Deep fake strikes again. This time we are talking about two tech giants. Illegal databases leaked. Where’s brand safety, but how about child safety? Companies provided customers’ addresses, phone numbers, and IP addresses in mid-2021 in response to the forged “emergency data requests.” Usually, such requests come with a search warrant signed by a judge, but emergency requests don’t require such a procedure. Cyber security officers and police already have some cybercrime groups on the list.
Why so many hackers?
We have all faced this reality since these viruses entered our communities or society. We witness hundreds of sexually explicit fake accounts and hacked business suites.
Well, those accounts contain expensive data. People started to scream: This is an economic war!
This time, hackers used deep fake profiles from law enforcement officials to extract data directly from Apple and Meta (Facebook). The basic subscriber details, such as a customer’s address, phone number, and IP address, were hacked in mid-2021. This fake game started as an “emergency data request.” The legal procedure needs some extra approval such search warrant or subpoena signed by a judge. If we are facing an emergency request, they don’t require a court order.
Evil-smart move, right?
Ethical cybersecurity gives us clues
Minors from the UK and US are behind this hacking scheme. Cybersecurity researchers showed some past stories. The mastermind behind the cybercrime group Lapsus$, which hacked Microsoft Corp, Samsung Electronics Co., and Nvidia Corp. is under 18 years old. The city of London Police recently arrested seven people in connection with an investigation into the Lapsus$ hacking group; the probe is ongoing.
Journalists from Bloomberg talked with Apple and Meta representatives. Here’s what they said below.
Excerpt: “We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse. We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case.” said Andy Stone from Meta.
“A supervisor for the government or law enforcement agent who submitted the request “may be contacted and asked to confirm to Apple that the emergency request was legitimate” – Apple’s law enforcement guidelines.
Harassment and abusive campaigns with direct targets
If they have your IP address, you can become endangered by your physical location exposure, name, surname, and photos. You need to know how expensive your data can transform over time. You should ask for some incentives when they stole your data?
They use this private customer data from Apple and Facebook to launch harassment campaigns and facilitate financial fraud schemes. When you have the victim’s information, the hackers could use it to assist in attempting to bypass account security.
News source: bloomberg.com
Share with your bestie: