2024, Articles, Digital Security, News, Phishing

Google OAuth2 security flaw: How to Protect Yourself from Hackers

Posted on January 8, 2024January 10, 2024 by FMTAD

08
Jan

Hackers exploit OAuth2 flaw to bypass 2FA on Google accounts

Hackers exploit the Google OAuth2 security flaw to bypass 2FA and access your online services with persistent cookies. They exploit an undocumented OAuth2 endpoint to generate these cookies. PassCypher protects you by verifying the URL of connection to Google, alerting you of password corruption, and blocking redirection iframes attacks.

Shadowy hacker with a laptop in front of a digital map of Russia highlighted in red, symbolizing the origin of Kapeka Malware.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

A modern cybersecurity control center with a diverse team monitoring national cyber threats during the Andorra National Cyberattack Simulation.

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

Illustration of an Apple MacBook with a highlighted M-series chip vulnerability, surrounded by symbols of data security breach and a global impact background.

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

Digital world map with cybersecurity icons representing the Cybersecurity Breach at IMF.

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

Digital world map showing cyberattack paths with Midnight Blizzard, Microsoft, HPE logos, email symbols, and password spray illustrations.

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

PrintListener technology concept with NFC security solutions.

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

A visual representation of BitLocker Security featuring a central lock icon surrounded by elements representing Microsoft, TPM, and Windows security settings.

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

Digital shield by Freemindtronic repelling cyberattack against Microsoft Exchange

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

Google OAuth2 security flaw articles for in-depth analyses of threats and solutions. Stay updated by clicking on our scrolling topics.

Google OAuth2 security flaw written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

Google OAuth2 security flaw: Strategies Against Persistent Cookie Threats in Online Services

Google OAuth2 security flaw poses a serious threat that affects millions of users worldwide. However, hackers can exploit an undocumented OAuth2 endpoint to generate persistent cookies that allow them to access your online services, such as Gmail, Google Drive, YouTube, etc., without needing your password or 2FA code. Hackers can compromise your privacy, data, and identity using this flaw. How can you protect yourself from this attack? In this article, we will explain how this flaw works, how it has impacted many countries and organizations, and how you can use PassCypher, an innovative solution that verifies the URL of connection to Google, alerts you of password corruption, and blocks redirection iframes attacks.

Google OAuth2 Protocol: Ensuring Account Security and Comparing Different Methods

OAuth2 is an authorization protocol that facilitates user access to services like YouTube, Gmail, and Google Drive, allowing login with a Google account while avoiding password sharing. Specifically designed for ease and adaptability, this protocol comprehensively supports various applications, ranging from web and desktop platforms to mobile and living room devices. Consequently, when users engage with OAuth2, they authorize Google to share selective information, such as names and email addresses, with the connected service. Following this, Google issues an authentication token, effectively confirming the user’s identity to these services.

However, this protocol also has a security flaw, which was revealed by a hacker in October 2023. This flaw, known as the Google OAuth2 security flaw, allows hackers to create persistent cookies for Google accounts, which give them continuous access to Google services, even after the user resets their password. They exploit an undocumented Google Oauth endpoint named “MultiLogin”.

To protect themselves from this flaw, users can choose between different security methods, which require them to provide two pieces of evidence to log in to their account: their password and another factor. However, these methods have differences, advantages and disadvantages.

Google OAuth2 Multilogin Endpoint two-step verification (2SV)

This method uses the “MultiLogin” endpoint, which allows the user to log in to multiple Google services with a single authentication token. When the user logs in to their Google account, they receive a notification on their phone or computer, which they have to approve to validate their identity. This method is simple and fast, but it has a security risk. Indeed, it is vulnerable to the Google OAuth2 security flaw, which can compromise the user’s account.

One-time password two-factor authentication (2FA)

This method uses a one-time password based on time (TOTP) or on a counter (HOTP). This password is generated by an app or a physical device, which uses an algorithm and a secret shared with the Google account. When the user logs in to their Google account, they have to enter the one-time password displayed by the app or the device, in addition to their usual password. This method is more secure, because it does not depend on the Google Oauth endpoint. It resists phishing, replay or interception attacks. However, it requires access to the app or device, such as PassCypher NFC HSM1, that generates the one-time password. This can be inconvenient or impossible if you lose, damage or forget the app or device. Unless, of course, the app or device, like PassCypher, has an externalized OTP secret key backup system.

