When it comes to cyberstalking, the first thing you need to do is understand what it is. Cyberstalking consists of someone that harasses or threatens another person through email or instant messaging for an extended period. It can also be a situation where someone has been following you around on social media and commenting on everything you post. If this sounds like something that might happen to you, there are some things that you should know about how to protect yourself against it! 

The central government has also introduced some strict cyberstalking laws to protect the country’s citizens. Cyberstalking is a serious threat, and you should never take it lightly. Moreover, you must be careful and always look upon taking safety measures for yourself. This article will go over some of the steps you can take to protect yourself against cyberstalking.

What Is Cyberstalking?

Cyberstalking can be defined as using the technology in the wrong manner to harass, threaten, embarrass or cause distress to another person to make them feel intimidated and fearful for their safety. Often this is done anonymously because even though they are not physically next to you, they can get close enough to be a threat. Cyberstalking is not just limited to stalking someone through the internet.

It can also include making repeated phone calls or sending unwanted messages on social media sites like Facebook and Twitter. Stalkers may watch your every move by tracking you online using GPS services. So, if there have been any threats occurring or computer viruses at home and online security, you must report the police without any delay.

How Is Social Media Stalking Different From Cyberstalking?

Cyberstalking is a form of harassment that occurs through the Internet and other electronic means. It may involve one or more perpetrators who continue to harass, threaten, track, and verbally abuse someone else online. Social stalking is when an individual makes indirect contact with another person using social media sites like Facebook to get information about them without their knowledge.

Cyberstalking can be extremely dangerous and damaging to the victim’s mental health. At the same time, social media stalking is usually seen as a harmless way of gaining information about someone on an online profile or through their friend’s list. Victims of cyberstalkers may feel unsafe in both their personal and professional lives.

Anti-Cyberstalking Tips

• Perform regular security updates on your software and hardware systems (e.g., operating system, browsers), and these will also help you avoid malware attacks.
• Be careful when opening attachments in emails or clicking links from suspicious sources – they may contain malware that allows cyberstalkers to take control of your devices remotely without your knowledge.
• Make complex passwords and do not share them with anyone. Furthermore, make sure to change your passwords much of the time.
• Utilize the protection settings in the entirety of your online records to restrict your Internet imparting to those external you confided in a circle.
• Be cautious about permitting actual admittance to your PC and other web-empowered gadgets like cell phones. Cyberstalkers can utilize programming and equipment gadgets to screen their casualties.
• Educate yourself about cyberstalking and the security settings in your gadgets, and then take the necessary precautions to protect yourself.
• Secure your home and workplace against cyberattacks by using anti-theft software such as antivirus, firewalls, and spyware removal tools that contain malware detection capabilities.
• Talk with someone you trust about what is happening if you are experiencing stalking or online harassment.
• Be aware of your online presence and that of your children, and make sure they understand the dangers.
• Report cyberstalking to law enforcement. If you have been a victim of cyberstalking, call the National Domestic Violence Hotline. They can provide victims with support and guidance on the following steps to take.
• Delete any offensive messages and block the sender if you do not want to interact with them. Closeout of chat windows that are no longer being used to avoid having someone watch from a distance via webcam or video feed.

Wrapping Up On Cyberstalking Laws

With the rise in cyberstalking cases, it’s more important than ever to know how to protect yourself against this crime. The first thing you can do is delete any information about your physical location and personal life on social media. It would be best if you also refrained from posting too much about what you’re doing at all times of the day. 

Combined with strong privacy settings, these measures will help ensure that stalkers don’t have as much access to your online presence and whereabouts. If you suspect someone has been stalking or harassing you over the internet, contact a lawyer immediately for legal advice on the next steps, like contacting law enforcement agencies or through civil lawsuits if necessary.

Data violation is a threat that can influence your life and business which can be far more than a temporary danger. When it comes to the information breach, any kind of company, specific and even federal government can deal with such dangers as well as you can deal with big problems if your delicate data or individual details are leaked. A data violation can have a great effect on your service if your sensitive information is leaked or a person obtains access to the business secrets as that can influence the credibility of the firm. Numerous firms have been a victim of the data breach.

