Latest news with #AngeLavoipierre
ABC News
3 days ago
- Health
- ABC News
Brain Rot: Is there any proof your phone is destroying your attention span?
Everyone seems to have a hunch that their phone is destroying their attention span, but is there any science to back it up? In episode one of Brain Rot, we're doing our best to focus on the topic of attention for a full 25 minutes — and find out what's actually happening in your brain every time your phone buzzes or dings. Is brain rot a real thing? Or just another moral panic? And how do you know when your own screen use has gone too far? Brain Rot is a new five part series from the ABC's Science Friction about how tech is changing our brains, hosted by Ange Lavoipierre. Guests: Anna Seirian CEO, Internet People Dr Mark Williams Professor, Macquarie University; Cognitive neuroscientist Michoel Moshel Clinical Neuropsychologist Registrar; Phd Candidate, Macquarie University Professor Marion Thain Professor of Culture and Technology, University of Edinburgh; Director, Edinburgh Futures Institute Credits: Presenter: Ange Lavoipierre Presenter: Ange Lavoipierre Producer: Fiona Pepper Producer: Fiona Pepper Senior Producer: James Bullen Senior Producer: James Bullen Sound Engineer: Brendan O'Neill This story was made on the lands of the Gadigal and Menang Noongar peoples. More information: Neuropsychological Deficits in Disordered Screen Use Behaviours: A Systematic Review and Meta‑Analysis - Neuropsychology Review, 2024. Do we have your attention? How people focus and live in the modern information environment - King's College London, 2022. Internet addiction-induced brain structure and function alterations: a systematic review and meta-analysis of voxel-based morphometry and resting-state functional connectivity studies - Brain Imaging and Behavior, 2023.
RNZ News
30-04-2025
- Business
- RNZ News
Cybercriminals have stolen almost 100 staff logins at Australia's Big Four banks, experts say
By Ange Lavoipierre , ABC Photo: Unsplash / RNZ Cybercriminals have stolen almost 100 staff logins from workers at Australia's biggest banks, putting those businesses at higher risk of mass data theft and ransomware attacks, according to cyber security researchers. The most serious risks arise from the fact that attackers could ultimately use those leaked logins to gain access to the banks' corporate networks, they warned. The cyber intelligence firm Hudson Rock told the ABC it found dozens of compromised staff credentials at both ANZ and Commonwealth Bank, and fewer than five at NAB and Westpac. "There are around 100 compromised employees that are related to those four banks," Hudson Rock analyst Leonid Rozenberg said. The Big Four banks all have protections in place to prevent stolen passwords from being exploited in this way. However, in a worst case scenario, those staff credentials could allow hackers to gain what's known as "initial access" and break into the banks' systems. "This is like the open gate," said \ Rozenberg, warning that once the hacker is inside, there was a lot more damage they could do, including installing ransomware and stealing massive troves of customer data. The almost 100 credentials identified by Hudson Rock belong to either current or former staff and contractors. All of them had a corporate email address with the ability to log into the same corporate domain, such as " or " researchers said. The credentials were stolen between 2021 and April 2025, using malware known as "infostealers" planted on employee devices, and have since been given away or sold on the messaging platform Telegram, the dark web, or both. Infostealer malware, as the name suggests, is a type of malicious software tailor-made to infect a device, harvest as much valuable data as possible, and deliver it directly to criminals. It overwhelmingly targets computers running on Windows. As well as passwords, infostealers can capture a wide range of data, including credit card details, cryptocurrency wallets and local files, as well as browser data such as cookies, user history and autofill details. Researchers have provided no evidence that the digital infrastructure of any of the banks is compromised - only that data, including corporate logins, has been stolen from devices used by their staff. Earlier this week, the ABC revealed that more than 31,000 banking passwords belonging to customers at the Big Four banks had been stolen using the same kind of malware, exposing those people to possible fraud. While the number of employee logins stolen by malware gangs is significantly smaller than the number of customers, the risk may be greater, according to researchers. "Technically, [attackers] need only one [log in] to do a lot of damage," Rozenberg said. A recent report from the Australian Signals Directorate (ASD) warned of the potential for infostealer infections to lead to dire consequences for businesses. The ASD said stolen corporate credentials had already led to successful attacks on Australian businesses, although it did not name any victims. In the case of all four banks, Hudson Rock also found stolen credentials belonging to third-party businesses, presenting an extra layer of risk. "They're not only targeting the access to the bank. They're also targeting the services that this bank is using externally," Rozenberg said. In the case of CommBank, Hudson Rock reported more than 40 leaked third-party credentials, while researchers found more than 30 for Westpac, more than 