Connect with us

Cybersecurity

Data Is Gold: Alipay May Not Have Leaked Transaction Data But Someone Else Did

Published

on

Alipay Data Selling Debunked

Following the discovery of the database that contained millions of user transaction data from Alipay, the cybersecurity expert who exposed the vulnerable database confirmed, Alipay themselves did not leak the data.

This statement confirms his earlier theory that a third party, possibly a small scale loan company, have sold data they gathered from customers who submitted their Alipay login credentials for review to another data aggregator.

In a recent tweet, Victor Gevers said that the server where the database came from does not belong to Alipay because the China-based mobile money processing company uses OceanBase to store their data. He also noted that Alipay’s data structure is completely different from that of the discovered database confirming that the data was not shared or leaked by the financial company.

Read more: CYBERSECURITY RESEARCHER SAYS MOBILE PAYMENT PLATFORMS ARE SELLING YOUR DATA TO THIRD-PARTIES

A few days ago, Gevers accused Alipay of selling their users’ financial transaction data to third-party companies for “marketing and advertising purposes.” He said that many of these third parties cannot handle sensitive information and store them in unsecured databases.

He also accused that payment providers “will always SELL you out.”

The database was eventually locked down within an hour after Gevers shared his discovery.

Alipay pushed back and shut down the allegations made by Gevers in an email they sent to Z6mag.
According to Andy Duberstein, a spokesperson from the company, “the protection of user privacy and data security is at the core of our business and the utmost importance to Alipay.”

Read More: ALIPAY SHUTS DOWN ALLEGATION OF SELLING USER DATA TO THIRD-PARTY COMPANIES

He assured their users that the company and its affiliates do not sell user data to third parties.

Conversely, the Duberstein offered an explanation for how data of Alipay users ended up in the database that Gevers discovered. He said that after their thorough investigation, they understand that some Alipay customers submitted their Alipay account names and passwords to a certain online lending platform. Such information was obtained by crawler companies that work with these online lending companies and was then stolen by hackers.

This theory provided by Alipay coincided with the initial theory offered by Gevers and another Twitter user who called out the lack of proof of Gever’s claims that the company sells data to the third party.

“Alipay always strictly enforces its data security and privacy protection policies. We only collect limited and necessary information that will be used to better serve our users with their prior consent,” Alipay Spokesperson Andy Duberstein added.

DATA WAS TOO BIG FOR A THIRD PARTY TO GENERATE ON ITS OWN

Meanwhile, Gevers raised concerns over the amount of data that was exposed. He said that the dataset was so humongous considering the time frame. For the last three months, the database contains 1.2 billion records. He questions how many lending platforms can generate such an amount of data in just three months. He noted that even Paypal, one of the biggest online money processing company, does not even come close to that number.

“The data was not anonymized. The datasets are way too big for a third party. Someone handed the data over to a third party – voluntarily, or they were hacked. We have seen third parties handling transaction data from financial institutions poorly before. That is why [I] shared all the information immediately after the database was secured,” Gevers told Z6Mag in a private chat.

DATA IS GOLD

The discovery of the said database has raised concerns of China’s Fintech industry, according to Gevers. He noted that most financial data leaks happen because sources trust third parties with their data. Most of the time in Fintech, experts see third parties doing machine learning and analytics to generate insight.

And these insights have a “pretty good value” according to Gevers.

“Knowing what the Chinese people are spending their money on based on one of the biggest financial institutions has a very high market value in and outside China,” he said.

That is why he could not blame Alipay if in case they indeed sold the data (which in this case, they did not). While he believes that the dataset did not directly come from Alipay, he said that the dataset as big as what he uncovered is a sign that it was exchanged with consent.

“That is why I made the statement that financial institutions will sell us out. Data is the new gold. And these financial institutions are not charities. They want to make money, and they have a lot of data. It’s like telling a kid not to take a cookie from the huge glass cookie jar that is right in from of them on the table,” he added.

CRYPTO-CURRENCY IS THE GREATEST LEAP FORWARD AGAINST BREACH BY FINTECHS

When asked about what could have been done to prevent financial companies from selling transaction data, he said that strict regulation could do it, but financial institutions will still not resist the temptation.

