AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – February 12, 2019

Facebook 'youth team' to focus on Messenger Kids app for under-13s

Facebook is restructuring its “youth team” with a greater focus on Messenger Kids, its instant-messaging app for under-13s, reports say. The team, a small group within the company responsible for getting children to use the social network, had previously been working on an experimental new feature called LOL, described by industry news site TechCrunch as a “cringey teen meme hub”. With categories such as animals, fails and memes, the app – which was being tested among a small number of US high schoolers – was an attempt to create a feed of short video content on Facebook, similar to the popular meme accounts that flourish on Instagram. After the restructure, the LOL app will be shut down, and its staff moved over to work on Messenger Kids.


Data Show No Evidence That Teens’ Social Media Use Predicts Depression Over Time

Longitudinal data from adolescents and young adults show no evidence that social media use predicts later depressive symptoms, according to research published in Clinical Psychological Science, a journal of the Association for Psychological Science. However, the findings do show that relatively higher depressive symptoms predicted later social media use among adolescent girls. This research stands in contrast with recent claims that adolescents’ use of social media may lead to depression, claims based primarily on studies that examined associations between average social media use and average well-being measured at a single point in time.


620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts

Some 617 million online account details stolen from 16 hacked websites are on sale from today on the dark web, according to the data trove's seller. For less than $20,000 in Bitcoin, it is claimed, the following pilfered account databases can be purchased from the Dream Market cyber-souk, located in the Tor network: Dubsmash (162 million), MyFitnessPal (151 million), MyHeritage (92 million), ShareThis (41 million), HauteLook (28 million), Animoto (25 million), EyeEm (22 million), 8fit (20 million), Whitepages (18 million), Fotolog (16 million), 500px (15 million), Armor Games (11 million), BookMate (8 million), CoffeeMeetsBagel (6 million), Artsy (1 million), and DataCamp (700,000).


Child abuse imagery found in cryptocurrency blockchain

For the second time in a year, illegal child abuse images have been spotted inside a blockchain. According to a post by web blockchain payments system Money Button, on 30 January its service was abused to place “illegal content” inside the Bitcoin Satoshi Vision (BSV) ledger, a recent cryptocurrency hard fork from Bitcoin Cash [BCH]. Money Button offers no mechanism to view files or links on BSV but whoever posted the content was able to achieve this via BitcoinFiles.org, a service set up to make files and links posted to blockchains viewable. After being told of the content by local authorities, BitcoinFiles.org removed it from its websites and gave Money Button the bad news that its service had been used as a conduit. Said Money Button:  We have confirmed that was the case and we have banned the user responsible for creating those transactions.


Users report data breach in OkCupid dating service

Dating apps may not store the most personal data, as is the case with banks or hospitals, but they guard details too intimate, which puts them in the sights of malicious hackers. Either by using backdoors or using brute force or leaked passwords, services like Ashley Madison or AdultFriendFinder are some of the most popular victims of this kind of incidents. According to network security specialists, OkCupid service has become the most recent victim. In recent days, one of the service users claimed that his account was hacked. The user, who has decided to remain anonymous, reported that the hacker entered his account and changed his password, so the user was expelled from his own account. As if it were not enough, the user mentions that the attackers changed his email address, so it was impossible to reset his password.

Related Posts