Teen hanged himself after receiving ransomware scam email

A 17-year-old college student who suffered from autism hanged himself after receiving a ransomware scam.

Joseph Edwards was alarmed after receiving an email that falsely claimed he'd been spotted browsing illegal websites and needed to pay £100 (payable in Ukash electronic money) or face being prosecuted. The email pushing the well-known police ransomware scam also downloaded malware that locked up his laptop once it was opened.

Police ransomware of this type does not encrypt files and is normally much easier to purge from infected systems, a factor that underlines the tragedy of what transpired.

Edwards was so distressed by the accusation and the extortionate demand that he took his own life hours after falling victim to the cruel scam on 6 August last year.

The A-level student's developmental disability likely made him more susceptible to thinking the scam email, supposedly sent from from Cheshire police, was genuine, a coroner heard on Thursday.

Edwards, who attended a mainstream school despite his autism, was found hanged at his family home in Windsor, Berkshire by his mother Jacqueline Edwards, who told the coroner that he probably didn't understand the implications of his actions. She has since begun a campaign to raise awareness about internet scams.

After Joseph's death, a Facebook page was created called "Fake Police Email Scam in Memory of Joseph Edwards" (available here).

"He didn't seem to have any worries known to me. I don't think he really understood," Jacqueline Edwards told the coroner.

"Joseph was subjected to a scam on the internet, a threatening, fake police link that was asking for money," his mother said in a statement, the Daily Telegraph reports. "He would have taken it literally because of his autism and he didn't want to upset Georgia [his sister] or me."

Detective Sergeant Peter Wall said it was very difficult to trace those responsible for the "elaborate" scam but it's likely to have originated outside the UK. Historically a lot of this type of fraud has come from Ukraine and to a lesser extent Romania.

The spam email, complete with Cheshire Police insignia, falsely claimed that indecent images had been found in the possession of the recipient, the intended mark for the scam.

The teenager died from asphyxia as a result of hanging, according to the post-mortem. Coroner Michael Burgess recorded an open verdict.

"He was suspended from the bannister by a ligature," Coroner Burgess ruled. "Although he undertook that action himself, his intention is not clear from the evidence."

"This scam may have caused him great distress and difficulty," he added.

The tragedy is mercifully rare but not unprecedented. Last year a Romanian “ransomware victim” hanged himself and his four-year-old son. A strain of police ransomware called IcePol was linked to the case, which involved extortionate demands for around $21,600. In 2012-13 the average Romanian yearly salary was just $7,200.

Pre installed Backdoor found in Chinese Smartphones

Chinese smartphone manufacturers have again been critized for having Backdoor in their handsets. But this time a different vendor’s name has come up. Earlier the popular Chinese smartphone brands, Star N9500 and Xiaomi name came up but now the China’s third largest and world’s sixth largest mobile manufacturer ‘CoolPad’, has joined the list.

            Android smartphones sold by Chinese smartphone maker Coolpad Group Ltd contains an extensive “backdoor” that is able to track users, push unwanted pop-up advertisements and install unauthorized apps onto users phone without their permission, alleged a U.S. security firm.

MORE THAN 10 MILLION USERS at RISK

Researchers at Silicon Valley online security firm Palo Alto Networks discovered the backdoor “CoolReaper”, pre installed on 24 Coolpad Android handset models, including high end ones. The attackers can completely hijack users Android device by gaining their device information with the help of the backdoor.

Features of CoolReaper backdoor:

According to Ryan Olson, intelligence director at Palo Alto, CoolReaper backdoor has ability to:

Ø  Download, install aand activate any Android application without users knowledge.

Ø  Connect to number of command and control(C&C) servers.

Ø  Wipe user data, uninstall applications or disable system applications.

Ø  Send fake software updates to devices.

Ø  Send or insert arbitrary SMS or MMS messages into the phone.

Ø  Call arbitrary phone numbers.

Ø  Upload device information including its location, application, usage information, calling and SMS history to Coolpad servers.

On examination of Coolpad smartphone models of different country, researchers suspected that Coolpad smartphone come pre installed with Coolreaper backdoor on handsets which are sold exclusively in China and Taiwan.