“Maybe one day, cryptocurrency and Blockchain technology will make us independent from these financial institutions. That would be the greatest leap forward we could make,” Gevers added. /apr

A Consumer Tech and Cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Cybersecurity

Indictment Against Hackers Involved In Anthem Data Breach Unsealed

Two men are indicted for allegedly part of a group of hackers from China linked in the Anthem Insurance data breach in 2015. Click To Tweet

Published

on

Twor men are indicted for allegedly part of a group of hackers from China linked in the Anthem Insurance data breach in 2015.
The indicted individuals are allegedly part of a group of hackers from China linked in the Anthem Insurance data breach in 2015. Photo: Tim Reckmann | a59.de | Flickr | CC BY 2.0

Two men were indicted in the U.S. in connection with the data breach at the health insurance company, Anthem, that siphoned more than 78.8 million customer and employee records between 2014 and 2015.

The Justice Department recently unsealed an indictment against two people who prosecutors say are part of a sophisticated hacking network group, based in China that was behind not only in Anthem data breach, but also the attacks against three other US businesses.

While the Justice Department did not name the said Chinese hacking group victimized the three other businesses who they said, they said that these companies were “data-rich.” One was a technology business, one was in necessary materials, and the third was in communications. They said that all of these three companies store a substantial amount – and some confidential – of data on their servers and data networks.

The suspects are 32-year-old Wang Fujie with the Western name of “Dennis” and another one that until now remained unnamed. The Justice Department could not find the real name of the unnamed man but said that he goes by various online nicknames such as “Daniel Jack,” “Kim Young” and “Zhou Zhihong.”

The charges are one count of conspiracy to commit fraud and related activity in relation to computers and identity theft, one count of conspiracy to commit wire fraud, and two counts of intentional damage to a protected computer.

According to the indictment documents, the hacker group where Dennis and the unnamed man belongs have carried out attacks using “sophisticated techniques” including spearphishing and malware from February 2014 and up until around January 2015.

They allegedly sent tailored spearphishing emails with links to malware and sent them to employees at the target companies. Once the targeted employee opened the email, the system would get affected by the malware that would later plant a backdoor Trojan that gives the hackers remote access via their command and control servers.

Wang is also accused of having set up the servers, hosted in California and Arizona that were used in the Anthem attacks.

The cyber attack suffered by the insurance company has had them cough up large amounts of money as settlement, making it the most significant data breach settlement ever. In 2017, the company agreed to pay $115 million to settle a class action suit over the breach.

The Anthem attack is also the most massive health insurance data breach, and the amount of data lost to the hackers dwarfed the biggest data breaches in the following years with 11 million breached at Premera and 10 million from Excellus.

The DOJ through a press release and Assistant Attorney General Brian Benczkowski called the hacking event as “unprecedented.”

“The allegations in the indictment unsealed today to outline the activities of a brazen China-based computer hacking group that committed one of the worst data breaches in history. These defendants allegedly attacked U.S. businesses operating in four distinct industry sectors and violated the privacy of over 78 million people by stealing their PII. The Department of Justice and our law enforcement partners are committed to protecting PII, and will aggressively prosecute perpetrators of hacking schemes like this, wherever they occur.”

Meanwhile, another set of indictments were released by the Justice Department against European hackers over the hacking of different private and public institutions in the United States. Ten individuals were charged with conspiracy to commit computer fraud, conspiracy to commit wire and bank fraud and conspiracy to commit money laundering.

The ten people who were charged were allegedly involved in the malicious software attacks that infected tens of thousands of computers and caused more than $100 million in financial losses, the US and European authorities announced Thursday.

According to the officials who filed the charges, the malware, which enabled cybercriminals and hackers from Eastern Europe infiltrate computer systems remotely and siphon funds from victim’s bank accounts, targeted companies and institutions across all sectors of American life.

The victims of the malware attacks included a Washington law firm, a church in Texas, a furniture business in California and a casino in Mississippi.

The investigation started following the dismantling of a network of computer servers, known as Avalanche, which hosted more than two dozen different types of malware. The Justice Department had successfully taken their operation apart in 2016.

Continue Reading

Cybersecurity

Winnti For Linux: Researchers Found Linux Variant Of Malware Used By Chinese Hackers In 2015

A Linux version of Winnti malware was discovered by tech researchers from Chronicle. The malware was used in 2015 by Chinese hackers. Click To Tweet

Published

on

A Linux version of Winnti malware was discovered by tech researchers from Chronicle. The malware was used in 2015 by Chinese hackers.
The discovered Linux malware bears significant similarities with its Windows counterpart. Photo: Christiaan Colen | Flickr | CC BY-SA 2.0

Linux systems are cybersecurity kings, but on a historic first, tech researchers have found a variant of a widespread malware, a favorite of Chinese hackers, have been discovered in a Linux system.

The discovery was made by researchers from the Chronicle, Alphabet’s cybersecurity department. The researchers revealed that they found a Linux variant of the Winnti malware that works as a backdoor on infected hosts, granting attackers access to compromised systems. It was the malware used by Chinese hackers in the high-profile cybercrime against a Vietnamese game company in 2015.

