Avira’s free crypto mining service | #cybersecurity | #cyberattack | #hacking | #aihp

The top tweets are based on total engagements (likes and retweets) received on tweets from more than 150 cybersecurity experts tracked by GlobalData’s Technology Influencer platform during the first quarter (Q1) of 2022.

The most popular tweets on cybersecurity in Q1 2022: Top five

1. Briankrebs’ tweet on Avira’s free crypto mining service

Briankrebs, an independent investigative journalist, shared an article on Avira Free Security antivirus software users being introduced to crypto mining. A product of software company Avira Operations, the free antivirus has more than 80 million users who were recently introduced to a service called Avira Crypto that allows customers to make money by mining virtual currency. Avira Operations was acquired in January 2021 by cybersecurity software and services provider NortonLifeLock (previously Symantec), which also owns antivirus and security software Norton 360.

The Avira Crypto service allows users to use their computer’s idle time to mine the digital currency Ethereum (ETH), the rewards of which are distributed to all members in the mining pool. The article highlighted that Avira was introducing crypto mining to users unfamiliar with cryptocurrency, which comes with its own set of security and privacy challenges.

Username: briankrebs

Twitter handle: @briankrebs

Likes: 1,371

Retweets: 1,139

2. Joseph Cox’s tweet on hackers breaching Russian Space Research Institute’s website

Joseph Cox, a cybersecurity journalist at a technology website Motherboard, shared an article on hackers breaching into a website related to Russia’s Space Research Institute (IKI). The hackers posted messages on a subdomain of the site and also leaked many files from Roscosmos, the coordinating hub for Russian space activities. The hacking incident follows a surge in cyber-attacks against Russia due to its military invasion of Ukraine. The impact of the hack seem limited although some individuals claim that it compromised Russian targets, the article noted.

The hackers called v0g3lsec took responsibility for the attack on Twitter. The hackers further claimed that the leaked Roscosmos files included handwritten forms, and spreadsheets in Russian and English about lunar missions, and other PDF files, the article highlighted.

Username: Joseph Cox

Twitter handle: @josephfcox

Likes: 938

Retweets: 274

3. Chris Wysopal’s tweet on Korean researchers developing a set of attacks against SSDs

Chris Wysopal, co-founder and chief technology officer at software company Veracode, shared an article on researchers from Korea University developing a set of attacks against some solid-state drives (SSDs) that can plant a malware in a location that cannot be reached by the user or security solutions. The attack models target a concealed area on the device called over-provisioning (OP), which is used by SSD manufacturers to improve performance on NAND flash-based storage systems, the article detailed.

One of the attacks modelled by the researchers targets an invalid area with non-erased information that lies between the SSD space and the over-provisioning (OP) area, whose size is directly dependent on the two areas. A hacker can use the firmware manager to modify the size of the OP area, resulting in vulnerable invalid data space, the researchers concluded. In a second attack model, the OP area is used by the hacker as a secret place where users cannot monitor and a threat actor can place the malware.

The article highlighted that the research demonstrates how the OP area can be accessed without authorisation although such attacks are unlikely to be taking place currently. Strong defences should be placed against unauthorised access to the SSD management app, the article added.

Username: Chris Wysopal

Twitter handle: @WeldPond

Likes: 852

Retweets: 344

4. Kim Zetter’s tweet on FBI warnings about QR codes being used for malware attacks

Kim Zetter, an investigative journalist, shared an article on the US Federal Bureau of Investigation (FBI) raising awareness about cybercriminals tampering with Quick Response (QR) codes to redirect users to malicious sites that can steal login information and financial information. QR codes are used by businesses to offer contactless access, which have become more common during the Covid-19 pandemic.

The technology, however, is being used by cybercriminals to lure victims to fraudulent websites to steal their personal and financial information, and to insert malware to gain access to the victim’s device and redirect payments for cybercriminal use. The FBI listed some measures to protect users from scanning QR codes such as checking the uniform resource locator (URL) of website, avoiding app downloads from a QR code and avoiding QR code scanner app downloads, the article noted.