Eliana Willis

The US Federal Trade Commission (FTC) has ordered the developer of the SpyFone spyware app to delete all data that has been collected. 

On September 1, the data watchdog said that SpyFone, together with the company’s chief executive Scott Zuckerman, are now also banned from the surveillance business and they must delete any information illegally harvested — as well as attempt to notify its victims.  “The stalkerware app company secretly harvested and shared data on people’s physical movements, phone use, and online activities through a hidden device hack,” the FTC says. “The company’s apps sold real-time access to their secret surveillance, allowing stalkers and domestic abusers to stealthily track the potential targets of their violence.” Spyware, also sometimes described as stalkerware, is usually installed through access to a mobile phone and is able to track a user’s conversations, contacts, emails, harvest GPS location data, and monitor social media, among other functions. Spyware is often marketed as software for monitoring children and employees but may be turned to purposes including spying on partners and family members without their consent.  The FTC alleges (.PDF) that Puerto Rico-based Spyfone, now doing business as Support King, LLC, sold stalkerware that allowed customers to monitor individuals “without the device owner’s knowledge.” Furthermore, the agency claims that Spyfone also “provided instructions on how to hide the app so that the device user was unaware the device was being monitored.” Spyfone and Zuckerman have also been accused of failing to meet basic security standards in protecting the information illegally collected by the apps. In 2018, an unsecured, online server reportedly leaked terabytes of data harvested from Spyfone-infected mobile devices. The exposed information has been added to the Have I Been Pwned search engine. 

“The company promised purchasers that it would work with an outside data security firm and law enforcement authorities to investigate the incident,” US regulators say. “The FTC, however, alleges that the company failed to follow through on this promise.” Support King and Zuckerman are now banned from “offering, promoting, selling, or advertising any surveillance app, service, or business.” The FTC says that this is the first ban of its kind against a spyware app. “The stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company’s slipshod security,” commented Samuel Levine, Acting Director of the FTC’s Bureau of Consumer Protection. “We will be aggressive about seeking surveillance bans when companies and their executives egregiously invade our privacy.” While the company did not “neither admit nor deny” the allegations (.PDF) laid at its feet, the Electronic Frontier Foundation (EFF), nonetheless, applauded the FTC’s decision. In a separate statement (.PDF), Commissioner Rohit Chopra said, “the FTC’s proposed order in no way releases or absolves Support King or Scott Zuckerman of any potential criminal liability.” ZDNet has reached out to Support King for additional comment and we will update when we hear back. Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Facebook is one of those thing that I have a love/hate relationship with. I find it a great way to keep in touch with people, but it can quickly turn into a hellstew at any moment.

And it’s not just the ads. It’s the spam, the prompts for games and quizzes, videos popping out all over the place, and all the other distracting random stuff designed to steal my precious hours on this earth.One of the best things that I did to improve my Facebook experience was to install a browser extension called FB Purity.I honestly think that without this I would have dumped Facebook a long time ago.Must read: Facebook is the AOL of 2021FB Purity is a browser extension that, as the makers put it, “helps you to take control of your Facebook experience.”Who doesn’t need some of that in their life?

There’s so much built into FB Purity that it’s hard to know where to start, so I’ll just cover the features that I find useful.There’s a text filter system that lets you filter out specific keywords/phrases. This is great for making things like political posts and anti-vax/5G conspiracy tinfoil hat garbage evaporate.There’s also a powerful image content filter that lets you filter out images of cats, dogs, selfies, babies, memes, food, and smoking. It also allows you to create custom image content filters.With a few clicks you can hide all of the following: Events, Games and App Requests, Recommended Pages, Suggested Groups, People You May Know / Find More Friends, Get Connected, Pokes, Friend Requests, Birthdays, Chat, Trending Topics / Trending Hashtags, Businesses For You, Stories, Watchlist.I no longer get invites to play games, which is just super.FB Purity will also tell you on your list has deleted, unfriended or blocked you. This can reveal some interesting trends, but on the whole I’m not that bothered by what other people choose to do.FB Purity is only available for desktop browsers — Mozilla Firefox, Google Chrome (and any Chromium-based browser), Edge, Safari, Opera, Brave and Maxthon — and runs on Windows, macOS, Linux, and  Chrome OS (so unfortunately there’s no version for iOS/Android).FB Purity is donationware, so if you like it, you can donate to keep the project moving forward.I’ve had FB Purity installed on my desktops and laptops for several years. The browser extension is solid and reliable, and is updated regularly. There are a few unsupported features currently because of the new Facebook look, but on the whole it does an excellent job.

Social Networking More

One of the directors involved in the BitConnect cryptocurrency Ponzi scheme has pleaded guilty to his role in the conspiracy.

