Latest news with #data theft
Forbes
30-07-2025
- Forbes
If You See These 2 Words On Your Phone, It May Be Hackers
There's a new hack targeting smartphones, and you need to beware in case you accidentally install one of these apps on your device. Fortunately, there's a telltale warning on screen. And if you know what to look for, you can keep yourself safe. The security team at Zimperium says it has been 'actively tracking this sophisticated banker trojan strain' for several months, watching as it has 'rapidly evolved in both its distribution methods and capabilities.' Once installed, it will steal your credentials, log your keystrokes and record your screen. It will can also install additional malware. The only way this malware can cause such havoc, Zimperium warns, is to 'heavily abuse' Android's Accessibility Services. These are restricted because they enable an app to control many of your phone's most sensitive features and functions. That's why you will see a specific warning when any of these permissions are requested. The popup you will see will ask whether you want to grant the specific app you have installed 'full control' of your phone. Unless this app is tailored to cater for very specific usability needs and you are well aware of that before it's installed, you must deny the permission request or better still fully uninstall the app. If you allow that level of access, the malware will 'begin executing its malicious actions in the background, including data theft and unauthorized control of the device.' Zimperium has watched the malware adapt and evolve as it has gained traction in the wild. 'The new functionalities include: displaying malicious UI overlays to steal PIN codes or unlock patterns, comprehensive screen recording capabilities, the ability to block the opening of specific applications, and advanced keylogging functionality.' Almost all of which require access to sensitive functions on your phone that no normal app will ever need or ask for. The good news is that this gives you something specific to look for, rather than relying on more subtle signs of an attack. Overlay malware presents a fake screen to you while hiding a real app's UI in the background. For example, it will overlay your banking app's login screen and maybe even its 2FA prompt. It can then capture whatever you enter into your phone. 'Captured credentials are secretly saved in the app's cache directory,' the researchers say, 'before being exfiltrated to the attacker's Command and Control (C2) server. The malware leverages Android's Accessibility Services to detect when a user opens a specific application, subsequently overlaying a fake UI tailored for that app.' Google has added more protections around Accessibility Services and developers are warned of the consequences of any abuse. But they remain a core tool in a malware developer's arsenal. You really do need to deny them by default. Every time.
Daily Mail
27-06-2025
- Business
- Daily Mail
British 'cyber-security student' faces decades in US prison if convicted for 'hacking dozens of firms in £18m international crime spree'
A British cyber-security student has been charged in the US over allegedly leading a hacking scheme that caused more than £18 million of damage around the world. Kai West, who prosecutors say went by the names Kyle Northern and IntelBroker, was arrested in France in February. He allegedly used his 'IntelBroker' identity to steal from large companies and sell data online. The US is now seeking his extradition on charges of conspiracy to commit computer intrusion and wire fraud, accessing a protected computer to obtain information and wire fraud. He faces sentences of up to 20 years if found guilty. FBI assistant director in charge Christopher G Raia said the charges followed a 'years-long' scheme to steal data and sell it for 'millions in illicit funds'. He said the scheme had caused victims losses of at least £18.2 million worldwide. West is alleged to have stolen and sold the data whilst studying cyber security at a UK University. The indictment alleges West and his co-conspirators had sought to collect around £1.4 million by selling stolen data. Among more than 40 victims listed in the indictment were a telecommunications company, a municipal healthcare provider and an internet service provider. US Attorney Jay Clayton thanked British, French, Spanish and Dutch authorities for their assistance in the investigation. West allegedly hacked into computer systems to gain access to customer lists and marketing data, which he then stole for profit, according to the indictment. He is alleged to have stolen data from at least six major victims, including a U.S. federal agency, a municipal government healthcare provider, a US-based telecommunications provider and a large internet service provider. While none of the victims were identified, IntelBroker claimed data breaches at a number of technology companies in recent years, including Advanced Micro Devices Inc, Cisco Systems Inc and Hewlett Packard Enterprise Co, Bloomberg reported. In June last year, AMD was investigating claims that company information has been stolen in a hack. It came after IntelBroker reportedly said he breached its systems on a site called 'BreachForums', where hackers sell stolen data from companies around the world. The hacker forum was launched in 2022 and shut down in 2023, when a man named Conor Brian Fitzpatrick was arrested for running the site. Fitzpatrick was later sentenced to 20 years supervised release in January 2024, although he is set to be resentenced next month after an appeals court ruled that his punishment was too lenient. Four people suspected of being administrators of the forum were arrested last week in Paris. West allegedly offered data for sale about 41 times between 2023 and 2025, prosecutors have said. He allegedly also offered to distribute stolen information for free around 117 times, according to the indictment. Investigators discovered West's identity after an undercover FBI agent purchased stolen data from 'IntelBroker' and followed the Bitcoin payment to an account linked to West. An account used by West for cryptocurrency was also registered to an email which also received messages from the UK university where West was studying. Neighbours of Kai West today spoke of their shock at his arrest as they described him as a 'harmless', 'friendly' and 'helpful' young man. One said that he used to help him when his computer broke down, while the landlord of the local pub said he apologised for a drunk friend's behaviour after being kicked out of the establishment. West's parents' house is £355,000 thatched cottage in Andover, Hampshire. While no-one at the house today was prepared to speak, others who knew him spoke in glowing terms. Neighbour Tom Bartman, 43, said that the family seemed happy and normal. The car electrician who's lived in Andover since 2016 said: 'It's a shame what's happened, actually, he's a clever chap. 