Hackers or cybercriminals can reach you with different means like they can access your device via Bluetooth, SMS message, or the web that you are using. Internet is a platform on which every person is doing something, some are obtaining internet service for entertainment functions, some obtain internet service to do video gaming and after that, some get internet service for work objectives. If a person obtains access to your device, your identification can be stolen. Hackers usually access your device via the internet and you deal with the consequences afterward.

If one does not take data breaches seriously, it can be really harmful. You need a secured internet connection so no person can quickly access your data. If the data is not encrypted when you do streaming online or do any kind of work, the data on your devices would be easily available to hackers or unauthorized people and they can get access to your device or your computer system and your sensitive information can quickly be revealed. We are most likely to speak about how data breaches occur as well as what preventative measures we can take to avoid data violations.

How Does a Data Breach Happen?

Data breaches occur by various techniques used by hackers to enter into your device or system to access your sensitive information. The following are a few of the techniques used by hackers.

Phishing Attacks

Hackers usually trap internet users into clicking links that are not secured and then once you open up the link, they will get access to your system or device. Normally, hackers send phishing emails to enter your system. They use this method to obtain access to your personal data and also you can have a huge loss.

Public Wi-Fi

Using a public Wi-Fi hotspot is so typical in the U.S. state as there are different areas where public Wi-Fi hotspots are available. Making use of public Wi-Fi can cause a data violation as the data is not encrypted and also once your tool gets linked to the Wi-Fi, any person can conveniently access your data and also can mislead you right into clicking unprotected web links.

Weak Credentials

Most of the data violations occur due to the fact that people don’t pay attention to their credentials. They always leave a pattern while setting up their credentials and that benefits the hackers to enter your system and your account.

What to Do to Protect your Business

Following are 5 really important tips that help prevent data breaches and help in protecting your personal information and systems.

Get an Internet Security Suite

While getting internet service, make sure to get an internet security suite as that will help in securing your data and it will not be simple for hackers to obtain access to your personal information. Getting an internet security suite will certainly be beneficial for the business or even for individuals. There are several internet service providers like AT&T internet that provide a web security suite. You can take a look at the AT&T internet packages and can see how you can get internet security in addition to internet service. This suite will secure your data and will also protect your devices from unsecured web links and also phishing attacks.

Perform Regular Vulnerability Assessments

Companies must do routine vulnerability assessments to make certain that everything is protected at their end. Companies must have a department that analyzes on a normal basis instead of doing it once a year or a month as that gives the hackers time to find out the new patterns you adhere to.

Educate Yourself as Well as Your Employees

Firms need to educate their workers on safety to make certain that the devices they are using are secured. You need to inform on your own and also your children about internet safety due to the fact that the majority of data breaches occur because people generally do not take this seriously which causes data breaches, and afterward, you face the consequences. Your identification can be stolen and your firm’s secrets can be exposed.

Beware of Phishing Attacks

A lot of the violations happen due to human mistakes. You should beware of phishing emails and also web links and also must never ever click any web link which you are not aware of. Never ever open any kind of email that you receive from an unknown individual as that will certainly be the reason for data breaching. Immediately report to your security team regarding such emails as well as internet links so that they can take action promptly.

Backup and Encryption

Make sure that your tools are encrypted as well as you are doing a backup of your data by utilizing the cloud solution so if by any chance someone hacks your systems, your data continues to be safe.

Conclusion

Information breaches can have a great effect on your business’s reputation if the company’s personal data gets leaked. We have numerous examples of the damages brought on by data breaches. Ensure that you take all the safety precautions so you do not end up being a victim of it.

More than 40% of all internet traffic comes from bots, and a quarter of total internet traffic comes from malicious bots. 

This is why it’s important to detect the presence of bad bots as soon as possible and manage their activities accordingly. In short, a functional bot mitigation strategy is crucial for any business and even individuals with an online presence. 