In conclusion, 2SV Google OAuth2 Multilogin Endpoint and 2FA one-time password are two security methods that offer different levels of protection. 2SV is simpler and faster, but it is vulnerable to the Google OAuth2 security flaw. 2FA is more secure, but it is more complex and dependent on an external factor. It is up to each user to choose the method that suits them best, depending on their needs and preferences.

Unveiling the Perils of PRISMA: A Deep Dive into Google OAuth2 Security Flaws

Google OAuth2 Security Flaw: A Critical Threat Exploiting Persistent Cookies

In October 2023, a critical Google OAuth2 security flaw was discovered in the Google OAuth2 protocol. This flaw, dubbed PRISMA, was a serious threat to the security of Google accounts. It allowed hackers to steal a wealth of sensitive data, including personal, financial, and professional information, as well as passwords and cookies.

Malware groups used the exploit widely. who integrated it into their infostealing tools. These tools were used to target millions of users worldwide, including government institutions, media organizations, NGOs, and businesses.

How the PRISMA Exploit Works: Exploiting an Undocumented Endpoint

Hackers took advantage of the PRISMA exploit, using an undocumented Google OAuth2 endpoint. This endpoint is typically used for legitimate purposes, such as providing limited access to Google accounts. However, the PRISMA exploit cleverly repurposed this endpoint to generate persistent cookies that remained valid even after a user changed their password or IP address.

To further understand how the PRISMA exploit worked, a security researcher from CloudSEK, Pavan Karthick M, analyzed it in depth in a report dated December 29, 2023. His findings revealed that the exploit worked by first obtaining the user’s Google account ID and refresh token. These credentials could be obtained through phishing attacks, malware infections, or other means.

Once the user’s credentials were obtained, the exploit used the undocumented endpoint to generate persistent cookies. Hackers then used these cookies to access the user’s Google account without needing 2FA.

The Impact of the PRISMA Exploit: Stealing Sensitive Data from Millions

The PRISMA exploit impacted a wide range of users. It was used to steal sensitive data from millions of users worldwide.

Government institutions, media organizations, NGOs, and businesses were all targeted by the exploit. Hackers stole sensitive data, such as personal information, financial records, and intellectual property, from these organizations.

The PRISMA exploit highlighted the ever-evolving nature of cyber threats. It showed that even the most secure protocols can be vulnerable to exploitation by determined hackers.

Securing Your Google Account from the PRISMA Exploit

The PRISMA exploit is a critical threat to Google account security. This exploit allows hackers to generate persistent Google cookies through token manipulation, enabling them to access Google services even after a user’s password is reset.

How to Protect Yourself from the PRISMA Exploit

Here are some key steps you can take to protect your Google account from the PRISMA exploit:

Enable two-factor authentication (2FA): 2FA is the most effective way to protect your Google account. It requires you to enter a code from your phone or other device, such as a hardware password manager, in addition to your password when you sign in.
Use a strong and unique password: Never reuse the same password for multiple accounts. If one account is compromised, all of your accounts are at risk. Choose a password that is long, complex, and difficult to guess. You can use a password generator or password manager to help you generate strong passwords.
Be cautious about clicking on links: Hackers often send phishing emails that contain links that will take you to malicious websites disguised as legitimate Google pages. Never click on links in emails or on websites unless you are sure they are from a trusted source.
Use a hardware password manager: PassCypher is an advanced hardware password manager that can help you protect your Google account from the PRISMA exploit. It is a versatile tool that can be used to manage your passwords on any storage device, including hard drives, SSDs, SD cards, USB drives, cloud storage, NAS devices, NFC devices, and mobile devices.

How the flaw works

Firstly, the flaw exploits an undocumented endpoint called the “multilogin” endpoint. Specifically, Google uses this endpoint to enable users to sign in to multiple Google accounts simultaneously. To exploit this flaw, attackers actively use the multilogin endpoint. They do this by generating persistent cookies for a victim’s Google account. Remarkably, the process involves using the victim’s email address and session ID.

Subsequently, the malware stores these cookies on the victim’s computer. Consequently, this action allows the attacker to access the victim’s Google account. Importantly, this access occurs without the need for the victim’s password. Moreover, this approach highlights a significant vulnerability in the account security process.

