Category: Security

Microsoft will retire the Windows 10 operating system on October 10, 2025. It’s the first time the company puts an expiration date on its current operating system, paving the way for its successor, Windows 11.

It’s a big deal when an operating system reaches end-of-life because it essentially means that its maker no longer issues updates, leaving it vulnerable and eventually buggy. When that operating system is Windows, the reach of the OS into the modern world complicates the situation further.

Microsoft made a few changes to the Windows lifecycle policy, putting a firm date on Windows 10’s end-of-life strategy — October 14, 2025. The company said that the new policy will apply to Home, Pro, Pro Education, Pro for Workstations and that Microsoft will continue to support at least one Windows 10 Semi-Annual Channel until then.

The end-of-life for the other Windows 10 products is a little more complicated, as Microsoft will likely continue to provide support for companies who choose to continue to use their products, at least for a while. The same happened with Windows XP and Windows 7, and the same policy will likely continue with Windows 10.

To be clear, only support for Windows 10 will end; the operating system will continue to work just as before but will become increasingly unsafe for users. Users who continue running unsupported OSes will have to use a dedicated security solution to get malware protection.

For example, even if Microsoft announced the end of support for Windows 7 as of January 14, 2020. Bitdefender continued to provide support for its software on that platform for two more years.

Online scammers use the name of international shipping company UPS to dupe consumers into participating in a survey giveaway scam.

The scam, recently spotted by Bitdefender Antispam Lab, guarantees recipients a Sony PlayStation 5 gaming console in return for completing the online survey on behalf of UPS.

Fraudsters use traditional clickbait tactics such as “Participate before it’s too late” to entice users into reading the email. The message makes it look like recipients were among the lucky winners, as they’ve been chosen to participate in the Loyalty Program, free of charge. “It will take you online a minute and you will receive a fantastic prize: A Brand New Sony PlayStation 5,” the email reads.

The scammers also say the giveaway only applies to US residents, and there can only be 10 lucky winners.

Online survey scams are used to scrape personally identifiable and financial information that can be used to commit identity theft. The data can also be sold to third parties and monetized by other cyber crooks.

Survey scams that guarantee a large prize such as an iPhone, or in this case, a PlayStation 5 gaming console, usually ask victims to provide their credit card information to cover “shipping costs” for the product they’ve won.

Tips to protect your information

Unfortunately, UPS is not participating in the giveaway business. The next time you receive a text message, email or phone call asking you to participate in a survey to win some goodies, hang up or delete the message immediately.

Additional warning signs can be noticed while filling out the so-called survey and you’re asked to provide a username, Social Security number, credit card details or other sensitive data – information a legitimate survey will never ask for.

Unless you can confirm that the survey is legit, stay away from survey and giveaway promotions you receive via email.

If the body of the message has no obvious red flags, check the URL of the survey. Fraudsters may use domain spoofing to make it look like the URL you are accessing is valid, so remember to check the spelling.

There are no bulletproof methods to prevent scammers from impersonating well-known brands and businesses. Even if companies constantly monitor fraudulent activity, the adoption of preventive methods often falls on consumers.

The advanced anti-phishing protection integrated with Bitdefender solutions is designed to safeguard your device and private information, blocking suspicious websites impersonating trustworthy entities. Additionally, an anti-fraud filtering system will warn you whenever a website tries to scam you, keeping your sensitive information safe.

Our mobile devices are not just a means to communicate with others. They’ve evolved into a data storage device, a video and sound recorder, as well as an easy way to access our bank accounts.

Mobile security is often overlooked by many technology users, who dismiss the reality of security risks brought by careless interactions with the digital world.

Given the portability and myriad of functionalities, mobile devices are highly susceptible to cyber threats, including malware, spyware and phishing attempts that may compromise that precious piece of tech we keep in our pocket and any information stored on it.

Threat actors know that users often behave recklessly with their smart devices. If they play their cards right, the compromise of a user’s devices can be financially rewarding, offering insight into the private and sensitive information of its owner.

Here are some essential preventive measures to help protect and keep your devices safe from the most frequent mobile security threats out there.

Keep your devices and apps up to date

An up-to-date system can protect your smartphone or tablet from vulnerabilities or loopholes that can be exploited. If you don’t like the automatic updates functionality on mobile devices, watch for software update notifications and reminders that may pop up on your screen and install the patches manually as soon as you have the time. 

Delete unused apps from your device

Old and unused apps that have not been kept up to date may conceal severe security flaws that endanger the security of your device.

Consider reviewing the app library for any applications you no longer need. A cleanup will make it easier for you to find your apps and help make your device more secure.

Back up data

Today, memory cards for mobile devices offer a large storage capacity for your contacts, messages, files, videos and photos. However, making regular backups for your data is essential in case of theft or malicious compromise such as a ransomware attack.

Avoid smishing and phishing attacks

Like phishing, SMS-based attacks, also known as smishing, seek to trick recipients into accessing a malicious link via text. Smishing attacks rely on social engineering tactics to fool recipients into handing over personal information or downloading malicious software onto the device.

Treat any unsolicited SMS with caution, especially those that purport to come from your bank and ask you for personal or financial information.

If you’re always checking your emails, be wary of any unsolicited messages that seek to create a sense of urgency or induce a state of panic. Remember, if it seems too good to be true, it probably is.

Delete any unexpected messages received via text or email and do not reply to the sender.

Hang up or don’t respond to suspicious phone calls

Fraudsters and scammers may also call you on the phone. Like any good actor, the scammer will attempt to convince you that the call’s offer or purpose is legitimate. If you’re asked for personally identifiable information, bank account numbers, PINs or credit card numbers, hang up immediately. Bullying or threats are another major red flag.

Dodge unsecured public WiFi networks

Public WiFi networks are rarely secured, serving up additional ways to compromise your device. Thus, despite reduced travel and vacationing during the pandemic, the risks of malicious interference have not vanished.

Users handling sensitive information while connected to a public WiFi can face many threats, including theft of personal information such as login and financial data.  Additionally, cybercriminals may mimic a legitimate public WiFi, known as man-in-the-middle-attacks. Users who connect to these malicious networks are exposed to data theft, malware infections and financial compromise.

Security at home or on the go

Protecting against mobile security threats doesn’t need to be a painstaking process involving comprehensive security know-how.

A cybersecurity solution on your smartphone or tablet protects your device from internet-enabled threats and guards your personal information from cyber thieves.

Bitdefender’s web attack prevention uses web-filtering technology to ensure you don’t land on malicious websites when browsing. Paired with anti-phishing protection and anti-fraud filtering systems integrated into our security solution, you won’t have to worry about suspicious websites or scams.

Compatible with both iPhone and Android smart devices, Bitdefender Mobile Security will help secure your data by offering full protection against mobile-specific threats whether you’re at home, at your favorite coffee shop, or on vacation.

An extra layer of privacy and security is brought by the integrated VPN that secures all your traffic on public networks and protects your online activity, such as banking or shopping, from prying eyes.

Consumers are sometimes skeptical about warnings that smartphones face just as many security threats as regular computers. While some security experts might seem over-zealous shouting about the dangers, the vast majority of warnings about mobile security threats are indeed justified. Just because our phones are not tethered physically to a network doesn’t mean they’re safe from cyber threats. In fact, they are more vulnerable than most of us like to think.

Platform-agnostic threats

Most security threats faced by regular users arrive via the Internet, whether it’s a malicious app or a rigged website, a scam delivered through the user’s social media channels, or a phishing scheme carried out via email or SMS. Even ransomware can make its way onto your phone if you jump through enough hoops set up by a threat actor.

Stalkerware is another big issue on mobile platforms. Whether delivered by exploiting a software vulnerability in the phone or installed deliberately by, say, a jealous spouse, this type of malware is especially prolific on phones – since they contain troves of personal data and private communication channels.

Mobile threats are in no way a myth. And most threats today are platform-agnostic, meaning they don’t discriminate based on OS or device type as long as the hardware can connect to the web. Furthermore, most consumer-oriented threats focus on stealing data (passwords, credit card information, etc). In many cases, no malware is needed to compromise this data. A well-timed phishing attack is all it takes to steal a user’s personal or financial information.

iPhones are not immune to hacks

‘White hat hackers’ are skilled security researchers that specialize in finding and exploiting device-specific vulnerabilities so bad guys don’t get to them first. But that doesn’t stop ‘black hats’ from doing the same. And when the bad guys do succeed, they sell their mobile exploits for millions on the dark market.