This week, the US Department of Justice (DoJ) said that Los Angeles resident Glenn Arcaro has pleaded guilty to the charge of conspiracy to commit wire fraud. Together with the forfeiture of criminal gains, Arcaro faces a maximum penalty of 20 years in prison.The 44-year-old was accused of playing a part in BitConnect, an unregistered securities offering and cryptocurrency scheme that collapsed in 2018. BitConnect promised investors high returns based on investments leveraging market volatility, but in order to participate, traders had to purchase BitConnect Coins (BCC) through Bitcoin (BTC) deposits.  When BitConnect closed, without warning, the price of BCC plummeted and users were unable to access their funds.  At the time, BitConnect operators cited bad press, distributed denial-of-service (DDoS) attacks, and the scrutiny of US regulators as reasons for its exit. Law enforcement then set to work tracking down the scheme’s operators.The DoJ says that investors in the US and abroad lost over $2 billion in what is considered to now be “the largest cryptocurrency fraud ever charged criminally.” In front of US Magistrate Judge Mitchell Dembin, Arcaro admitted to fraudulently conspiring with others to promote the cryptocurrency scam, as well as misleading investors over the proprietary software BitConnect apparently used to track the market and ensure profit.

“In truth, BitConnect operated a textbook Ponzi scheme by paying earlier BitConnect investors with money from later investors,” prosecutors say. As a director, Arcaro took a slice of every investment made through BitConnect’s pyramid lending programs. As much as 15% of each trade went into his pocket and he eventually earned over $24 million. “Arcaro has accepted responsibility for his actions of defrauding thousands of individuals worldwide to invest in BitConnect,” commented Special Agent in Charge Eric Smith, FBI Cleveland Field Office. “He lined his pockets with millions of dollars, money from victims that believed their funds were being invested into a new cryptocurrency with a high rate of return.” In June, SEC charged five alleged members of the BitConnect promoter pool. The regulator claims that in 2017 and 2018, the five promoted and sold securities through the BitConnect lending program, which promised investors returns as high as 40%. Marketing consisted of YouTube content, social media, and ‘testimonials’. The promoters each earned between $475,000 and $1.3 million in commission.  The US Securities and Exchange Commission (SEC) has also filed a complaint against Arcaro and BitConnect founder Satish Kumbhani. The regulator is seeking injunctions and civil penalties. Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Image: Getty Images
Gaming giant Tabcorp has supported the call for banning credit card use by Australians on online gaming platforms, such as betting apps, but its CEO believes such a mandate should be the responsibility of banks.Appearing before a joint committee as part of its inquiry into the regulation of the use of financial services, such as credit cards and digital wallets, for online gambling in Australia, Tabcorp CEO David Attenborough said while his organisation would not oppose a ban on credit cards for online wagering, it would oppose a ban for online lotteries.”I’m not sitting here saying I accept a ban on credit cards for gambling. I’m saying if the committee decides it’s going to ban it, we’re not going to oppose it for online wagering,” he told the Parliamentary Joint Committee on Corporations and Financial Services on Friday.Attenborough said only 14% of transactions through online wagering use a credit card. People already cannot use a credit card in a retail environment — that is a pub, club, or race track, for example.He said a large chunk of those using credit cards gamble responsibly and use it for convenience, but conceded there is a proportion that is much higher risk, and said his organisation recognised this and “wraps a whole bunch of controls around it”.”I don’t think people should gamble with debt,” he said, citing again the reason for not contesting the ban on credit card use.”If that is the solution the committee chooses to do, we will support that, but that legislation needs to be applied to the financial sector because they’re best set up to be able to implement that,” Attenborough said.