In essence, the attackers’ method of using the multiple sign-in endpoint is alarmingly effective. Notably, the generation and storage of cookies using the victim’s email and session ID underscore the flaw’s criticality. Ultimately, these actions enable attackers to bypass traditional security measures, accessing accounts undetected.

Below is the diagram which illustrates the technical method used to exploit the flaw.

The PRISMA exploit is a reminder that cyber threats are constantly evolving. By staying informed about the latest threats and taking proactive steps to protect your accounts, you can help to keep your data safe.

Analysis of the OAuth2 Flaw Affecting Google Account Security: A Statistical Outlook

The Growing Menace: Malware Exploiting Google Account Security Vulnerability

Significantly, Bitdefender’s study reveals a concerning trend. Between January and April 2023, they detected over 500,000 attempts to exploit the OAuth2 flaw, with a staggering 86% targeting Google Cloud accounts. Hackers have been using these accounts for resource-intensive activities, notably cryptocurrency mining, resulting in considerable costs for victims. This underscores the criticality of the Google account vulnerability, affecting millions worldwide.

The Extent of the Google Account Security Flaw Caused by OAuth2

The OAuth2 flaw exploited by malware has a wide impact. It affects not only individual users, but also major web platforms that use OAuth2 and OpenID for user authentication. Technology giants like Facebook, Google, LinkedIn, and Microsoft are notably impacted. Moreover, various infostealing tools have exploited this vulnerability to siphon off users’ personal, financial, and professional information. These tools include Lumma, Rhadamanthys, Stealc, Meduza, RisePro, and WhiteSnake, as well as Zloader, TrickBot, and Emotet.

Studying the Risks Posed by the Security Flaw

Furthermore, CloudSEK’s study emphasizes the widespread nature of this risk. Alarmingly, over 91% of European Cloud services, which frequently use OAuth2 for Google account connections, are at risk. Notably, a widely-used design application was found to be vulnerable to such attacks.

Disturbingly, Google’s data reveals that by 2024, only around 15% of Google account users had activated two-step verification. Consequently, this leaves a substantial 85% more exposed to the OAuth2 flaw and other security threats. Kaspersky’s survey indicates that 60% of users reuse passwords across multiple online accounts, exacerbating the risks of identity theft and account compromise. Moreover, RiskIQ’s analysis detected over 25,000 malicious applications on the Google Play Store in 2023, many of which contain infostealing tools exploiting the OAuth2 flaw.

Mitigating the Impact: Proactive Strategies Against OAuth2 Security Flaws in Google Accounts

In response to these risks, enabling two-step verification on Google accounts is crucial. Additionally, using reliable password managers is essential for enhanced security. It’s important to regularly monitor account activities, identifying and addressing suspicious behavior swiftly.

Exercising caution with untrusted links or attachments is vital. By taking this step, users can help avoid phishing attempts and other deceptive practices. Moreover, innovative solutions like PassCypher significantly enhance security. PassCypher verifies Google connection URLs and alerts users to password corruption. It effectively blocks iframe redirection attacks, adding an extra defense layer against sophisticated cyber threats.

By adopting these measures, users can significantly reduce vulnerability to the OAuth2 flaw. Staying vigilant and informed about security risks and solutions is key. This approach is essential for maintaining digital identities and assets’ integrity and safety in a connected world.

Recent Victims of Google’s OAuth2 Security Breach: A Global Overview

Malware has affected several countries and organizations, which have seen their Google accounts compromised and their data stolen. Among the victims, we can mention:

Greece, Moldova and Tunisia, which were targeted by a first hacking campaign in October 2023. Hackers used the exploit to access government institutions, media, NGOs, and businesses in these countries. Hackers stole sensitive information, such as official documents, diplomatic correspondence, financial data, etc.
Vietnam, which was targeted by a second hacking campaign in November 2023. The hackers used the exploit to access the Google accounts of ministries, press agencies, universities and businesses in this country, and stole strategic data, such as development plans, research reports, trade contracts, etc.
Pakistan, which was victim of a third hacking campaign in December 2023. The hackers used the exploit to access the Google accounts of authorities, media, NGOs and businesses in this country, and stole confidential data, such as military documents, secure communications, personal data, etc.
Several European countries, including France, Germany, Italy, Spain and the United Kingdom, which were targeted by a fourth hacking campaign in January 2024. The hackers used the exploit to access the Google accounts of European institutions, political parties, media, NGOs and businesses in these countries, and stole critical data, such as bills, investigation reports, electoral data, etc.