What Is Bot Mitigation

A key aspect of bot mitigation is to identify the bot traffic and properly distinguish bots from legitimate users, but there are other aspects to bot mitigation we should consider. 

First, it’s crucial to understand that not all bots are bad. Bots are by nature, just tools. They are computer programs that are programmed to execute automated processes without any human intervention. These bots can execute repetitive tasks at a much faster rate than any human user ever could, and so they aren’t necessarily good or bad, it all depends on how the process/task it performs. 

With that being said, there are actually many good bots that are beneficial to our site, application, and/or business, like Google’s crawler bot. Yet, there are indeed bad bots operated by cybercriminals to perform many malicious tasks. 

Thus, a crucial aspect of bot mitigation is distinguishing between good bots and bad bots based on signatures, behaviors, and other factors. 

Another important aspect of bot mitigation is what we will do to malicious bot traffic once it has been properly identified. 

Completely blocking the bot and denying it from accessing our site’s resources might seem like the best and most cost-effective approach at first glance, but it isn’t always the best approach in all situations. 

Block or Not Block Bot Traffic

There are two main reasons why blocking bot traffic isn’t always the best approach. 

The first has been briefly discussed above: we wouldn’t want to accidentally block good bots, and even worse, legitimate human traffic. This is an issue we know as false positives. 

The thing is, today’s bad bots have become so sophisticated in masking their identities and impersonating human behaviors. Bot programmers are now really advanced and many have adopted the latest technologies, including AI to hide the bot’s presence. 

So, even distinguishing between bot traffic and human users is already challenging enough, much worse differentiating between good bots and bad bots. When we aren’t sure about the identity of the suspected malicious bot, then blocking is not a good idea. 

The second reason is that blocking will not stop persistent cyber criminals from attacking your site. They will simply modify the bot to bypass your current bot mitigation measures, and they may also use information you’ve accidentally provided, for example in your error messages when blocking the bot, in upgrading this malicious bot. 

In such cases, blocking the bot can be counterproductive, and this is why there are other bot mitigation strategies you should consider. 

Bot Mitigation Approaches To Consider

If blocking the bot isn’t always the best approach, what are the alternatives? Here are some bot mitigation techniques to consider: 

1. Rate Limiting

A key principle to understand when mitigating bot activities is that bots run on resources, which can be expensive. Thus, all bot operators would like the bot to execute the tasks as fast as possible while also using as few resources as possible. 

Rate limiting, or throttling, works based on this principle: by slowing down our reply to the bot’s requests (i.e. lowering bandwidth), we can significantly slow down this bot’s operation without letting it achieve its objective.

The hope is that by slowing it enough, the bot operator will be discouraged and will move on to another target. 

2. Feeding Fake Data

Similar in principle to rate limiting, but here instead of slowing down our bandwidth, we’ll reply to the bot’s requests with fake content. For example, we can redirect the bot to a similar page with thinner or modified content to poison its data. 

Again, by letting the bot wastes resources, the hope is that the attacker will simply move on to another website instead of persistently attacking yours. 

3. Challenging The Bot With CAPTCHA

When we aren’t completely sure about the identity of a client (whether it’s a bot or a human user), a fairly effective approach is to challenge the client with CAPTCHAs or CAPTCHA alternatives. 

Keep in mind, however, that CAPTCHAs are not a one-size-fits-all solution and might not be ideal in certain cases: 

• The most sophisticated bots with AI technologies can effectively solve CAPTCHA challenges.
• While we can make the CAPTCHA more difficult and challenging for bots, it will also increase the difficulty for human users, which may ruin our site’s user experience
• With the presence of CAPTCHA farms, CAPTCHA isn’t effective in stopping persistent attackers who are ready to invest in the services of these CAPTCHA-solving farms. 

It’s worth noting, however, while CAPTCHA isn’t bulletproof, it is still a fairly effective bot mitigation technique in various situations to defend against less sophisticated bots. Use it tactically and sparingly. 