The financial services sector has previously testified to the committee that a self-regulated model would allow the gambling sector to adapt to new entrants in the payments space, such as digital wallets and cryptocurrencies, whereas heavy legislation would require too much change to keep up.”Banning credit cards is a blunt instrument and you’re better to put layers of extra risk controls around customers that use them, because at least you’ve got them in a bucket where you can watch them very closely and have extra scrutiny on them,” Attenborough said in response to the proposition.”I think banning them just drives them — if they’ve really got a problem they’re going to find a way around to get their money where they want to gamble it, and then we’ve got to make sure we understand where that’s happening and it might not be visible to us anymore because it will go via a digital wallet, via an intermediary of cryptocurrency, or something and we’ll never even know there was a credit card involved.”See also: Data centre fire ‘likely’ behind TAB’s weekend-long outageWith the use of credit cards in online wagering declining, at least on his platform, Attenborough said legislating the ban would speed this up.”It is an old world form of transacting that’s declining and you’re just going to speed up that and then move it into a multitude of different wallets where the only people that will really know what’s going on will be the financial sector, not us, we won’t have a clue,” he said.”If we got more information from the banks that a card was suspect, we could shut it down. If the banks notified us that this was a problem, we would be able to stop dealing with that problem, but this flow of information doesn’t happen.”In addition, if the ban wasn’t a legislated one, stakeholders such as racing bodies and the merchant that processes the transactions, in this case Mastercard, could interject, Attenborough added. As such, if it becomes law, he said his organisation would need “three to six months at best, nine months at worst, depending on regulators”.Attenborough said, however, a problem gambler would always find a way to get around blocks or bans, adding “it will be the banks that will be able to find them”.On self-exclusion, Attenborough believes more data-sharing needs to occur.”We’ve been quite tough on closing accounts and encouraging customers to exclude and it really frustrates [me] when I read articles that these customers have then gotten themselves into big trouble carrying on betting somewhere else,” he said.”It’s really critical that there is a much better way [to] protect people who have got a problem. It’s still got some privacy issues around it because the way the national exclusion register will have to work is customers will have to lodge themselves into it and there will be some customers that might exclude from us, but don’t choose to lodge themselves into the national exclusion register.”He also claimed that the only way platforms could properly deal with the issue would be through a national regulator. IF YOU OR ANYONE YOU KNOW IN AUSTRALIA NEEDS HELP CONTACT ONE OF THESE SERVICES:Suicide Call Back Service on 1300 659 467Lifeline on 13 11 14Kids Helpline on 1800 551 800MensLine Australia on 1300 789 978Beyond Blue on 1300 22 46 36Headspace on 1800 650 890QLife on 1800 184 527RELATED COVERAGE More

The FBI sent out a notice warning companies in the the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains. The FBI note said ransomware groups are seeking to “disrupt operations, cause financial loss, and negatively impact the food supply chain.””Ransomware may impact businesses across the sector, from small farms to large producers, processors and manufacturers, and markets and restaurants. Cybercriminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems,” the FBI said. “Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs. Companies may also experience the loss of proprietary information and personally identifiable information and may suffer reputational damage resulting from a ransomware attack.”The notice goes on to explain that the food and agriculture sector has faced an increasing number of attacks in recent months as ransomware groups target critical industries with large attack surfaces. Many of the biggest food companies now use an array of IoT devices and smart technology in their processes. The FBI noted that larger agricultural businesses are targeted because they can afford to pay higher ransoms and smaller entities are attacked because of their inability to afford high-quality cybersecurity. “From 2019 to 2020, the average ransom demand doubled and the average cyber insurance payout increased by 65 percent from 2019 to 2020. The highest observed ransom demand in 2020 was $23 million USD, according to a private industry report. According to the 2020 IC3 Report, IC3 received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million across all sectors,” the FBI said. “Separate studies have shown 50-80 percent of victims that paid the ransom experienced a repeat ransomware attack by either the same or different actors. Although cyber criminals use a variety of techniques to infect victims with ransomware, the most common means of infection are email phishing campaigns, Remote Desktop Protocol vulnerabilities, and software vulnerabilities.”

The notice goes on to list multiple attacks on the food and agriculture sector since November, including a Sodinokibi/REvil ransomware attack on a US bakery company, the attack on global meat processor JBS in May, a March 2021 attack on a US beverage company and a January attack on a US farm that caused losses of approximately $9 million. JBS ended up paying an $11 million ransom to the REvil ransomware group after the attack caused meat shortages across the US, Australia and other countries. The FBI also cited an attack in November on a US-based international food and agriculture business that was hit with a $40 million ransom demand from the OnePercent Group. The company was able to recover from backups and did not pay the ransom. The notice lists a number of measures food and agriculture sector companies can take to protect themselves, including having backups, network segmentation, multifactor authentication and proactive monitoring of remote access/RDP logs. The notice came the same week as CISA urged companies to be wary of long weekends considering how many attacks have taken place on holidays this year. While they had no specific threat intel, the notice warned that threat actors know IT teams will be traveling or out of the office over the coming Labor Day weekend. White House deputy national security adviser Anne Neuberger spoke to the press on Thursday urging companies to search for signs of compromise before the long weekend and create action plans in the event of an attack. “We want to raise awareness and this need for awareness is particularly for critical infrastructure owners and operators who operate critical services for Americans,” Neuberger said.”Organizations and individuals should be on alert now because criminals sometimes lay their steps in advance and begin their planning.” More