Voices of the targeted: Testimonies from Google’s OAuth2 Flaw Victims

The vulnerability severely damaged the victims, exposing their data, blocking their accounts, disrupting their services, and even ruining their finances. Here are some real testimonies of victims, collected by the website 20 Minutes and the website Aleteia:

Julien, 35, computer engineer, received an email that seemed to come from Google. It asked him to confirm his identity to access a service. He clicked on the link and entered his password. A few minutes later, he received another email from Google. It told him that his account had been hacked and that he had to change his password. But it was too late, he no longer had access to his account. The hackers used his account to send spam to his contacts, to access his photos, his documents, his bank accounts, etc. They even tried to blackmail him by threatening to publish his personal data on the Internet. He filed a complaint, but he did not get a response. He feels helpless and violated.
Léa, 28, school teacher, uses her Google account to log in to several online services, such as YouTube, Gmail, Google Drive, etc. Malware blocked her account, preventing her access to any of these services. She contacted Google support, who told her that her account had been compromised by malware and that she had to recover it by following a procedure. But Hackers changed her account’s security settings, causing the recovery procedure to fail. She lost all her files, her emails, her videos, etc. She had to create a new account and start over. It’s very frustrating and stressful for her.
Omar, 42, human rights activist, works for an NGO that defends human rights in the world. He uses his Google account to communicate with his colleagues, his partners, his sources, etc. One morning, he discovered that Hackers hacked his account and stole his data. Hackers sent defamatory messages, accessed confidential information, and compromised the security of his contacts using his account. They even tried to make him look like a spy. He was threatened, harassed, intimidated. He had to change his phone number, email address, pseudonym, etc. He fears for his life and for that of his loved ones.

How to protect yourself from the Google OAuth2 security flaw?

Google OAuth2 security flaw exposes users to this threat. It allows hackers to bypass 2FA and access online services with persistent cookies. They exploit an undocumented OAuth2 endpoint to generate these cookies. To protect yourself, use PassCypher. PassCypher is a hardware password manager that uses NFC technology to securely store and manage passwords. It can also detect and block phishing attacks and iframe redirection attacks. It is an innovative solution that verifies the URL of connection to Google, alerts you of password corruption, and blocks redirection iframes attacks.

Securing Your Google Account: Proactive Measures Against OAuth2 Exploits

Google tried to strengthen its fraud detection measures to counter the exploit, but the hackers adapted their method to bypass them. Therefore, there is no simple solution to protect yourself from the vulnerability. But you can adopt some good practices to secure your Google account:

Use a strong and unique password

Do not reuse the same password for multiple accounts. If one of them is compromised, the others will be too. Choose a long, complex and hard to guess password. You can use a password generator or a password manager to help you.

Enable two-step verification

It is an additional layer of security that asks for a code or a confirmation on your phone when you log in to your Google account. Thus, even if someone knows your password, they will not be able to access your account without your device. You can enable two-step verification in the settings of your Google account.

Check recent activities and connected devices

Google allows you to check the history of connections to your account, as well as the devices that have accessed it. If you notice any suspicious activity or unknown device, you can report it and remove it from your account. You can check recent activities and connected devices in the settings of your Google account.

Be careful of fraudulent emails and websites

Hackers may try to trick you by sending you emails or links that seem to come from Google, but are actually phishing attempts. Phishing is a technique that makes you believe that you need to provide your credentials or personal information to access a service or an offer. Do not click on dubious links or attachments, and always check the website address before entering your data. You can report fraudulent emails and websites to Google.

Log in regularly to your Google account

Starting from December 2023, Google will delete inactive accounts for more than two years. This measure aims to increase security and reduce the risks of compromise of abandoned accounts. To avoid losing your data, remember to log in to your Google account at least once every two years.

By following these tips, you can increase the security of your Google account and protect it from hackers. Do not forget to change your password regularly and keep your phone updated. For more information, visit Google’s security website.

PassCypher: A Leading-Edge Solution for Protecting Against Google OAuth2 Vulnerabilities

A leading-edge solution

The Google OAuth2 vulnerability is a critical security threat to Google accounts. Attackers can use this vulnerability to generate persistent cookies and access your Google account, even after you change your password or IP address.