When To Block The Bot Traffic

Blocking the bot traffic altogether remains the most cost-effective approach in theory since we wouldn’t need to process the bot traffic and use our resources in any way. 

However, blocking the bot traffic is only ideal if we have an adequately strong bot detection solution in place that can consistently distinguish between good bots and bad bots, and can keep detecting the presence of malicious bots even after they’ve been modified and improved. 

An AI-based bot mitigation solution that is capable of predictive, real-time behavioral analysis is essential, and by investing in one, you’ll get the easiest and most effective bot mitigation solution to implement in protecting your business from various bot threats. 

Ah, lovely holiday weekend. We closed early on Friday. All the staff is enjoying family time. Many are out of town. The ideal time for a horrific ransomware attack to shut down hundreds of businesses and cost millions of dollars. Happy Independence Day!

In my 30 years of running our business servers, I have noticed that system penetration attacks, denial of service attacks, and various other cyber attacks increase when people are away from their systems. The attackers choose this time hoping that people are not watching the server messages that hint their system has been compromised. In recent times, organizations are getting more cautious about this problem. Hence, they are actively seeking qualified ethical hackers who have pursued a professional ethical hacking course and are a good fit for their team.

Starting mid-afternoon on July 2^nd, an nefarious group succeeded in compromising a network security reseller named Kaseya. Through Kaseya’s VSA management tools, they hit IT related businesses with ransomware. Ransomware is software that locks a server or data files and then demands a ransom to unlock them.

Kaseya Underwhelms in Response

True to holiday mode, the response from Kaseya has been underwhelming. They claim to be the victim. They claim only a few customers are affected. They state they had complete control of the attack within two hours. They offer a solution to turn off any server using their service. Meanwhile, because of the attack, a chain of 500 stores is closed in Sweden, paralyzed 200 US Companies, and caused thousands of network technicians to return to work to mitigate the damage. What is missing in Kaseya’s response is a sense of responsibility and scope. It is clear that Kaseya’s management is still by the barbecue and not in the office.

Is your Business Affected? Is your Business Next?

The year 2021 has been awash in cyberattack and ransomware news. If you are not now taking steps, then you should think about it. Like any disease, these attacks are like a virus, and you can take steps to avoid your company getting sick. This may save you thousands of dollars. Here are five steps you can take this month to lower your risk.

1. Recognize Phishing Email in all its Forms

Hillary Clinton would have become president if it wasn’t for a mistake made by Democratic Chairman John Podesta. The campaign was a target, and they already knew there were emails sent their way for information. John clicked twice and entered his email credentials. Within minutes, 50,000 campaign emails were in Russian hands, and Hillary’s campaign was toast. How could any high-level manager fall for a simple spoof?

The spoofs are getting pretty good. It takes an effort not to click. We all get them. What is typical now is they come in a short email, with no explanation and a simple and logical attachment. The only clue is that the sender is not known.

Sometimes the sender is known or even a known vendor. Here at CompanionLink, a quick view of our publicly available DNS reveals that we use Rackspace for business emails. You can guess we get many messages that claim to be from Rackspace. Things like “Phone message from Rackspace” (we do not get phone service from them), or Mailbox Full, or Mailbox Corrupted. My favorite is the ones that make you panic – “Your credit card has been billed for $6,533.32” or “Your bank account has been closed for fraud.”

Avoid the panic. Tell your staff to forward all odd messages without clicking. Then, if needed, log into your Email Portal or Bank to ensure there is no actual problem.

2. Train your Staff – Really – to Recognize and Mitigate Risks

We all know the drill. You have a 30-minute meeting with your Vice President to underscore the importance of security for your business and your customers. He tells the tech manager in 4 sentences and maybe sends an email to all. Your team managers respond upstream in glowing terms, and then behind your back, convey a “don’t screw up” message downstream. The line staff gets the message: “Please don’t leave food in the refrigerator more than 3 days, remember to buy a secret Santa gift, and do not take down the entire company with an insecure password.” Unfortunately, the line staff just treats it as another empty command from from the top.