The SEC handed down sanctions against eight firms this week for a slate of cybersecurity failures that resulted in the leakage of personal data for thousands of people. Cetera Advisor Networks, Cetera Investment Services, Cetera Financial Specialists, Cetera Advisors and Cetera Investment Advisers (collectively, the Cetera Entities); Cambridge Investment Research and Cambridge Investment Research Advisors (collectively, Cambridge); and KMS Financial Services (KMS) were all named by the SEC for lackluster cybersecurity policies that led to “email account takeovers exposing the personal information of thousands of customers and clients at each firm.”All of the firms are Commission-registered as broker dealers, investment advisory firms, or both, according to an SEC statement. The Cetera companies will pay a $300,000 penalty while Cambridge will pay a $250,000 penalty and KMS will pay a $200,000 penalty.The SEC said that from November 2017 to June 2020, 60 cloud-based email accounts of Cetera Entities employees were hacked into, leading to 4,388 customers and clients having their personal information leaked. The SEC did not list the kind of personal information leaked in each case. “None of the taken over accounts were protected in a manner consistent with the Cetera Entities’ policies. The SEC’s order also finds that Cetera Advisors LLC and Cetera Investment Advisers LLC sent breach notifications to the firms’ clients that included misleading language suggesting that the notifications were issued much sooner than they actually were after discovery of the incidents,” the SEC statement said. “According to the SEC’s order against Cambridge, between January 2018 and July 2021, cloud-based email accounts of over 121 Cambridge representatives were taken over by unauthorized third parties, resulting in the PII exposure of at least 2,177 Cambridge customers and clients. The SEC’s order finds that although Cambridge discovered the first email account takeover in January 2018, it failed to adopt and implement firm-wide enhanced security measures for cloud-based email accounts of its representatives until 2021, resulting in the exposure and potential exposure of additional customer and client records and information.”

Fifteen KMS financial advisers had their accounts taken over, leading to the exposure of almost 5,000 customers’ information between September 2018 and December 2019. KMS didn’t change its cybersecurity policies until May 2020 and didn’t even implement those changes until August 2020. Kristina Littman, chief of the SEC Enforcement Division’s Cyber Unit, said investment advisers and broker dealers need to fulfill their obligations concerning the protection of customer information. “It is not enough to write a policy requiring enhanced security measures if those requirements are not implemented or are only partially implemented, especially in the face of known attacks,” Littman said. All of the firms violated the Safeguards Rule protecting customer information and Cetera violated other rules related to erroneous information included in their breach notification letters. “Without admitting or denying the SEC’s findings, each firm agreed to cease and desist from future violations of the charged provisions, to be censured and to pay a penalty,” the SEC said in a statement. Pravin Kothari, executive vice president at cybersecurity company Lookout, said organizations of all kinds need to be aware of the growing risk with their data in the cloud and always protect personal identifiable information and protected health information considering the growing number of regulations on data privacy of individuals, such as GDPR , PCI DSS, HIPAA and CCPA.”Financial services have additional regulations for client data protection such as GLBA, SEC, FFIEC,” Kothari added. Digital Shadows threat intelligence team lead Alec Alvarado noted that the cases revealed the continued targeting of cloud-based email services often results in broader compromise. Account takeover continues to emerge as a significant problem for organizations as the exposed credential database grows, Alvarado said. “A second implication is the potential exposure that can result from a single compromise. Threat actors can easily conduct lateral movement and pivot across compromised infrastructure after they gain initial access,” Alvarado told ZDNet.  More

Companies are increasingly mentioning cybersecurity in their earnings reports, according to a new study from analytics company GlobalData. In the first half of 2021, mentions of ‘cybersecurity’ in earnings transcripts grew by 33%, with particularly stark growth since Q2 2020. Rinaldo Pereira, a business fundamentals analyst at GlobalData, said cybersecurity is one of many tech-related terms increasingly finding their way into earnings reports. Works like “cloud” and “big data” have also been used more often since 2020, Pereira explained. “The lasting shift in digital operations of both business and consumers, coupled with the rising incidences of data breaches, are driving mentions of ‘data security,’ ‘cloud security’ and ‘network security’ in 2021 earnings transcripts,” Pereira said. “The World Bank’s August 2021 announcement of a Global Cybersecurity Fund is likely to drive more discussions around safer digital transitions, M&A and investment, with the rising complexity of cyberattacks.”Cybersecurity-related risk mentions grew at a similar pace in 2020, increasing by about 30% compared to 2019. 
GlobalData
Pereira added that words like “malware,” “ransomware”, and “breach” also featured heavily in cybersecurity discussions in 2021 earnings transcripts. The terms were mostly used as organizations look to invest more in cybersecurity to head off future attacks. 

Pereira told ZDNet that cybersecurity and terms related to it began to be featured in earnings transcripts in 2019 when several major hacks and breaches — including attacks on Facebook, Capital One and First American — drew headlines.”The rise in cybersecurity discussions in 2021 can be attributed to the rising risk of ransomware and malware attacks due to the prolonged work from home trends and rising digital customer channels,” Pereira said. “Companies also seem to be more driven towards procuring cybersecurity services as they continue to be worried of risks posed due to large-scale cyberattacks. It is expected that companies are likely to discuss more cybersecurity investment, M&A in filings with the rising complexity of cyberattacks and breaches and is proving to be a tailwind for the cybersecurity industry.” Pereira explained that cyber events are increasingly having an impact on financial statements in recent years, and discussions around cyber insurance may also rise in the coming months.  More