Verdict lists five of the most popular tweets on cybersecurity in Q1 2022 based on data from GlobalData’s Technology Influencer Platform.
The top tweets are based on total engagements (likes and retweets) received on tweets from more than 150 cybersecurity experts tracked by GlobalData’s Technology Influencer platform during the first quarter (Q1) of 2022.
The most popular tweets on cybersecurity in Q1 2022: Top five
1. Briankrebs’ tweet on Avira’s free crypto mining service
Briankrebs, an independent investigative journalist, shared an article on Avira Free Security antivirus software users being introduced to crypto mining. A product of software company Avira Operations, the free antivirus has more than 80 million users who were recently introduced to a service called Avira Crypto that allows customers to make money by mining virtual currency. Avira Operations was acquired in January 2021 by cybersecurity software and services provider NortonLifeLock (previously Symantec), which also owns antivirus and security software Norton 360.
The Avira Crypto service allows users to use their computer’s idle time to mine the digital currency Ethereum (ETH), the rewards of which are distributed to all members in the mining pool. The article highlighted that Avira was introducing crypto mining to users unfamiliar with cryptocurrency, which comes with its own set of security and privacy challenges.
Twitter handle: @briankrebs
2. Joseph Cox’s tweet on hackers breaching Russian Space Research Institute’s website
Joseph Cox, a cybersecurity journalist at a technology website Motherboard, shared an article on hackers breaching into a website related to Russia’s Space Research Institute (IKI). The hackers posted messages on a subdomain of the site and also leaked many files from Roscosmos, the coordinating hub for Russian space activities. The hacking incident follows a surge in cyber-attacks against Russia due to its military invasion of Ukraine. The impact of the hack seem limited although some individuals claim that it compromised Russian targets, the article noted.
The hackers called v0g3lsec took responsibility for the attack on Twitter. The hackers further claimed that the leaked Roscosmos files included handwritten forms, and spreadsheets in Russian and English about lunar missions, and other PDF files, the article highlighted.
Username: Joseph Cox
Twitter handle: @josephfcox
3. Chris Wysopal’s tweet on Korean researchers developing a set of attacks against SSDs
Chris Wysopal, co-founder and chief technology officer at software company Veracode, shared an article on researchers from Korea University developing a set of attacks against some solid-state drives (SSDs) that can plant a malware in a location that cannot be reached by the user or security solutions. The attack models target a concealed area on the device called over-provisioning (OP), which is used by SSD manufacturers to improve performance on NAND flash-based storage systems, the article detailed.
One of the attacks modelled by the researchers targets an invalid area with non-erased information that lies between the SSD space and the over-provisioning (OP) area, whose size is directly dependent on the two areas. A hacker can use the firmware manager to modify the size of the OP area, resulting in vulnerable invalid data space, the researchers concluded. In a second attack model, the OP area is used by the hacker as a secret place where users cannot monitor and a threat actor can place the malware.
The article highlighted that the research demonstrates how the OP area can be accessed without authorisation although such attacks are unlikely to be taking place currently. Strong defences should be placed against unauthorised access to the SSD management app, the article added.
Username: Chris Wysopal
Twitter handle: @WeldPond
4. Kim Zetter’s tweet on FBI warnings about QR codes being used for malware attacks
Kim Zetter, an investigative journalist, shared an article on the US Federal Bureau of Investigation (FBI) raising awareness about cybercriminals tampering with Quick Response (QR) codes to redirect users to malicious sites that can steal login information and financial information. QR codes are used by businesses to offer contactless access, which have become more common during the Covid-19 pandemic.
The technology, however, is being used by cybercriminals to lure victims to fraudulent websites to steal their personal and financial information, and to insert malware to gain access to the victim’s device and redirect payments for cybercriminal use. The FBI listed some measures to protect users from scanning QR codes such as checking the uniform resource locator (URL) of website, avoiding app downloads from a QR code and avoiding QR code scanner app downloads, the article noted.
Username: Kim Zetter
Twitter handle: @KimZetter
5. Lorenzo Franceschi Bicchierai’s tweet on Chinese cybersecurity company accusing NSA of being a hacking tool
Lorenzo Franceschi Bicchierai, senior writer at Motherboard, shared an article on a Chinese cybersecurity firm Pangu Lab accusing the US National Security Agency (NSA) of being behind a ten-year-old hacking tool. A report prepared by researchers at the company detailed that the malware was first encountered in 2013 while investigating a hack against a key domestic department. The researchers could not identify the hackers at that time, but leaked NSA data about the world’s leading cyberattack group, the Equation Group, which is believed to be the NSA, revealed that the malware was created by the NSA.
Cybersecurity experts believe its rare but it is not the first time a Chinese company is publishing research about an alleged American intelligence’s hacking operation. The report also indicated that Chinese companies and the Chinese government are improving their attribution abilities, as it will lead to overall geopolitical stability, the article noted.
Username: Lorenzo Franceschi-Bicchierai
Twitter handle: @lorenzofb
Likes: 210 Retweets: 101