled from free email app users’ inboxes looks like. A spreadsheet containing data from Rakuten’s Slice, an app that scrapes a user’s inbox so they can better track packages or get their money back once a product goes down in price, contains the item that an app user bought from a specific brand, what they paid, and an unique identification code for each buyer.

Share