 A developer who designed a tool to let people essentially delete their Facebook news feeds says he was served with a cease-and-desist letter and permanently kicked off the tech giant's platform. Louis Barclay, a developer in the UK, is the creator of a browser extension called Unfollow Everything. The extension lets users automatically unfollow all their friends and pages on Facebook, leaving their news feed blank. Barclay told Insider people could still connect to their friends and family on Facebook when using the extension. Barclay published Unfollow Everything on the Google Chrome store in July 2020 and said it attracted attention from researchers at the University of Neuchâtel in Switzerland, who wanted to study the impact of having no news feed on people's happiness on Facebook, as well as the amount of time they spent on the platform. In July of this year, Barclay received a cease-and-desist letter from Facebook's lawyers, he said. Barclay published a redacted version of the letter online. Insider reviewed an unredacted version to verify its authenticity. Barclay, who published a Slate article on Thursday detailing his experience, told Insider he received the letter five hours after trying to log in to his Facebook account and finding it was disabled. The letter, from the law firm Perkins Coie, told Barclay that Unfollow Everything broke Facebook's rules on automated collection of user content without Facebook's permission and that it infringed Facebook trademarks. It also said Facebook's terms prohibited interfering with the "intended operation of Facebook" and encouraging others to break Facebook's rules. It also informed Barclay he was barred from both Facebook and Instagram. "I was really scared, and I was very anxious," Barclay told Insider. Facebook's letter took him by surprise, he said, adding that Unfollow Everything had only 2,500 weekly active users and 10,000 downloads. "It was definitely growing, but it wasn't huge," he said. "Apart from that I just very much saw it as something that improves the Facebook experience for Facebook users," he added, saying he got "amazing feedback" from people saying they "were using Facebook in a way that was much healthier for them." Barclay said he sought legal guidance on whether he could challenge the letter but learned that since he's based in the UK he'd be liable for Facebook's legal costs if he lost. "Facebook is a trillion-dollar company. I couldn't afford that risk," Barclay wrote in his Slate article. Barclay said getting banned after having an account on Facebook for 15 years was a blow, especially because he still used the platform, and Facebook Messenger in particular, to stay in touch with friends around the world. "It's really horrible to have been cut off from that for a reason that feels to me very unfair," Barclay told Insider. Nonetheless, he sees a silver lining in getting cut off from Facebook. "I've been trying to reduce my usage of Facebook for years now, including by making tools like Unfollow Everything. So I'm actually pretty grateful to Facebook that they've helped me take my addiction levels down to a flat zero," he told Insider. For more visit OUR FORUM.  A newly discovered data exfiltration mechanism employs Ethernet cables as a "transmitting antenna" to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research. "It's interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack," Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center in the Ben Gurion University of the Negev in Israel, told The Hacker News. Dubbed "LANtenna Attack," the novel technique enables malicious code in air-gapped computers to amass sensitive data and then encode it over radio waves emanating from Ethernet cables just as if they are antennas. The transmitted signals can then be intercepted by a nearby software-defined radio (SDR) receiver wirelessly, the data decoded, and sent to an attacker who is in an adjacent room. "Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine," the researchers noted in an accompanying paper titled "LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables." Air-gapped networks are designed as a network security measure to minimize the risk of information leakage and other cyber threats by ensuring that one or more computers are physically isolated from other networks, such as the internet or a local area network. They are usually wired since machines that are part of such networks have their wireless network interfaces permanently disabled or physically removed. This is far from the first time Dr. Guri has demonstrated unconventional ways to leak sensitive data from air-gapped computers. In February 2020, the security researcher devised a method that employs small changes in LCD screen brightness, which remain invisible to the naked eye, to modulate binary information in morse-code-like patterns covertly. Then in May 2020, Dr. Guri showed how malware could exploit a computer's power supply unit (PSU) to play sounds and use it as an out-of-band, secondary speaker to leak data in an attack called "POWER-SUPPLaY." Lastly, in December 2020, the researcher showed off "AIR-FI," an attack that leverages Wi-Fi signals as a covert channel to exfiltrate confidential information without even requiring the presence of dedicated Wi-Fi hardware on the targeted systems. The LANtenna attack is no different in that it works by using the malware in the air-gapped workstation to induce the Ethernet cable to generate electromagnetic emissions in the frequency bands of 125 MHz that are then modulated and intercepted by a nearby radio receiver. In a proof-of-concept demo, data transmitted from an air-gapped computer through its Ethernet cable was received at a distance of 200 cm apart. Like other data leakage attacks of this kind, triggering the infection requires the deployment of the malware on the target network via any one of different infection vectors that range from supply chain attacks or contaminated USB drives to social engineering techniques, stolen credentials, or by using malicious insiders. As countermeasures, the researchers propose prohibiting the use of radio receivers in and around air-gapped networks and monitoring the network interface card link-layer activity for any covert channel, as well as jamming the signals, and using metal shielding to limit electromagnetic fields from interfering with or emanating from the shielded wires. Visiting OUR FORUM you can learn more.  The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates warning them of Flubot infections. As New Zealand's computer emergency response team (CERT NZ) warned earlier today, the message on Flubot's new installation page is only a lure designed to instill a sense of urgency and pushing potential targets to install malicious apps. "Your device is infected with the FluBot® malware. Android has detected that your device has been infected," the new Flubot installation page says. "FluBot is Android spyware that aims to steal financial login and password data from your device. You must install an Android security update to remove FluBot." Potential victims are also instructed to enable the installation of unknown apps if they're warned that the malicious app cannot be installed on their device. "If you are seeing this page, it does not mean you are infected with Flubot however if you follow the false instructions from this page, it WILL infect your device," CERT NZ explained. The SMS messages used to redirect targets to this installation page are about pending or missed parcel deliveries or stolen photos uploaded online. This banking malware (also known as Cabassous and Fedex Banker) has been active since late 2020 and has been used to steal banking credentials, payment information, text messages, and contacts from compromised devices. Until now, Flubot spread to other Android phones by spamming text messages to contacts stolen from already infected devices and instructing the targets to install malware-ridden apps in the form of APKs delivered via attacker-controlled servers. Once deployed via SMS and phishing, the malware will try to trick the victims into giving additional permissions on the phone and grant access to the Android Accessibility service, which allows it to hide and execute malicious tasks in the background. Flubot will effectively take over the infected device, gaining access to the victims' payment and banking info in the process via a downloaded webview phishing page overlayed on top of legitimate mobile banking and cryptocurrency apps' interfaces. It also harvests and exfiltrates the address book to its command-and-control server (with the contacts later sent to other Flubot spambots), monitors system notifications for app activity, reads SMS messages, and makes phone calls. The botnet has mainly targeted Android users from Spain at the beginning. Still, it has expanded to target additional European countries (Germany, Poland, Hungary, UK, Switzerland) and Australia and Japan in recent months, even though the Catalan police reportedly arrested the gang's leaders in March. Since Swiss security outfit PRODAFT said in March that the botnet was controlling roughly 60,000 devices that collected the phone numbers of 25% of all Spanish citizens, the malware will likely spread even quicker now that it uses what looks like an even more effective lure. To learn more stop by OUR FORUM. |
Latest Articles
|