Coolpad is the first malware that is built and operated by an Android manufacturer.China has been criticized many times for its products. Six months ago another handset which was popular and also cheap, Star N9500 smartphone came pre-installed with a Trojan that allowed manufacturerto spy on users including personal data and conversations without their knowledge.

            Their was another allegation against the popular Chinese smartphone manufacturer, “Xiaomi of secretly stealing users information and sending it back to a server in Beijing.

Crash friends WhatsApp with just a message

Two India based security researchers, Indrajeet Bhuyan and Saurav Kar, both 17-year old teenagers have found a vulnerability in the popular messaging app WhatsApp, which allows anyone to remotely crash WhatsApp by just sending a specially crafted message.

            In a demonstration, they showed how a 2000 words (2kb in size) message written in special characters can crash WhatsApp messenger app of the person who has received it and also who has send it. Previously also there was a similar vulnerability in WhatsApp in which if a person sends a huge message ( size greater than 7mb), it will crash victim’s device and app both immediately, but this new exploit allow attacker to send a very small size message(2 kb) to the victim.

            The user who receives the specially crafted message will have to delete his/her whole conversation with the attacker and will have to start a new one, because opening the message keeps on crashing the WhatsApp.

            According to the duo, the reported vulnerability has been tested on Gingerbread, Jellybean, Kitkat, and all the above Android Operating systems and it works successfully on them.

            Similarly in a WhatsApp group if a group member intentionally sends a specially crafted message, then everyone will have to exit from the group. Also for example, if I don’t want that someone should have records of my chat with them, then I can simply send the same message exploit to that person.

            This vulnerability has not been tested on iOS, but it is sure that all versions of WhatsApp are affected by this bug including 2.11.431 and 2.11.432. But the attack does not work on windows 8.1.

            WhatsApp which is bought by Facebook for $19 billion in February 2014, has over 600 Million while writing this post, and according to researchers no of users affected by this vulnerability could be 500 Million.

           

            Reecently WhatsApp was in news for making end-to-end encryption on all text messages as a default feature to boost online privacy and security of its users. The app maker describes this as the “largest deployment of end-to-end encryption ever”.

WhatsApp Adds End to end Encryption

Good news for all WhatsApp users. Finally the WhatsApp messenger has made End to End encryption a default feature, boosting online privacy of its users around the world. Earlier WhatsApp had no encryption and it was very easy for hackers to hijack the session and read personal messages.

WhatsApp, most popular messaging app with 600 Million users as of October 2014, has partnered with Open Whisper Systems to boost its privacy and security by implementing strong end-to-end encryption on all text messages.

The strong end-to-end encryption here means that even Mark Zuckerberg himself can't pry into your conversations, even if asked by law enforcement officials. The app maker describe this move as the "largest deployment of end-to-end encryption ever."

The Open Whisper System is a non-profit software organisation started by security researcher Moxie Marlinspike, who is behind the development of TextSecure app used for encryption. Over the past three years, his team has been in the process of developing a 'modern, open source, strong encryption protocol' for messaging service, which is now being incorporated into Whatsapp.

"We have a way to go until all mobile platforms are fully supported, but we are moving quickly towards a world where all WhatsApp users will get end-to-end encryption by default," Open Whisper System said in a blog post. 

"We're excited to incorporate what we've learned from this integration into our future design decisions, and to bring this experience to bear on integrations that we do with other companies and products in the future."

There are some limits to WhatsApp's end-to-end encryption, as so far, it only works on Android platform (with iOS coming soon) and covers only text messaging. Also the app is now open to potential man-in-the-middle (MitM) attacks because there's no way to check or verify the identity of the person you are messaging.

WhatsApp was bought by Facebook for $19 billion in February. The popular app has been criticized over the years for a series of security and privacy issues. But after the announcement of this rollout, it has been praised over the internet by security folks.

"WhatsApp deserves enormous praise for devoting considerable time and effort to this project," reads the post. "Even though we're still at the beginning of the rollout, we believe this already represents the largest deployment of end-to-end encrypted communication in history."

Other encryption messaging apps do exist currently, including Cryptochat, Silent Text and Telegram, but according to the Verge, WhatsApp will be the largest to implement this type of end-to-end encryption ever.