The most common method of attack is phishing emails

The SolarWinds attack vector is not known. What is known, however, is that for five years, certain SolarWinds systems were available using the password Solarwinds123. While the company CEO claims they immediately locked out the password after being notified that it was publicly available, others dispute both the timeline and the extent of the password use.

This goes beyond simply choosing a good password. And it goes beyond any automated system that forces you to change passwords frequently. The best hygiene is to ensure every system you have has a different password and your passwords are stored securely. These are opposing goals but worthy of taking time to get it right.

3. Do not use Unnecessary Vendors

SolarWinds, Microsoft Exchange, and Kaseya show the vulnerability when an IT vendor becomes the source of a security breach. A company whose only fault is to purchase services from a vendor is suddenly left with a million-dollar mess.

For the most part, you can identify your IT vendors by looking at the bills you pay. If you pay for a service, your company may be vulnerable to a breach of that service. Keep a close eye on payments large and small because instead of paying them, they may cost you. Be sure the service is necessary and justified. Check your emails for unpaid providers like Facebook and Google, since these notices mean that you are paying by having your information sold (advertising) rather than from your bank account.

4. Do not Trust the Cloud

People who trust the cloud are the same ones that sign agreements without reading them. Their trust is misguided. You can be sure those click-through agreements have huge loopholes for data breaches. Your best security is not to be a target. Staying small and anonymous may work better than making waves and becoming a victim.

The Microsoft Exchange attack targeted corporations that run their own private Exchange servers. The problem was not systems that were up to date but systems that were lagging in updates. These were companies that made the best effort to run secure servers but that had fallen a bit behind on maintenance, which was not surprising during the COVID era. Most companies focused on how to pay staff and not on whether to install routine security updates.

For Email that is internet-based, you are safer using IMAP protocol that does not connect to LDAP logins which may allow system-level passwords. For in-house systems, like CRM, there are still many vendors that can supply an on-premise CRM that is a fraction of the cost of a cloud system and that ensures that even if your internet is down – your customer data is safe within your corporate firewall.

5. Beware of Security Dominoes

A security domino is any system that, when breached, leads to other systems that may be breached. Password vendors Lastpass and 1Password are targets for bad players. And it would be best if you kept in mind that Yahoo and AOL have been breached multiple times, as have Facebook and Twitter. Even Apple, who sticks its finger in Microsoft’s eye on viruses, has been found guilty of sickening silence when 128 million iPhone users were hacked.

For corporate servers, ensure that your logins are qualified not just by password, 2FA, and 3 Dimensions, but ensure their IP matches a minimal set of known IPs. Do not use IP location since any VPN user easily spoofs location. You need to limit access to the specific IP network that your team uses. Primitive firewalls like Iptables can sometimes block better than sophisticated ones that allow anyone to get to a login screen. The networks your team uses are limited and known. Strength lies in simplicity.

Ending

To the management of Kaseya, your company got attacked. Start your message by taking responsibility – until known otherwise – your company was vulnerable to an attack. If you did your job right, this attack would not have happened. Start by owning that fact.

Hundreds of IT workers got their holiday ruined. Reach out. Tell them that Kaseya management is called back at the office and will stay full-time to ensure the fastest possible response.

Finally, reach out to your customers – who have been damaged – to help mitigate their future losses and explain what you are doing to make up for their current losses. You have insurance. They do not.

For everyone else – sit down on Tuesday with your monthly vendor bills, and go through one-by-one. Make sure you are protected if that vendor is breached. The year 2021 has seen an unprecedented rise in successful ransomware attacks, and the trend is not in your favor.

The Windows 11 official launch event took place on June 24, but the internet was already flooded with leaked Windows 11 ISO news on June 15. At first, the screenshots of Windows 11 appeared at Chinese site Baidu, and then the early build leak of Windows 11 ISO started revolving all over the internet. How does a tech giant like Microsoft let this massive leak happen? If Microsoft cannot handle its most important project’s privacy, how can we suppose that our data handed by them is secure?

