Plus, Signal’s security gets tested and SOVA emerges scarier than ever.
A string of technical trouble has been plaguing Fitbit – and more specifically, Fitbit users – throughout the summer. On Tuesday this week, Fitbit Charge 5 owners found it impossible to sync their devices to both Android and iOS systems due to a widespread Fitbit outage during a large part of the day. Earlier in the season, Android users complained about a Fitbit app update that seemingly broke the “estimated oxygen variation” graph, which depicts how users’ blood oxygen levels change during sleep.
The update caused users to see false increases in their nightly oxygen variations, which caused mass confusion. Earlier in the year, the company recalled Fitbit Ionic smartwatches after 78 of them burned users. Customers have been complaining throughout the summer that the company is taking far too long to issue refunds for the watches. Read more at The Verge.
Twilio breach exposes Signal users’ phone numbers
According to a support notice by Signal, a phishing attack on Twilio, an SMS services company, exposed the phone numbers of 1,900 Signal users. The company emphasized that no other data was breached. Signal uses Twilio to send SMS verification codes to users registering their Signal app. The successful phishing attack provided momentary access to Twilio’s customer support console, which exposed verification codes that confirmed those 1,900 phone numbers were registered to Signal devices and allowed the attackers to potentially use the codes to activate Signal on different devices. Signal is alerting all affected users and instructing them to re-register their devices. For more, see Ars Technica.
SOVA Android banking trojan got more dangerous
Researchers have discovered an updated version of the SOVA banking trojan that has largely expanded its capabilities. Formerly equipped to target up to 90 apps, the malware can now attack up to 200, including banking apps, crypto exchanges, and crypto wallets. Other updated functionality includes intercepting two-factor authentication codes, stealing cookies, and reaching a wider group of international targets. The new variant conceals itself in fake apps posing as legitimate ones, like Amazon or Chrome. Researchers have dubbed this latest version SOVA v4, but they believe a new version is already in the works, and that it will feature a mobile ransomware component. See The Hacker News for more.
Over 9,000 VNC servers exposed
At least 9,000 exposed virtual network computing (VNC) endpoints have been discovered online, giving potential attackers a doorway to the connected internal networks. The VNC system offers control of a remote computer via remote frame buffer protocol, which helps users connect to systems that require monitoring or adjustments. Researchers were alarmed that the exposed VNC endpoints were not password-protected because so many of them connect to community and business services, such as industrial control systems and water treatment facilities. To learn more, see Bleeping Computer.
Water lotta confusion
In a bizarre case of mistaken identity, the Clop ransomware gang claimed to have attacked and breached UK water company Thames Water, yet the company insists that claim is a hoax. Meanwhile, another UK water company called South Staffordshire Water has reported a cyberattack which has caused disruption to its corporate IT network. Could it be that Clop attacked the wrong target and does not know? Furthering the confusion, Clop said it accessed the company’s SCADA (supervisory control and data acquisition) that controls chemical supplements in the water, yet South Staffordshire Water stated that the attack did not affect the company’s ability to provide safe water to the community. For more on this strange story, see ZDNet.
This week’s must-read on the Avast blog
Today’s scammers rely on an internet connection and social engineering to make their living. To help ensure that you don’t become the victim of an online scammer, here are six common types of internet scams and how to avoid them.