Adware Is the Malware You Should Actually Be Worried About

When you think of malware, it’s understandable if your mind first goes to elite hackers launching sophisticated dragnets. But unless you’re being targeted by a nation-state or advanced crime syndicate, you’re unlikely to encounter these ultra-technical threats yourself. Run-of-the-mill profit-generating malware, on the other hand, is rampant. And the type you’re most likely to encounter is adware.

In your daily life you probably don’t think much about adware, software that illicitly sneaks ads into your apps and browsers as a way of generating bogus revenue. Remember pop-up ads? It’s like that, but with special software running on your device, instead of rogue web scripts, throwing up the ads. Advertisers often pay out based on impressions, or the number of people who load their ads. So scammers have realized that the more ads they can foist upon you, the more money they pocket.

Ad It Up

Your smartphone offers attackers the perfect environment [...]  read more

Browser Extensions Scraped Data From Millions of People

Europeans had to navigate by the stars this week—well, GPS, but still—after the continent’s burgeoning Galileo satellite navigation network went dark for a full seven days. The incident is a warning for everyone of how fallible the infrastructure of our modern lives really is.

In more uplifting news, security researchers made an app designed to kill, to prove a point about the intense risks of internet-connect health devices, and the need for the companies who make them to stop ignoring them. (Wait, sorry, murder apps are not uplifting.)

We explained how to clear out your zombie apps and online accounts, and why Microsoft’s very serious BlueKeep bug hasn’t wreaked havoc on the Windows devices of the world, yet.

Oh, and we—like everyone else—took note of this week’s viral app, FaceApp, which shows you how you’ll look when you’re old. Though people were quick to point out its security risks, we reminded you that if you’re worried about [...]  read more

The App Creeping on Your IG Location, Jakarta’s Insurance Crisis, and More News

The new app that creeps on your Instagram location, Jakarta is sinking, and all things Comic Con. Fast. Here’s the news you need to know, in two minutes or less.

Want to receive this two-minute roundup as an email every weekday? Sign up here!

Today’s Headlines

This app lets your Instagram followers track your location

Wherever you go, Instagram’s there too. A new app called Who’s in Town offers its users an interactive map of every place the people they follow have geotagged themselves in Instagram posts and stories. While this information is ostensibly available already if you search through someone’s posts, Who’s in Town transforms data into a chronological log of to-ings and fro-ings of anyone who has a public Instagram account. “The amount of data is insane,” said Erick Barto, the app’s creator. “It’s the equivalent of you going through every single story and writing down every single location, just consistently all the time.”

The [...]  read more

The FaceApp Privacy Panic, a Mysterious Satellite Outage, and More News

FaceApp isn’t alone in the land of privacy concerns, a curious week-long satellite outage for Europe has finally ended, and WIRED did the math on what it would take to bike to the moon. Here’s the news you need to know, in two minutes or less.

Want to receive this two-minute roundup as an email every weekday? Sign up here!

Today’s Headlines

Think FaceApp is scary? Wait until you hear about Facebook

Everyone is talking about FaceApp, the app that uses AI to turn your friends into much, much older versions of themselves in photos. Yes, it’s run by a Russian company that sends your photos to its servers, retains rights to use them in perpetuity, and performs AI black magic on them. But before you shake your fist too hard, you should also know a lot of your favorite apps also do that already.

Europe’s week-long satellite outage is over—but serves as a warning

A week of Europe’s Galileo satellite navigation system mysteriously [...]  read more

Think FaceApp Is Scary? Wait Till You Hear About Facebook

FaceApp is a viral lark that takes a convincing guess at what you’ll look like when you’re old. FaceApp is also the product of a Russian company that sends photos from your device to its servers, retains rights to use them in perpetuity, and performs artificial intelligence black magic on them. And so the FaceApp backlash has kicked into gear, with anxious stories and tweets warning you off of its charms. Which, fine! Just make sure you save some of that ire for bigger targets.

The response to FaceApp is predictable, if only because this cycle has happened before. FaceApp went viral when it launched in 2017, and prompted a similar—if far more muted—privacy kerfuffle. But compared to Meitu, that year’s other viral face manipulator, which is quite a phrase to type, FaceApp was downright saintly in its data collection. At least FaceApp didn’t access your GPS and SIM card information. More energy was directed at bigger problems, like FaceApp’s blackface filter. (Yep!)