Chronicle researchers said that they discovered the malware following the news that Bayer, one of the biggest pharma company in the world, had been hit by Chinese hackers, and the Winnti malware was discovered on its servers.

After the team scanned Bayer’s system using its VirusTotal platform, they found what appeared to be a Linux variant of the Winnti, dating back to 2015 when it was first used by Chinese hackers to attack a Vietnamese gaming company.

According to the Chronicle, the malware that they have discovered comes in two parts: a rootkit to disguise the malware in the infected host and the actual backdoor Trojan. Further analysis the discovered Linux variant of the Winnti malware bears a lot of similarities to the malware’s Windows version. Other connections with the Windows version also included the similar way in which the Linux variant handled outbound communications with its command-and-control (C&C) server — which was a mixture of multiple protocols (ICMP, HTTP, and custom TCP and UDP protocols).

“As with other versions of Winnti, the core component of the malware doesn’t natively provide the operators with distinct functionality. This component is primarily designed to handle communications and the deployment of modules directly from the command-and-control servers. During our analysis, we were unable to recover any active plugins. However, prior reporting suggests that the operators commonly deploy plugins for remote command execution, file exfiltration, and socks5 proxying on the infected host. We expect similar functionality to be leveraged via additional modules for Linux,” said the researchers in their comprehensive report.

Lastly, the Linux version, just like the Window’s version, also has the ability for Chinese hackers to initiate communication with the infected host without going through the C&C servers – distinct characteristics in Windows Winnti.

“This secondary communication channel may be used by operators when access to the hard-coded control servers is disrupted,” Chronicle researchers said in a report published last week.

While infecting Linux systems is something already done especially by American and Russian hackers, it is also extremely rare, as pointed out by the Chronicle.

“Clusters of Winnti-related activity have become a complex topic in threat intelligence circles, with activity vaguely attributed to different codenamed threat actors. The threat actors utilizing this toolset have repeatedly demonstrated their expertise in compromising Windows-based environments. An expansion into Linux tooling indicates iteration outside of their traditional comfort zone. This may indicate the OS requirements of their intended targets, but it may also be an attempt to take advantage of a security telemetry blindspot in many enterprises, as is with Penquin Turla and APT28’s Linux XAgent variant,” added Chronicle.

Meanwhile, malware have become one of the most common tools to attack computer systems, even those of public institutions. A few days ago, ten Europeans were indicted for the malware attacks that have victimized several businesses and government agencies in the U.S.

The ten people who were charged were allegedly involved in the malicious software attacks that infected tens of thousands of computers and caused more than $100 million in financial losses, the US and European authorities announced Thursday last week.

The victims of the malware attacks included a Washington law firm, a church in Texas, a furniture business in California and a casino in Mississippi.

The charged individuals are now facing conspiracy to commit computer fraud, conspiracy to commit wire and bank fraud and conspiracy to commit money laundering.

The investigation started following the dismantling of a network of computer servers, known as Avalanche, which hosted more than two dozen different types of malware. The Justice Department had successfully taken their operation apart in 2016.

Officials reveal that the malware in the current court case has infected more than 41,000 computers by disguising as legitimate messages or invoice and was sent as spam emails. Once the email was opened, hackers will be able to record all keystrokes in the infected computer, sweeping data like baking information and wire money away from the victim’s account.

Continue Reading

Cybersecurity

10 European Cybercriminals Charged For Malware Attacks In The US

European and US Officials collaborated to pin down ten individuals in connection with the ransomware attacks in the US. The charges include facing conspiracy to commit computer fraud, conspiracy to commit wire and bank fraud and conspiracy… Click To Tweet

Published

on

European and US Officials collaborated to pin down ten individuals in connection with the ransomware attacks in the US.
European and US Officials collaborated to pin down ten individuals in connection with the ransomware attacks in the US. Photo: Christian Cohen | Flickr | CC BY-SA 2.0

The tech world has agreed that ransomware and malware are becoming one of the most prolific cyber attacks in recent (more…)

Continue Reading

Today’s Latest

Our Voices

Silicon Valley Silicon Valley
Our Voice2 days ago

How Tech Companies Affect Communities In Places They Call ‘Home’

Tech companies are today’s driving forces in the economic world, mostly because of the introduction of the Internet. It allows...

We reviewed RingCentral's VoIP offers We reviewed RingCentral's VoIP offers
Our Voice6 days ago

RingCentral VoIP Review

VoIP has had a significant shift from a technology exclusively used by the early adopters or hobbyist to a widely...