There is no official announcement from Microsoft till now about how this leak took place. But Microsoft is issuing DMCA complaints to those sites that are distributing the leaked Windows 11 ISO. To have a closer look at how did Windows 11 leak, this blog presents some possible scenarios that could have led to this incident.

4 Possible Scenarios behind Windows 11 Leak

Different theories are rising related to Windows 11 leak. Some are considering it a marketing stunt, while others are considering it a serious security loophole. We have researched the possible scenarios that could have resulted in Windows 11 leak and come with the following 4 points:

1. Link to SolarWinds and Exchange Attacks

Microsoft has experienced significant cyber-attacks in the past couple of months. The prominent one is the SolarWinds attack that made thousands of global businesses, including government organizations and Microsoft its victim. The attackers even got access to Microsoft source code by gaining control of a few internal accounts. However, Microsoft later announced that the hackers just got access to view the code and the stolen source code had no impact on its products’ security.

After the SolarWinds attack, Microsoft experienced a second attack in 2021 on Microsoft Exchange Server. Four zero-day vulnerabilities were exploited by attackers from China. They deployed backdoors and continue to use them to conduct wide-scale malware attacks.

Microsoft is anxious to move on from these many cyberattacks. One hundred thousand corporate customers have spent significant amounts of money cleaning up the damage. Now the question arises, is the Microsoft codebase secure. Clearly, attackers managed to penetrate deep into the systems without being detected, so how can Microsoft be so sure about its recovery? Therefore, the recent cyber-attacks on Microsoft can be linked to the Windows 11 leak. There is no such clear evidence on it, but chances are there that it is a potential reason behind the leak.

2. Intentional Leak from Microsoft

There is a high possibility that Windows 11 was intentionally leaked by Microsoft to create the hype and gain the attention of users. Well, if this was Microsoft’s plan, then it seems to went perfectly. Windows 11 became a trending topic on the internet before its official release, and everyone started to explore what new offerings it is going to provide.

But why would a tech giant like Microsoft has to leak its OS when it can easily market it after the launch event? The possible answer could be the attention its competitors are gaining from users in the COVID-19 pandemic.

When Microsoft launched Windows 10, it was declared as the last Windows version. The possible reason was the growth of smartphones as the main computing devices and decreased use of PCs. The sales of computers dropped, while the sales of smartphones increased exponentially. So, that’s one possible reason why Microsoft decided to stop releasing new OS every two or three years.

But COVID-19 shifted things greatly. The demand for computers increased due to remote working and online studies. Chromebooks sales accelerated, while Apple also released its fastest-ever M1 chip for Macs. This possibly left Microsoft and its computer manufacturing partners in a miserable stage. So, that might have triggered the need for Windows 11 to bring market balance.

But since Windows 11 is mostly an improvement of UI and features-enhancement of Windows 10, so to bring solid market impact, Microsoft might have played the leaked Windows 11 ISO stunt. They have managed to gain attention on the internet, let users test out the leaked ISO, and also successfully shifted the attention hype from its competitors.

3. Insider Dishonestly

Microsoft is an ideal tech company to work in. From the diversified work environment to great salary, Microsoft employees experience both personal and professional growth. But not all employees have the same intention. Therefore, one possibility behind Windows 11 leak is that the employee(s) managed to steal the Windows 11 build version without getting caught and then sold/released it on the internet anonymously. Usually, tech companies ensure strict internal security measures, but there are always some chances of security loopholes.

4. Remote Working Vulnerabilities

COVID-19 pandemic has triggered the environment of remote working. Plenty of companies are running their businesses remotely. But remote working requires employees to have access to business-sensitive information from networks that are not that secure as the workplace networks. This is the reason that cyber-attacks are already rising since COVID-19. The chances that Windows 11 got leaked due to remote working vulnerabilities is quite rare, but still, it is one of the possibilities to consider.