PassCypher is a hardware password manager that can help protect your Google account from the Google OAuth2 vulnerability. PassCypher seamlessly integrates EviPass, EviOTP, EviCore NFC HSM, EviCore NFC HSM Browser Extension, and EviCore HSM OpenPGP technologies, as well as the NFC HSM devices from Freemindtronic. These technologies form the foundation of PassCypher’s comprehensive security features.

PassCypher uses post-quantum AES-256 robust encryption with segmented keys, which makes it impossible for attackers to decrypt your passwords, even with a quantum computer.

Advanced security features

In addition to its post-quantum encryption, PassCypher also offers a number of other advanced security features that can help protect your Google account.

Protection against iframe redirection: PassCypher blocks iframe redirection, preventing attackers from redirecting you to malicious websites without your knowledge.
Sandbox protection: PassCypher uses a sandbox protection mechanism to isolate each encrypted secret, preventing attackers from accessing or modifying your passwords or the original login URL.
Protection against SQL injection attacks: PassCypher does not store your passwords on a server or database. Instead, each password is encrypted individually and stored freely on one or more local or online or offline storage devices at the user’s choice, in lan and/or wan. This physically prevents attackers from accessing your encrypted passwords via SQL injection attacks.
Password corruption detection: PassCypher alerts you if it detects that a password has been corrupted, ensuring that your sensitive information remains secure.
State-of-the-art password generation: PassCypher uses a variety of algorithms to generate truly random and strong passwords greater than 256 bits, making them impossible to guess even to post-quantum attacks.

A versatile solution

PassCypher is a versatile tool that can be used to manage your passwords on any storage device, including:

Hard drives
SSDs
SD cards
USB drives
Cloud storage
NAS devices
NFC devices
Mobile devices

How to use PassCypher

To use PassCypher, you can install the free PassCypher HSM PGP extension for your Chromium or Firefox web browser. Once the extension is installed, you can easily access the following features:

Protection against iframe redirection
Password corruption detection
State-of-the-art password generation
Segmented key AES-256 OpenPGP encrypted password manager

To log in to your Google account using PassCypher, simply click on the PassCypher icon that appears in the Google login field. Once you click on the icon, PassCypher will automatically fill in your login credentials and submit them for you.

PassCypher HSM PGP is a free extension that provides basic password management features. PassCypher Engine, a paid add-on, adds additional features, such as automatic login in one second, password change in five seconds, fully automated secret usage management on multiple devices, and instant, fully automated encryption and decryption.

An effective solution

By using PassCypher, you can significantly improve the protection of your Google account against the Google OAuth2 vulnerability. PassCypher’s robust security features and ease of use make it a valuable tool for protecting your digital assets.

Conclusion: Safeguarding Against Google’s OAuth2 Security Flaws

We have seen how a clever hack allows cybercriminals to access Google accounts without passwords. We have also seen how this hack has affected many countries and organizations, and how he victims have testified about their distress. Finally, we have seen how to protect ourselves from this threat by adopting good security practices, and by using PassCypher, an innovative solution that verifies the URL of connection to Google, alerts in case of password corruption, and protects from redirection iframes attacks. The exploit reveals the complexity and stealthiness of modern cyber threats. The need for continuous monitoring of technical vulnerabilities and human intelligence sources to stay ahead of emerging threats.

2023, Articles, DataShielder, Digital Security, EviCore NFC HSM Technology, EviCypher NFC HSM, EviCypher Technology, NFC HSM technology

FormBook Malware: How to Protect Your Gmail and Other Data

Posted on November 23, 2023November 24, 2023 by FMTAD

23
Nov

Protect your Gmail Account FormBook malware – Jacques Gascuel: This article will be updated with any new information on the topic.

Secure Your Gmail from FormBook Attacks

FormBook is a malware that can steal your Gmail credentials, messages, and attachments. Learn how to use the Freemindtronic devices to encrypt your Gmail data and use passwordless and 2FA.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

How to Protect Your Gmail Account from FormBook Malware

Introduction

Imagine that you receive an email from your bank, asking you to confirm your identity by clicking on a link. You open the link, and you find yourself on a page that looks like your bank’s website, but it is actually a fake. You enter your credentials, and you think you are done. But in reality, you have just given access to your bank account to hackers, who will use it to steal your money, or worse. This is what FormBook can do, a malware that can steal your sensitive data, and that Google cannot stop. In this article, we will explain what FormBook is, how it works, and how to protect yourself from this malware.