A vulnerability in WhatsApp recently made headlines for allegedly allowing threat actors to install spyware onto iPhones. It’s just one example that Apple’s walled ecosystem is not so immune to hacks either.

Weaponized hype

As shown in our 2020 Consumer Threat Landscape Report, the surge in popularity of video conferencing solutions during the pandemic opened an unlikely door for opportunistic threat actors. We detected a relatively large number of users installing Zoom apps from unofficial app stores, exposing themselves to malware posing as Zoom installers.

This scenario especially applies to Android phones. As noted in a recent Bitdefender Labs entry, one of Android’s greatest strengths, the ability to sideload apps from unofficial sources, is also its Achilles’ heel.

Our researchers wrote:

“Using a combination of tricks to persuade users to install apps outside of the official store, criminals spread most of their malware through sideloading. If mobile devices have no security solution installed, malicious apps roam free.”

Teabot, also known as ‘Anatsa,’ is an Android malware that can carry out overlay attacks via the Accessibility Services. It can intercept messages, perform keylogging activities, steal Google Authentication codes, and it even enables its authors to take full remote control of a user’s phone.

The Teabot payload is hidden in fake apps copying popular counterparts from the official Google Play store – some with as many as 50 million downloads. One popular distribution method uses a tainted Ad Blocker that people deliberately seek and install from unofficial sources. Other attack avenues include so-called free antivirus apps.

Stay protected with Bitdefender Mobile Security

Bitdefender has long gauged the dangers posed to mobile platforms, as well as the privacy hurdles we face each day in the digital era.

Bitdefender Mobile Security gives your iPhone or Android device full protection against mobile-specific threats, plus a secure VPN for a fast, anonymous and safe experience while surfing the web. We help users secure their passwords, private data and financial information, and we offer instant alerts whenever an incident is detected and prevented.

And with our new Digital Identity Protection you can check your online accounts against data breaches, find your private information online in legal and illegal collections of data, detect your social media impersonators and more. You can count on us to always be there to help you secure your online accounts, regardless of platform.

Bitdefender researchers warn about a new wave of attacks that infect Android devices and steal personal details. 

Several popular apps have been impersonated and packed with malware named Teabot, the latest Bitdefender Lab report shows. Cybercriminals trick users into installing these apps outside of the official store. If the mobile device on which it’s downloaded has no security solution installed, the malware roams free.

TeaBot can intercept messages, steal Google Authentication codes, and even remotely control Android devices. 

Bitdefender researchers have also identified a strange distribution method, with attackers using a fake Ad Blocker app that acts as a dropper for the malware. They suspect several other fake apps are used, but they remain unknown for the time being. The most reliable way to stay safe from these threats is to install a security solution on your Android devices. Consider getting Bitdefender Mobile Security to protect yourself from any suspicious apps and block any potentially dangerous links you might receive.

Another threat to watch out for is the text message scam. It is currently spreading at full speed across Germany, Spain, Italy and the UK. 

The message, which pretends to be from a delivery firm, contains a link that is actually a malicious piece of malware called Flubot. 

FluBot imitates the following apps, among others:

Once downloaded, it can take over devices and spy on phones to gather sensitive data, including online banking details. It also has the ability to send more infected text messages to the user’s contacts.

You can read more about TeaBot and Flubot in the Bitdefender Lab full report. 

If you feel you’ve had enough bad news and want to jump to a solution, here it is: Bitdefender Mobile Security. It will protect you from any suspicious app and any potentially dangerous link you might receive. 

The most extensive data leak collection to date, dubbed ‘RockYou2021’, was dumped on popular hacking forums earlier this month.

According to a CyberNews report, a forum user posted a 100GB text file with 8.4 billion password entries, presumably obtained from previous data leaks and breaches.

Despite the author’s claims that the document contains 82 billion passwords, researchers noted that the “actual number turned out to be nearly ten times lower – at 8,459,060,239 unique entries.”

In a description provided by the post’s creator, it was revealed that the passwords are between 6 and 20 characters in length, with non-ASCII characters and white spaces removed.

The researchers also emphasized that the RockYou2021 data leak is comparable to the leak of the giant database known as Compilation of Many Breaches, or COMB, dumped earlier this year.