“This [...]  read more

How To Clear Out Your Zombie Apps and Online Accounts

In these predominantly digital times, it’s all too easy to build up a long trail of unused accounts that are now gathering dust: free trials that you never followed up on, streaming services you abandoned, on-demand clothing boxes that in the end weren’t quite what you were looking for, and so on. In some ways these old accounts aren’t doing any harm besides gathering virtual dust or sending you the occasional email nag. But having too many dormant logins can cause problems from a security perspective. Consider what would happen if the developer behind the app suddenly went rogue, or if the hackers breached the service’s database.

Not only would personal details like your email address or even home address get exposed, it might also give bad actors a route into your bigger, more important, more sensitive accounts. That’s either because you’ve used a major service to log [...]  read more

An Amazon Phishing Scam Hits Just in Time For Prime Day

Next week, Amazon will celebrate Prime Day, a bacchanal of modestly discounted ephemera. But amid the flurry of cheap TVs and ebooks and what else, maybe Instant Pots? Watch out for this clever phishing campaign that might hit your inbox.

Researchers from security company McAfee today have shared details of a so-called phishing kit, which contains the tools an aspiring hacker would need to kick off a phishing campaign, designed to target Amazon customers. While McAfee discovered this particular kit in May, it appears to be a spinoff of one that had targeted Apple users in the US and Japan last November. The kit is called 16Shop; its author goes by the handle DevilScreaM.

In both the Apple and Amazon campaigns, 16Shop makes it easy for anyone to craft an email that looks like it comes from a major tech company, with a PDF attached. That PDF contains links to malicious sites that have been gussied up to look like, in this most recent case, an Amazon log-in page. Anyone who [...]  read more

Palantir Manual Shows How Law Enforcement Tracks Families

On Zoom conference calls across the US this week, brows furrowed as the news broke that the video conference company had a flaw in its backend that could give hackers access to people’s webcams. Worse, Zoom seemed at first unwilling to fix the problem. Thankfully, hours after the initial reports, Zoom backtracked and issued a new fix to solve underlying vulnerability. You can go back to Zooming your brilliant brainstorms in peace, everyone.

According to a new report this week, a Magecart hacking group has been breaking into misconfigured Amazon Web Services buckets, scanning the contents of 17,000 domains, and stealing any goodies—like credit card numbers used on some ecommerce sites.

In other Amazon news, are you ready for Amazon Prime Day on Monday? Phishing scammers sure are. In fact, in the last few weeks scammers have pushed a whole phishing toolkit targeting Amazon customers. Beware.

Also this week, we explained how to keep your kids’ [...]  read more

The Window to Rein In Facial Recognition Is Closing

In the wake of jarring revelations about how United States law enforcement agencies have deployed facial recognition, Congress seemed, for a moment, galvanized to act. Based on a Homeland Security Committee hearing in the House Wednesday, that moment appears to be fading—as hundreds of local, state, and federal law enforcement officials continue to amass and access the controversial data every day.

Some municipalities—San Francisco and Somerville, Massachusetts, among them—have proactively banned law enforcement’s use of facial recognition. And more localized entities, like the New York State Education Department, have barred it in certain circumstances as well. And even police bodycam maker Axom has declined to incorporate it into its products. But the longer Congress declines to act on a broader level, the more entrenched the technology becomes and the harder it will be for opponents to overcome its inertia.

Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.

That tension played out on Capitol Hill Wednesday, [...]  read more

Zoom Will Fix the Flaw That Let Hackers Hijack Webcams

After initially saying that it wouldn’t issue a full fix for a vulnerability disclosed on Monday, the video conferencing service Zoom has changed course. The company now tells WIRED that it will push a patch on Tuesday to alter Zoom’s functionality and eliminate the bug. You should update Zoom now.

The Zoom controversy stems from the service’s slippery video streaming settings that launch instantly on Macs when users join a call. Late Monday evening, the company published an extensive statement defending the practice and addressing other bugs found by security researcher Jonathan Leitschuh. But it declined to fully address the concern that an attacker could distribute a malicious Zoom call URL, trick users into clicking it, and then open a channel to their lives when their webcam automatically activated. Zoom originally said that it would adjust the settings by which a user chooses to launch video by default with every call.

Yuan shared the news in one of the Zoom meetings [...]  read more