What is FormBook and why is it a threat?

FormBook is a malware that can record your keystrokes, take screenshots, and steal your passwords, cookies, and clipboard data. It can also download and execute other malicious files on your device.

FormBook is distributed through phishing emails that contain malicious attachments. These attachments are usually disguised as invoices, receipts, or shipping confirmations. When you open them, they ask you to enable macros or content. If you do, the malware will be installed on your device.

FormBook can target any web browser, but it has a special feature for Chrome. It can inject a fake Gmail login page into your browser, and trick you into entering your credentials. The malware will then send your Gmail username and password to a remote server controlled by the hackers.

FormBook is a threat because it can compromise your Gmail account and access your personal and professional information. It can also use your Gmail account to send spam or phishing emails to your contacts, or to access other online services that are linked to your Gmail account, such as Google Drive, Google Photos, or Google Pay.

How to protect yourself from FormBook?

Google has not yet found a way to detect and block FormBook. Therefore, you need to be extra careful when you use Gmail and other online services. Here are some tips to protect yourself from FormBook and other malware:

Do not open or download attachments from unknown or suspicious senders. If you are not sure about the legitimacy of an email, contact the sender directly or check the official website of the company or organization.
Do not enable macros or content in any document unless you trust the source. Macros are small programs that can run malicious code on your device.
Use a strong and unique password for your Gmail account and other online accounts. Do not reuse the same password for different services. Change your password regularly and use a password manager to store and generate your passwords.
Enable two-factor authentication (2FA) for your Gmail account and other online accounts. 2FA adds an extra layer of security by requiring a code or a device confirmation in addition to your password.
Use a reputable antivirus software and keep it updated. Antivirus software can scan your device for malware and remove it. You can also use a browser extension that can block malicious websites and pop-ups.

How to encrypt your Gmail messages and attachments with DataShielder NFC HSM

DataShielder NFC HSM is a device that allows you to encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021.

With DataShielder NFC HSM, you can encrypt and decrypt your data with AES-256 keys that are randomly generated and stored in the NFC HSM. You can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM. You can also use different keys for the message and the attachment.

To encrypt your Gmail message and attachment, you need to use the EviCrypt and EviFile applications that are embedded in the DataShielder NFC HSM. These applications allow you to encrypt and decrypt your data with a simple tap of your NFC phone on the DataShielder NFC HSM. You can also share your encrypted data with other users who have the same device and the same key.

By using DataShielder NFC HSM, you can protect your Gmail messages and attachments from FormBook or any other malware that can access your Gmail account. Even if your Gmail account is hacked, your encrypted data will remain encrypted and unreadable by the hackers. Only you and the authorized recipients can decrypt your data with the DataShielder NFC HSM.

How to protect your web Gmail account with passwordless and 2FA using PassCypher NFC HSM

Do you want to manage your web accounts with complicated and complex passwords that you do not need to know, remember, or type? If yes, then you should try PassCypher NFC HSM. This device uses the EviPass NFC HSM technology, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021.

With PassCypher NFC HSM, you can create and store your usernames and passwords of more than 256-bit in the NFC HSM. Moreover, you can store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

To use PassCypher NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass and EviOTP applications that are embedded in the PassCypher NFC HSM. These applications allow you to create, edit, and delete your web accounts and OTP secret keys with a simple tap of your NFC phone on the PassCypher NFC HSM.

By using PassCypher NFC HSM, you can secure your web accounts with passwordless and 2FA. You do not need to display, know, or type your username and password. You just need to tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your web account. You also do not need to check for a typosquatting attack, since the extension will verify the URL of the website before logging in. And you do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

How to protect your Gmail account from FormBook with PassCypher NFC HSM

FormBook is a dangerous malware that can access your Gmail account and other sensitive data. Google has not yet found a solution to stop it. Therefore, you need to be vigilant and follow the best practices to protect yourself from cyberattacks. One of them is to use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA.

By using PassCypher NFC HSM, you can protect your Gmail account from FormBook or any other malware that can access your web browser. Even if your web browser is hacked, your usernames and passwords will remain encrypted and inaccessible by the hackers. Only you can decrypt your Gmail account with the PassCypher NFC HSM. And even if the hackers manage to steal your session cookies, they will not be able to log in to your Gmail account without the 2FA code that is generated by the PassCypher NFC HSM.