“Its 3.2 billion leaked passwords, along with passwords from multiple other leaked databases, are included in the RockYou2021 compilation that has been amassed by the person behind this collection over several years,” said CyberNews investigators in the report.

What are the risks?

Cybercriminals can use the database to conduct password-spraying or brute force attacks. In this form of attack, malicious actors try a list of common passwords on many online accounts to gain access and compromise the user.

Moreover, user exposure to account compromise increases seven-fold due to bad cyber habits such as password reuse and recycling, potentially leading to account takeover on numerous apps, websites and platforms.

What should users do?

The extent of this data leak leaves little room for debate on whether one of your account passwords has been exposed. As such, users should consider resetting passwords wherever possible.

Remember to use a complex and hard-to-guess password and enable two-factor authentication (2FA) on all compatible online accounts. If you’re having trouble remembering or keeping track of your passwords, look up a trustworthy password manager.

The data breach pandemic is here to stay, affecting millions of internet users each year. The more you know and control, the easier it is to manage your online data and persona and reduce your risks.

Start by checking if your personal information has been stolen or made public on the internet with Bitdefender’s Digital Identity Protection tool, only with your e-mail address and phone number.

Following a public debate, GitHub changed its policies regarding exploits, malware and vulnerability research so that the company’s position is much clearer when it comes to action and its responsibilities.

There’s no denying that GitHub’s usefulness far outweighs that of the potential harm that it can generate. The platform’s often been used in various malware campaigns, but GitHub is trying to change some policies to allow users, researchers and the platform itself to manage the content better.

After the community weighed in on GitHub’s proposal, new policies have come into effect, one of which stands out:

“We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits,” state the new policies. “We understand that many security research projects on GitHub are dual-use and broadly beneficial to the security community. We assume positive intention and use of these projects to promote and drive improvements across the ecosystem. This change modifies previously broad language that could be misinterpreted as hostile toward projects with dual-use, clarifying that such projects are welcome.”

The second point is almost as crucial, as GitHub states it will not allow its platform to be used in “unlawful attacks that cause technical harm, which we’ve further defined as overconsumption of resources, physical damage, downtime, denial of service, or data loss.” The precise definition of what constitutes an attack no longer leaves room for interpretation.

GitHub also made it a lot clearer that an appeals and reinstatement process is available for users who have had their projects suspended. The company also has a system in place to let parties resolve disputes before the incident is elevated to be arbitrated by GitHub.

These policies should make it easier to distinguish real security projects from malicious ones, making it more difficult for threat actors to hide behind a veil of research.

The Australian Federal Police (AFP) has revealed that it was able to decrypt and snoop on the private messages sent via a supposedly secure messaging app used by criminals… because the app was actually the brainchild of the FBI.

At a press conference, AFP commissioner Reece Kershaw described how the idea of “AN0M” – a backdoored messaging app – was dreamt up by members of the FBI and AFP over a few beers after the shutdown in 2018 of “Phantom Secure,” an encrypted phone network used by criminals and drug cartels.

Keen to fill the vacuum left by the dismantlement of “Phantom Secure,” the FBI secretly ran the “AN0M” service, sharing criminals’ supposedly secret communications in real-time with AFP officers, and other law enforcement agencies around the world.

224 people have been arrested in Australia in what has been dubbed “Operation Ironside,” and 3.7 tonnes of drugs, 104 weapons, AU $44.9 million (US $34.75 million) in cash, as well as millions of dollars of other assets such as luxury cars have been seized.

In addition, Australian police say that they have acted on 20 threats to kill.

Many more arrests are expected domestically and internationally – and all because the criminals were using a communications service that they believed was secure, but was in fact run by the cops.

AN0M ran on modified smartphones sold on the black market, stripped of normal functions like email or the ability to even make a phone call, and which required owners to pay a subscription.

Ironically, those subscription fees were actually destined to go into the coffers of the police force that would ultimately arrest those using the devices.

Sneakily, police encouraged informants to seed the app into the criminal underworld, before it was adopted by drug lords who unwittingly acted as “influencers,” giving the app legitimacy and encouraging other criminals to adopt it for communications.