'I expect he was [interested] about something. 'I can't say a bad word about him, parents as well. He's a great chap, quite friendly and helpful.' On whether he thought there were any signs West could turn out to be a criminal mastermind, he said 'No, no, no, no, no'. He said: 'I know he was good at computers, sometimes he was helping us with some stuff. 'I know he was quite clever actually - he's a clever chap.' He said that West helped him when his computer broke down a few years ago. 'I had a problem when something packed up, I'm an electrician, I'm good with diagnostic but when something broke down he was able to repair it,' Mr Bartman said. The landlord of the nearby Hare and Hounds pub, who did not want to share his name, said he took over this role almost five months ago and West had been in on a few occasions. Speaking of the alleged hacker's intelligence, he said: 'I can't imagine him doing well in interviews, but he had the skills. 'It's a shame actually, a real shame, I'm sure he won't have done anything malicious.' He said: 'He didn't seem normal, but he seemed harmless. 'I had a friend here who's got a Romanian girlfriend and [West] was pretending he could speak Romanian. 'I haven't seen him in a long time, I've got a feeling his parents didn't like him drinking, it didn't affect him very well. 'I was just told that his parents only let him have one or two drinks. 'The last manager knew of that.' The landlord said that there was an incident soon after he started the job - West had three or four drinks, and someone told him that he's not allowed to drink that much. West hadn't caused any problems, but this made the landlord think that he 'had a sheltered childhood'. He continued: 'He did seem like a nice lad. 'His friend got too drunk and they both got told to leave and he came back very polite and apologetic.' A LinkedIn account in the name of West's alleged alias 'Kyle Northern' claimed to have worked at the National Crime Agency for two months in 2019. It claimed he studied at Winchester University in 2020, after studying at Basingstoke College of Technology in 2019. The account also listed 'ethical hacking' as one of the person's skills. The NCA told The Times that 'this individual has never been affiliated to, or employed by, the National CrimeAgency'. A Facebook account with the same alias claimed to have been connected to the HackerOne cybersecurity company.
Yahoo
27-06-2025
- Yahoo
British man charged by US with leading hacking scheme and causing millions in damages
A British man has been charged in the US with allegedly leading a global hacking scheme which caused millions of pounds in damages. Kai West, 25. who operated under the online identity IntelBroker was arrested in France in February. The US is seeking his extradition over allegations he stole and sold data. He faces up to 20 years in jail if found guilty. "West, and his online co-conspirators, took that stolen data, and offered it for sale online for more than $2 million," according to an indictment by the US Attorney's Office for the Southern District of New York. West faces charges of conspiracy to commit computer intrusion and wire fraud, accessing a protected computer to obtain information and wire fraud, according to the indictment. Read more from Sky News: According to FBI assistant director in charge, Christopher G Raia, the "years-long" scheme had caused victims losses of at least 25 million dollars (£18.2m) worldwide. A telecommunications company, a municipal healthcare provider and an internet service provider were among more than 40 victims listed in the indictment. "The IntelBroker alias has caused millions in damages to victims around the world," "This action reflects the FBI's commitment to pursuing cybercriminals around the world. "New Yorkers are all too often the victims of intentional cyber schemes and our office is committed to bringing these remote actors to justice." Mr Clayton thanked British, French, Spanish and Dutch authorities for their assistance in the investigation.
Sky News
27-06-2025
- Sky News
British man charged by US with leading hacking scheme and causing millions in damages
A British man has been charged in the US with allegedly leading a global hacking scheme which caused millions of pounds in damages. Kai West, 25. who operated under the online identity IntelBroker was arrested in France in February. The US is seeking his extradition over allegations he stole and sold data. He faces up to 20 years in jail if found guilty. "West, and his online co-conspirators, took that stolen data, and offered it for sale online for more than $2 million," according to an indictment by the US Attorney's Office for the Southern District of New York. West faces charges of conspiracy to commit computer intrusion and wire fraud, accessing a protected computer to obtain information and wire fraud, according to the indictment. According to FBI assistant director in charge, Christopher G Raia, the "years-long" scheme had caused victims losses of at least 25 million dollars (£18.2m) worldwide. A telecommunications company, a municipal healthcare provider and an internet service provider were among more than 40 victims listed in the indictment. "The IntelBroker alias has caused millions in damages to victims around the world," said US attorney Jay Clayton. "This action reflects the FBI's commitment to pursuing cybercriminals around the world. "New Yorkers are all too often the victims of intentional cyber schemes and our office is committed to bringing these remote actors to justice." Mr Clayton thanked British, French, Spanish and Dutch authorities for their assistance in the investigation.
Bloomberg
25-06-2025
- Bloomberg
British Man Charged by US in ‘IntelBroker' Company Data Hacks
A 25-year-old British man known as 'IntelBroker' was accused by US authorities of conspiring with a group of hackers to steal data from dozens of companies and offer it for sale online, causing more than $25 million in damages to victims around the world. Federal prosecutors in New York on Wednesday announced an indictment had been unsealed charging Kai West, 25, with four counts including conspiracy to commit computer intrusions. West was arrested in February in France, where he remains in custody, prosecutors said in a statement. The US is seeking his extradition.