To use PassCypher NFC HSM with your Gmail account, you need to follow these steps:

Create a Gmail account in the EviPass application on the PassCypher NFC HSM. You can use the default username and password, or you can generate a random and complex password with the EviPass application.
Enable 2FA for your Gmail account on the Google website.
Choose the option to use an authenticator app, and scan the QR code with the EviOTP application on the PassCypher NFC HSM. This will store your OTP secret key in the NFC HSM.
Log in to your Gmail account with the Freemindtronic extension on your web browser. Tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your Gmail account. You will also see a pop-up window with the 2FA code that you need to enter on the Google website.

By following these steps, you can use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA. You can also use PassCypher NFC HSM with other web accounts that support 2FA, such as Facebook, Twitter, or Amazon. This way, you can protect yourself from FormBook and other malware that can access your web browser.

Recent statistics on FormBook

FormBook is a malware that was first discovered in 2016, but it remains very active and dangerous. According to the Check Point report on cybersecurity in 2022, FormBook was the third most widespread malware in 2021, attacking 5% of enterprise networks. It was also the most prolific infostealer malware, accounting for 16% of attacks worldwide.

FormBook spreads mainly through phishing emails that contain malicious attachments. These attachments are often RAR self-extracting archives, which are compressed files that can run malicious code when opened. The RAR files contain a legitimate document, such as a PDF or a Word file, and a hidden executable file, which is the FormBook malware. When the user opens the RAR file, the document is displayed, but the malware is also installed in the background.

FormBook can also spread through other methods, such as drive-by downloads, malicious links, or removable media. The malware can infect any Windows device, from Windows XP to Windows 10. The malware can also evade detection and removal by using various techniques, such as encryption, obfuscation, or anti-analysis.

Here are some recent statistics on FormBook, based on the data from Check Point and ANY.RUN:

FormBook was the most popular malware in August 2021, affecting 4.5% of organizations worldwide, followed by Trickbot and Agent Tesla, affecting respectively 4% and 3% of organizations worldwide.
FormBook was the fourth most common malware in 2020, according to the ranking of malware families by ANY.RUN. It accounted for 8% of the samples analyzed by the online sandboxing service.
FormBook was used in many phishing campaigns targeting various industries, such as defense, aerospace, health, education, finance, retail, etc. It was also used to attack Ukrainian targets during the war between Russia and Ukraine in 2022.
FormBook has a successor called XLoader, which appeared in 2020 and which is able to infect macOS users. XLoader is sold on the dark web for $59 for a Windows license and $49 for a macOS license.

Danger level of FormBook compared to other malware

FormBook is a very dangerous malware, because it can steal sensitive information, such as credentials, passwords, credit card numbers, 2FA codes, etc. It can also download and execute other malware, such as ransomware, banking trojans, spyware, etc. It can also remotely control the infected device and perform various malicious actions, such as deleting browser cookies, taking screenshots, restarting or shutting down the system, etc.

FormBook is also hard to detect and remove, because it uses advanced evasion techniques, such as code injection, string obfuscation, data encryption, anti-analysis, etc. It also changes frequently its name, path, and file extension, and uses random Windows registry keys to maintain its persistence.

To compare the danger level of FormBook with other known malware in its category, we can use the following criteria:

The number of organizations affected worldwide
The type and amount of information stolen
The ability to download and execute other malware
The ability to remotely control the infected device
The evasion techniques used
The ease of detection and removal

Here is a table that compares FormBook with other popular infostealer malware, such as Trickbot, Agent Tesla, LokiBot, and Raccoon:

Malware	Number of organizations affected	Type and amount of information stolen	Ability to download and execute other malware	Ability to remotely control the infected device	Evasion techniques used	Ease of detection and removal
FormBook	4.5% in August 2021	Credentials, passwords, credit card numbers, 2FA codes, screenshots, keystrokes, etc.	Yes	Yes	Code injection, string obfuscation, data encryption, anti-analysis, etc.	Hard
Trickbot	4% in August 2021	Credentials, passwords, banking information, personal data, etc.	Yes	Yes	Code injection, string obfuscation, data encryption, anti-analysis, etc.	Hard
Agent Tesla	3% in August 2021	Credentials, passwords, banking information, personal data, screenshots, keystrokes, etc.	No	Yes	String obfuscation, data encryption, anti-analysis, etc.	Medium
LokiBot	1.5% in August 2021	Credentials, passwords, banking information, personal data, etc.	No	Yes	String obfuscation, data encryption, anti-analysis, etc.	Medium
Raccoon	0.8% in August 2021	Credentials, passwords, banking information, personal data, etc.	No	Yes	String obfuscation, data encryption, anti-analysis, etc.	Medium