Rather than promoting its secretly-backdoored app, the AN0M website now declares that it has been seized by the authorities and invites users to enter their contact details if they think their account might be linked to an ongoing investigation (!):

This domain has been seized Law enforcement has been monitoring messages and attachments from the ANØM platform. A number of investigations have been initiated and are ongoing. To determine if your account is associated with an ongoing investigation, please enter any device details below:

I wonder how many people will be keen to do that…

According to AFP commissioner Reece Kershaw, “We were able to see every handset that was handed out and attribute it to individuals… The use of encrypted apps represents significant challenges. AN0M gave us insights we never had before.”

Of course, AN0M is just one of many apps claiming to offer secure end-to-end encrypted messaging. There are other more widely-used and more mainstream apps that provide a similar service for anyone – criminal or otherwise – to communicate securely.

The arrests undertaken by the Australian police, which is likely to be replicated by other agencies around the world, will no doubt give some pause to consider whether the secure messaging app they are using really is secure as they think it is.

The US Department of Justice (DOJ) has seized more than half of Colonial Pipeline’s $4.4 million ransom payment towards the infamous cybercriminal group known as Darkside.

According to a press release posted on June 7, the FBI recovered $2.27 million from a cryptocurrency account used by the hackers.

Federal investigators managed to track down the payment of 63.7 bitcoin as it moved through the cryptocurrency ecosystem in multiple anonymous transfers.

“Following the money remains one of the most basic, yet powerful tools we have,” said Deputy Attorney General Lisa O. Monaco for the U.S. Department of Justice. “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises.”

FBI agents used a blockchain explorer to track down the address that received numerous payments on May 27. Fortunately, they also had the password or private key needed to access the wallet address, according to the supporting affidavit.

“The proceeds of the victim’s ransom payment, had been transferred to a specific address, for which the FBI has the ’private key,’ or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address,” the DOJ explained.“This bitcoin represents proceeds traceable to a computer intrusion and property involved in money laundering and may be seized pursuant to criminal and civil forfeiture statutes.”

The seizure of funds involved coordinated efforts of multiple law enforcement departments, including the Ransomware and Digital Extortion Task Force, a division created by the DOJ to fight the growing number of ransomware attacks targeting United States infrastructure.

The Task Force specializes in ransomware criminal ecosystems, prioritizing the disruption, investigation and prosecution of malicious digital acts and extortion.

The HM Revenue and Customs (HMRC) has warned the British public to be vigilant against scams and fraud attempts, as the remaining annual renewal packs are due to arrive via post this week.

The alert was issued in response to more than 1 million referrals and suspicious contacts received by the public from April 2020 to April 2021, with more than half offering fake tax rebates.

The department has also removed more than 3,000 suspicious phone numbers and 15,700 malicious web pages with the help of telecom companies and the nations’ communications regular (Ofcom).

In total, HMRC’s Cyber Security Operations has responded to nearly 450,000 phone scam reports, up 135% from last year.

“We’re urging all of our customers to be really careful if they are contacted out of the blue by someone asking for money or bank details,” said Myrtle Lloyd, HMRC’s Director General for Customer Services.

“There are a lot of scams out there where fraudsters are calling, texting or emailing customers claiming to be from HMRC. If you have any doubts, we suggest you don’t reply directly, and contact us yourself straight away. Search GOV.UK for our ‘scams checklist’ and to find out ‘how to report tax scams’.”

Despite the agency’s successes in impeding spoofing of helpline numbers, fraudsters using social engineering skills may still fool citizens into providing personally identifiable information (PII) and financial data.

As such, customers who can’t verify the identity of a caller should end contact with the individual and hang up the phone.

The alert underlines that renewing online by logging into the government website is “quick and easy,” and customers can also check on the progress of their renewal.

To make sure customers don’t fall victim to fraudulent schemes, HMRC advises the following:

• Don’t provide personal information, reply to text messages, download attachments or reply to unsolicited emails claiming to be from the HRMC
• Don’t trust caller IDs on smartphones, as the numbers can be spoofed
• Reject, refuse and ignore requests that rush or panic you into providing your personal and financial information
• Research similar scams and brush up on the latest phishing and smishing fraud attempts
• Forward suspicious emails claiming to be from HMRC via  phishing@hmrc.gov.uk
• Contact your bank if you suspect any fraudulent attempts or have fallen victim to a scam
• Report scams and fraud via Action Fraud