April Fools April Fools
Our Voice2 months ago

April Fools Jokes Aren’t Just “Jokes”

April Fools is undoubtedly a fun day, exceptionally if you have crafted the most elaborate prank on your friends and...

Facebook Facebook
Facebook2 months ago

Facebook Should Do Better At Processing Community Standard Violations, And They Should Do It Fast

A few months ago, I saw a photo of myself used by another Facebook account with a “R.I.P. (Rest in...

With reports of artists committing harassments, should you separate the art from the artist? With reports of artists committing harassments, should you separate the art from the artist?
Our Voice2 months ago

Supporting Problematic Artists And Their Arts, An Opinion

As the world becomes swarmed by reports of famous artists – musicians, comedians, actors, painters – being alleged or in...

How to regulate facial recognition without possible risks How to regulate facial recognition without possible risks
Our Voice2 months ago

Ethical Regulation Of ‘Facial Recognition’ Is A Shared Responsibility

There is an ongoing discussion both in online and offline spaces regarding the growth of facial recognition technology and its...

Solving Data Breachs, must focus on SMBs Solving Data Breachs, must focus on SMBs
Cybersecurity2 months ago

Data Breach Epidemic: Solving The Problem In SMBs Will Solve The Problem For All

In the last two weeks, we’ve witnessed a vast amount of data breaches and information leaks, and the issue has...

Here's why we agree to Jacinda Ardern, New Zealand Prime Minister words of not naming mass shooter suspects Here's why we agree to Jacinda Ardern, New Zealand Prime Minister words of not naming mass shooter suspects
Our Voice2 months ago

We Agree To PM Ardern Of Keeping Christchurch Murderer Nameless, And The Media Should Listen

In the wake of Christchurch mosques shooting in New Zealand that killed 50 people at two mosques, the shooter is...

Apple Anti-Snooping Paten Apple Anti-Snooping Paten
Apple2 months ago

Apple vs. Police Authorities; A Cold War Against iPhone’s Anti-Snooping Patent

To protect its customers from hackers and illegal surveillance, Apple is developing an anti-snooping technology that would impede police and...

Fighting misinformation over measles outbreak Fighting misinformation over measles outbreak
Our Voice2 months ago

An Epidemic: Measles Or Misinformation?

2018 was the year when people started asking the question: ‘should I get my child vaccinated?’ Most people answered yes,...

Join us as we delve into the future of the VoIP industry Join us as we delve into the future of the VoIP industry
Our Voice3 months ago

Take A Look At The Predicted Future Of The VoIP Industry

For the past 20 years, VoIP has become an integral part of the lives of millions of people around the...

Contact Center Solutions Contact Center Solutions
Business3 months ago

Choose The Right Call Center And The Best Contact Center Solutions of 2019

The Ins And Outs Of Business Communication Management For your business to exist in today’s world, you must know how...

Instagram poses as a threat to some of the world's most famous location Instagram poses as a threat to some of the world's most famous location
Our Voice3 months ago

How Instagram Corrupts Famous Locations In The World

Is Instagram corrupting the beauty of breathtakingly beautiful locations and sucking all the joy out of traveling? With the era...

How one can earn crypto How one can earn crypto
Our Voice4 months ago

Ways To Earn Cryptocurrency

Cryptocurrency is one of the growing medium for exchange in most countries as it offers a more convenient and safer...

Ending Payday Loans Ending Payday Loans
Our Voice4 months ago

Can We End Payday Loans?

We can’t neglect the fact that debt is one of the pressing problems in the country, especially in today’s economy....

How will 5G change our lives -- Our Voice How will 5G change our lives -- Our Voice
Our Voice4 months ago

Jumping From 4G To 5G: Here’s What 5G Can Do For You

One of the most awaited advancements in technology is the cellular industry. With its monthly updates on software, model and...

VoIP vs Traditional Telephones: Cost Factors to consider VoIP vs Traditional Telephones: Cost Factors to consider
Our Voice4 months ago

What are the cost factors of VoIP?

In the next few years, we might be saying goodbye to traditional telephone systems in exchange for Voice over Internet...

Manufacturing Firms Investment on Technology Manufacturing Firms Investment on Technology
Our Voice5 months ago

Manufacturing Firms are Investing More on Technology

Based on the recent research on how manufacturing companies are coming up in the market industry, they have been increasing...

How to properly take Technology Innovation in companies How to properly take Technology Innovation in companies
Our Voice5 months ago

Technology innovation in companies—for the better or the worse?

Technology has significantly impacted both homes and workplaces in the last years. As much as we want to keep our...

Trending