Wrapping Up

Microsoft 11 leak is real, and Microsoft also agrees on it. But no one is answering how this huge mistake even occurred. One concerning element is that if Microsoft’s codebase is not secure, why should customers not consider its products may have hidden backdoors. Is every Windows and Office 365 user now vulnerable to privacy breaches, theft of investments, and ransomware? Everyone’s business is now susceptible to be shut down?

We now await to see how Microsoft responds to this leak.

Apple has now been caught keeping a major hack a secret. In the Apple Epic Trial, email threads released to the public exposed a significant fault on Apple’s security response.  As reported by Ars Technica, Epic Games presented a trail of emails in court that showed Apple higher-ups did not inform 128 million iPhone owners about the largest ever successful iOS mass hack.

Apple and Epic Fortnite court war has brought both companies into a position to openly share each one’s dirty works in public. The exposure of 128 million iOS devices data is one of the results exposed by Epic Games to the court.

Epic Games disclosed an email in the court made on September 21, 2015, where Apple managers discussed 2500 malicious apps present in the Apple store that 128 million users downloaded over 203 million times.

Apple Higher-ups Discussion Exposed

In the email provided by Epic Games, App Store VP Mathew Fischer asked Apple Senior VP of Worldwide Marketing Greg Joswiak and Apple PR people Christine Monaghan and Tom Neumayr (on September 21, 2015) that should they email the victim users about the malicious apps. He further added that if they favor sending emails, make sure about managing it perfectly. The discussion continued about the ways to notify the victim users. But the fact is Apple never notified the 128 million victims about the hack till today. No Apple representative can provide evidence that they ever sent the email to the victims.

How this Malicious Attack took Place

Cybersecurity researchers in 2015 found 40 malicious “XCodeGhost” apps. It was also the year of the iPhone 6S launch. Later, it was uncovered that there were more than 4,000 compromised apps in the App Store. It was discovered that the XCodeGhost apps had code that turned iOS devices into part of a botnet that stole data from users.

Developers behind those apps used a counterfeit version of Apple’s app development tool named XCode to create the apps. This counterfeit version termed as XCodeGhost secretly injects malicious code along with the other normal app functionalities. Afterward, the apps let iPhones report to the command-and-control server and delivery a wide set of sensitive device data, such as infected app name, network information, the app-bundle identifier, device name, unique identifier, type, etc.

Compared to Apple’s Xcode, XcodeGhost claimed to be faster to download in China. To execute the counterfeit version of the app, the developers also had to click by the warning issued by Gatekeeper (a security feature of macOS that makes it mandatory for developers to digitally sign apps). In short, developers exploit XCode, bypassed security, and extracted sensitive data.

The Itchy Silence Strategy of Apple

Apple has traditionally marketed itself as a premium firm that values the security of its products and millions of users. It has also made privacy a priority in its offerings. The decision to notify the affected people directly would have been the proper course of action. But unfortunately, it didn’t happen. Tech users already know that Google often doesn’t inform its users if they downloaded malicious Chrome extensions or Android apps, but now Apple is also on the same track.

The 2015 email was not the only security breach case of Apple. Back in 2013, Apple fellow Phil Schiller and others received an email quoting the article of Ars Technica. The article narrates the research from computer scientists that discovered a means to sneak malicious apps into Apple’s app store without being noticed by the security review procedure, which automatically identifies such apps. The email was meant to ask for suggestions on addressing the security loopholes mentioned in the article. This further showcase the vulnerabilities associated with Apple’s security defense system and how silent the company has remained in such cases.

Wrapping Up

The court war between Apple and Epic Games highlights some uncomfortable facts we were not expecting to hear. The recent emails evidence of the Apple 128 million iPhones hack, and the silence from the tech giant makes its users more suspicious. The first thought that raises through this whole situation is how often this similar silence is observed in the past. Secondly, how secure should Apple users consider themselves when they are also vulnerable to serious malicious attacks. In short, the fact is that no matter how large an organization is or how effective is its security infrastructure, there are always risks of malicious cyber-attacks.