100 for ANZ and more than 70 for NAB. "[Attackers] also know that if they get inside the JIRA, or Salesforce, or Slack, the communication system that is widely used by different companies … they can get a lot of sensitive information," Rozenberg said. Researchers chose to focus on the banks in this investigation, but warned the threat posed by infostealers was universal. "This malware can hit any business, in any industry and in any country," Rozenberg said. The use of infostealers has exploded in recent years, with a more than 200-fold increase in infections globally since 2018, according to Hudson Rock's analysis. The company found there have been more than 58,000 infected devices in Australia alone since 2021. Gaining access to a bank's corporate environment and staging a major attack is not as simple as just using stolen staff credentials to log in. "Most large enterprise organisations will have supplementary controls, in addition to a username and password," said Evan Vougdis from NSB Cyber, listing Multi-Factor Authentication (MFA) as one example. For that reason, securing "initial access" is a specialised task in the cyber crime world, performed by "initial access brokers". "They shop around for infostealer logs that contain login passwords for large organisations or high-profile individuals," said Jamie O'Reilly from cyber security firm Dvuln. An initial access broker will search through big data dumps to find the right victim - ideally, a corporate employee working from home. "They'll look for things like VPN connections, screen sharing, software credentials," O'Reilly said. "If they can use a home device to jump into the corporate network, that's going to allow them to walk through the proverbial front door." If successful, the initial access broker can then sell that access to other criminals. "They'll take that [access] to a ransomware gang who can use that to then push ransomware malware throughout this enterprise company." Ransomware attacks have the potential to paralyse a business's operations by locking owners out of their own systems and stealing valuable data to leverage huge payments, which can stretch into the millions. Even when ransoms are paid, sensitive data may still find its way to the dark web, with businesses having no guarantee that the stolen data will be deleted. ANZ, CommBank, NAB, and Westpac each responded separately to the ABC to say they have a number of safeguards in place to prevent the unauthorised use of staff logins. A Westpac spokesperson said the bank couldn't disclose those measures in more detail for security reasons. NAB told the ABC it proactively scans cybercrime forums to stay on top of the problem. "We continuously monitor open and dark web sources for a wide range of potential threats, including compromised credentials," NAB Chief Security Officer Sandro Bucchianeri said. "Colleague and third-party credentials are changed regularly," he said. A statement from CommBank said the bank invested more than $800 million in combating cyber and financial crime last financial year. "We continuously adapt our defences based on real-time threat intelligence and regular testing of our security systems," a spokesperson wrote. - ABC
RNZ News
28-04-2025
- Business
- RNZ News
Banking passwords stolen from Australians are being traded online by cybercriminals
By Ange Lavoipierre , ABC Photo: Unsplash / RNZ More than 31,000 passwords belonging to Australian customers of the Big Four banks are being shared amongst cyber criminals online, often for free, the ABC can reveal. Despite the anti-fraud protections in place at those banks, cybersecurity experts warn victims could "definitely" lose money as a result. An investigation by cyber intelligence researchers has shown credentials belonging to at least 14,000 Commbank customers, 7,000 ANZ customers, 5,000 NAB and 4,000 Westpac customers are available on the messaging platform Telegram and the dark web. It comes in the wake of recent attacks on Australian superannuation funds, where hackers stole from pensioners and used leaked passwords to try to gain access to members' accounts. The Australian firm Dvuln, which made the discovery, said the passwords were stolen directly from users' personal devices, which had been infected with a type of malware known as an "infostealer". "This is not a vulnerability in the banks," Dvuln's founder Jamie O'Reilly said. "These are customer devices that have been infected." Infostealer malware, as the name suggests, is a type of malicious software tailor-made to infect a device, harvest as much valuable data as possible and deliver it directly to criminals. It overwhelmingly targets computers running on Windows and as well as passwords, can capture credit card details, cryptocurrency wallets, local files, and browser data including cookies, user history and autofill details. Dvuln started researching the scale of Australia's infostealer problem after superannuation funds were targeted in early April. "We've seen a tight correlation between the use of infostealer malware and using those passwords to conduct these types of attacks," he said. Experts said exposed passwords created a genuine risk of theft for the account holder. "Threat actors can use the bank account to link to some kind of payment system, to transfer funds, or for money laundering," said Leonid Rozenberg, a specialist in infostealer malware from cybersecurity company Hudson Rock. He also warned that the threat posed by