Skip to main content

Thursday Threat Report: CryptoLocker, evil twin attacks, and dating sites with laughable security

Welcome to the first edition of ITProPortal's Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats - things are about to get scary.

Stupid Media

It emerged yesterday that Australian dating site company Cupid Media suffered a catastrophic data breach back in January. Luckily it immediately informed the correct authorities and all the users affected. Just kidding! They told no one, and kept the whole thing quiet until it was revealed this week by security campaigner Brian Krebs. The leaked details include full names, birth dates, emails, and passwords stored in plain text format. Perhaps more worrying is the domains to which many of these email addresses are registered.

While 17.4 million of the users used Yahoo Mail addresses, and 13.5 million used Hotmail, 9,844 users used .gov email addresses, suggesting that they are employed by the US government. Presumably these users' details made it into the hands of cyber-criminals and foreign intelligence agencies faster than anyone could say "national security threat." Some 56 users were even registered with domains – the US Department of Homeland Security. Embarrassing for more than just Cupid Media, then! At least the whole snafu has prompted a debate on whether punitive fines should be levied against companies that fail to report data breaches.

We, for one, believe that they should.

Evil twin Wi-Fi hacks

It's not just large companies who are losing users' data. Some Internet-hungry café-goers in London where practically queueing up to be compromised as they signed on to a fake Wi-Fi hotspot known as an 'evil twin'. Luckily, the honeypot access point had been set up by researchers from First Base Technologies as part of a study carried out by security firm Trend Micro. The team found that users not only signed on to the network in droves, but were also more than happy to plan trips, browse for accommodation and organise flat share schemes over the fake connection, all of which was routed straight through the team's laptop.

"Most people had no idea what could be grabbed," the team told us.

If that isn't scary enough, the researchers were even able to achieve the same results with nothing more than a smartphone and an app freely available on the Google Play Store. How long until this capability is in the hands of criminal gangs? "It already is," said Peter Wood of First Base. Scary, scary stuff.


The biggest security story this week has been the persistent menace of CryptoLocker. This Trojan nasty is designed to infiltrate users' computers under the guise of a trusted program, and then encrypt everything on the computer's hard drive with a unique key. The idea is that victims have to pay for the key, in order to get their data back, although there's not a whole lot of honour among thieves, so coughing up is not at all advised.

Though the threat is nothing new in terms of ransomware, the UK's newly-formed National Crime Agency (NCA) issued a nationwide alert over the weekend, predicting that as many as 10 million highly-targeted emails could be sent out to small and medium businesses, as well as large corporations and the average Internet user, in just the last seven days. Still no news about how realistic that projection turned out to be, but it certainly grabbed headlines and got the word out there quickly. Adrian Culley of Damballa gave us some clear-headed advice about how to beat the CryptoLocker curse, and anyone who thinks they might have been affected by the Trojan should contact