Open Whisper Systems is a company built from open source contributors and a dedicated team to advance "state of the the art" secure communication, and is best known as the developer of the Signal, Redphone, and TextSecure apps.

Best Backup app in Android: Super Backup

This is the best Backup app I have ever found on Android. As you can see from the image above, it can backup apps, sms, contacts, call logs, calendars and bookmarks i.e. it can backup everything that you would like to on Android. With more than 1,000,000+ downloads it is certainly the best Backup app on Android.

Features of Super Backup:

·         Backup apps to SD card

·         Backup contacts, SMS, call logs, bookmarks, and calendars to SD card

·         Batch restore apps from SD card (need root)

·         Restore contacts, SMS, call logs, bookmarks, and calendars from SD card

·         Can select SMS conversations to backup

·         Delete the backup data on SD card

·         Schedule automatic backups

·         Auto upload scheduled backup files to your Gmail

·         Show last backup count and time

·         User can change backup folder path in Settings

Any mobile user would not like to turn their back on a free app with that feature list.

One of the first steps you must take is to set up the location of your backup. Hopefully, you have an SD card in your phone to back up to. In order to set this option, tap on the wrench icon on the main page. Tap the settings, backup path, select External Storage Card, and then tap OK. Super Backup will now be set to backup to your external memory, this is much safer than backing up to the internal memory, should the phone die or you do a Factory reset.

Backup apps:

 The main difference between Super Backup app and others are that for app backup it can backup them with their data. For ex it can backup WhatsApp with their data so after restoring it with the Super Backup you won’t have to verify your mobile no again. It will have all the messages or chats. With Super Backup you can select some apps which you want to backup or you can backup all the apps.

You can give backup a name or continue with the default name, also there is an option to send the backup via email if you want you can send it.

Backup SMS, Contacts, Call Logs, Calendars, Bookmarks:

·         In Backup you have two options: “Backup” and “Backup Conversations”. SMS Backup allows you to backup/restore conversations, view the backups, send the backups to email, delete backups, and delete all messages.

·         Contacts Backup allows you to backup, restore, view, send to email, and delete backups/all contacts.

·         Call Logs Backup allows you to backup, restore, view, send to email, and delete backups/all call logs

·         Calendars Backup allows you to backup, restore, send to email, delete backups/all calendars

·         Bookmarks Backup allows you to backup, restore, view backups, send to email, delete backups/all bookmark.

With Super Backup you can schedule the time of Backup for SMS, Contacts and Call Logs. There is also an option to directly send Backup to your Gmail account.

What’s your thought on this Super Backup app? Do let us know in the comments section.

Now Whatsapp available for computer users

Whatspp which is available for multiple mobile operating systems has become very popular and nearly every Smartphone user nowadays has it in their mobile. It allows us to stay in touch with our friends for free & share anything like images, photos, videos, sound-clips with them for absolutely free.

But what about those who don’t have Smartphone’s. They were left out, but not now. Now I will show you a technique with the help of which you can access whatsapp on your computer also.

 

  1.> To use Whatspp you will have to download a Android emulator. To download Android emulator, go to www.youwave.com and download emulator. Emulator is available as trial for 7 days but you can use it as long as you want by changing system date or using Time stopper application. You can also use BlueStacks application which is another android emulator. To directly download emulator click here link or go here.

  2.> After installing the emulator, it will take some time to run the first time, then click on Help > instructions to see the path of your working directory.

  

  3.>Then download the Whatspp application or whatspp.apk from here Link.

  4.> Copy the whatspp.apk file in the directory.

  5.> Click on View > Redraw icons and you will see whatsapp shortcut.

  6.>Configure Whatspp on Windows PC.

  7.>Double click Whatspp on YouWave.

  8.> Register using mobile phone. Don’t use mobile no. already registered with              Whatsapp. You won’t be able to verify by text so wait for call verification.

  9.> Whatsapp will call you and will provide you with verification code to enter on    screen. Done.

  10.>To see your Whatsapp friends you will have to add your contacts on Android application and not on Whatsapp.

What’s your thought on this 100,000,000+ (on Android only) downloaded app? Do let us know in the comments section.