Inforstealers was much broader than just breached banking credentials. "We see that the average [infostealer] victim has between 200 [and] 300 account [details] stored inside the browser," Rozenberg said. "It can be a PayPal account … it can be [an] account that is used [to] transfer money between different countries … it can be, for example, [an] e-commerce account that already has credit card linked." Some of the 31,000 devices captured in Dvuln's audit were infected as far back as 2021, but would still provide valuable data to attackers, according to O'Reilly. "As a day job, I work to hack some of the biggest companies in the world," he said. "We have been able to compromise even some ASX-listed companies, in a controlled scenario, with four- or five-year-old passwords." In light of Australia's growing infostealer problem, there is a notable lack of theft and fraud that's been publicly linked to it. However O'Reilly said many instances could be happening under the radar. "There may be a large number of fraud attacks happening against individuals and businesses… but there's been no public attribution because it's very difficult to trace back to a specific malware infection," he said. "A lot of this crime, on an individual level, goes unreported." The use of infostealers has exploded in recent years. Hudson Rock said there were now more than 58,000 infected devices in Australia and more than 31 million infections globally. The company arrived at the figure by counting all infected devices, rather than just those belonging to banking customers. Recent analysis from cybersecurity firm KELA found that globally, at least 3.9 billion passwords had been stolen using the technique. It's been dubbed "the silent heist" by the Australian Signals Directorate. "Back in 2018 it was only 135,000 infections and today, we're speaking about 31 million," Rozenberg said. That more than 200-fold increase has contributed to a breathtakingly low price tag on stolen passwords. O'Reilly monitors about 100 Telegram groups dedicated to trading data siphoned using infostealers, many of which offer a subscription model. "You can pay $US400 and every month, as this gang continues to steal more passwords and infect more computers… you may get 100,000 to 200,000 new logs from 100,000 to 200,000 infected computers from all around the world, not just Australia," he said. That's $626 in Australian currency at the current exchange rate, which works out to be less than a cent per infected device. For those willing to pay between US$3,000 and US$10,000, some Telegram groups promise "lifetime access". In some cases, data is given away for free. "The criminals have so many passwords and so much data, that they actually give away thousands and thousands of credentials just to entice new criminal customers to come and buy the private information," he said. For now, more than 90 per cent of infostealer infections are on computers with Windows operating systems, O'Reilly said. "There is a growing number of mobile devices being infected with malware, but it's nowhere near as much," he said. That skew is less to do with any Windows security weakness, and more to do with the fact that attackers have chosen to target that system, Rozenberg said. "Still, today, in 2025, most of the people, they're using Windows devices," said Rozenberg. "So [attackers] mostly develop infostealers for Windows," he said. There are steps people can take to protect themselves from infostealers, but a lot of the usual advice isn't enough on its own. For example, changing your password won't do much if you're still using an infected device. "It's the equivalent of changing your locks while the burglars are still in your house," O'Reilly said. The best option, he said, is to change your password from a separate, secure device. Even multi-factor authentication (MFA) isn't a total shield, with malware gangs sometimes selling cookies or access tokens alongside the stolen passwords. "If you do have someone's active access token, a lot of the time you can actually bypass their MFA," he said. It's still important to rotate passwords and use MFA, O'Reilly said, but he has two more key pieces of advice: firstly, stay on top of software and antivirus updates. "Research does show that up to 50 percent of devices infected with infostealer malware have antivirus," he said. "But what a lot of people don't talk about is the fact that either the operating system or the antivirus itself isn't kept up to date." Therefore, the first line of defence is to update both. The second piece of advice: beware the family computer. Infostealer infections are spread in lots of ways, such as phishing, dodgy links, dodgy ads and dodgy downloads; including torrents, pirated software, and gaming mods (a downloadable modification to an existing game, often user-made and unofficial). "One of the most common ways… [is] Minecraft mods or cracked software, which is software that you would typically have to pay license fees for," he said. It's often a baited hook, set by malware gangs, according to O'Reilly. "If you've got banking credentials or highly sensitive information on your computer, keep that separate from the computer your children are using," he said. Ideally, he said, this research would be a wake-up call. "Nothing is 100 percent unhackable, but there are definitely strategies that people can use at home to make it much harder for criminals to get their information in the first place," he said. - ABC
