Fortnite ransomware, Steam scam, phony Android apps, clumsy porn site and more
Welcome to Cyber Security Today. It’s Wednesday August 21st. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.
To hear the podcast click on the arrow below:
One of the ways criminals get into your computer is by exploiting emotions like greed. That’s how users of the popular online game Fortnite are being victimized by ransomware, according to a security firm called Cyren. Someone has created a Fortnite hacking tool that promises to give players an edge in aiming accurately. What it really does is infect computers, encrypts their data and demands a ransom to get control back. Why bother? Because Fornite is hugely popular. An estimated 250 million people around the world play it. Last month the Fortnite World Cup had a $30 million prize pool. The $3 million top prize was won by a 16-year old. Fortunately, if you’re infected a knowledgeable person can get your computer unlocked from this particular strain of ransomware. So remember, anything that promises you a shortcut comes at a price.
Here’s another example: Bleeping Computer reports that people who use the Steam gaming platform are being offered a free game by clicking on a link to go a website called Steamsafe.fun. Beware. The goal is to steal your Steam password and username. The only way to log into Steam is on the site Steamcommunity.com.
And then there’s the games and utilities from unknown developers on the Android site. Security company Trend Micro says it recently found 85 gaming and photography add-on apps in the Google Play store that were there to infect smart phones. They display ads that bring scammers money from advertising marketplaces. Google has now yanked those apps. Remember, your smart phone isn’t the place to experiment with apps from unknown firms. Who is the developer? Are the reviews too positive?
Have you enrolled at the porn image site called Luscious? Apparently someone there has been clumsy. Security researchers at vpnMentor discovered its database of over 1 million users was left open for anyone to see who had the right skill. Hopefully, if you join an adult site you use a fake name, and an email address that can’t be tracked to you. For example, you wouldn’t be foolish enough to use your work email, or an email address with your real name, or your real name as a username, right? According to the security researchers, some people were that foolish.
American supermarket chain Hy-Vee is warning customers their credit cards may be at risk after a hack. People who bought gas at Hy-Vee fuel pumps or food the Market Grilles and Wahlburgers outlets may be at risk because the payment machines were compromised.
Finally, if you own a Google Nest Cam IQ Indoor home camera system, make sure the software is updated. There are bugs that could allow an attacker to hijack the device.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.