From this table, we can see that FormBook is the most dangerous infostealer malware, because it affects the most organizations, steals the most types of information, and can download and execute other malware. It is also the hardest to detect and remove, because it uses more evasion techniques than the other malware.

Forms of attacks of FormBook

FormBook can be delivered through different forms of attacks, depending on the delivery mechanism chosen by the malicious actor. Here are some forms of attacks of FormBook:

Phishing: FormBook can be sent by email as a malicious attachment, such as a Word, Excel, PDF, or ZIP or RAR file. The email can have a misleading subject, such as an invoice, a receipt, a contract, a job offer, etc. When the user opens the attachment, the malware runs and infects the device.
Exploitation of vulnerabilities: FormBook can exploit vulnerabilities in popular software, such as Microsoft Office, Windows, Adobe Reader, etc. For example, FormBook used the vulnerability CVE-2017-8570 in Microsoft Office to run malicious code from a RTF file. FormBook also used the vulnerability CVE-2021-40444 in Microsoft MSHTML to run malicious code from a CAB file.
Drive-by downloads: FormBook can be downloaded without the user’s knowledge when they visit a compromised or malicious website. The website can use a script or an exploit kit to trigger the download and execution of the malware on the user’s device.
Removable media: FormBook can be copied to removable media, such as USB drives, external hard drives, memory cards, etc. When the user connects the removable media to their device, the malware runs automatically and infects the device.
Social media: FormBook can be spread by messages or posts on social media, such as Facebook, Twitter, Instagram, etc. These messages or posts can contain links or images that redirect to malicious websites or infected files. When the user clicks on the link or image, the malware is downloaded and executed on their device.

Here is a type of formbook malware attacks image:

How PassCypher NFC HSM and DataShielder NFC HSM can protect you from FormBook attacks

PassCypher NFC HSM and DataShielder NFC HSM are two devices that use the EviPass NFC HSM technology from Freemindtronic, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021. These devices can help you protect your web accounts and your Gmail messages and attachments from FormBook attacks, by using passwordless, 2FA, and encryption.

PassCypher NFC HSM can create and store your usernames and passwords of more than 256-bit in the NFC HSM. It can also store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

DataShielder NFC HSM can encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021. It can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM.

To use PassCypher NFC HSM and DataShielder NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass, EviOTP, EviCrypt, and EviFile applications that are embedded in the PassCypher NFC HSM and DataShielder NFC HSM. These applications allow you to create, edit, delete, encrypt, and decrypt your web accounts, OTP secret keys, messages, and attachments with a simple tap of your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM.

By using PassCypher NFC HSM and DataShielder NFC HSM, you can secure your web accounts and your Gmail messages and attachments with passwordless, 2FA, and encryption. You do not need to display, know, or type your username, password, or encryption key. You just need to tap your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM and the extension will autofill, auto login, encrypt, or decrypt your web account, message, or attachment. You also do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

Here is a table that shows how PassCypher NFC HSM and DataShielder NFC HSM can protect you from different FormBook attack vectors, such as keylogger, password stealer, file transfer, screenshot, etc. I used a check mark or a cross mark to show visually what PassCypher NFC HSM and DataShielder NFC HSM protect.

FormBook	PassCypher	DataShielder
Keylogger	✔️	✔️
Password stealer	✔️	✔️
File transfer	❌	✔️
Screenshot	✔️	✔️
Remote control	❌	❌
Phishing	✔️	✔️
Exploit kit	❌	❌
Drive-by download	❌	❌
Removable media	❌	✔️
Social media	❌	❌

This table shows that PassCypher NFC HSM and DataShielder NFC HSM can protect your web accounts from FormBook’s keylogger, password stealer, and phishing, by using passwordless and 2FA. They can also protect your Gmail messages and attachments from FormBook’s file transfer and screenshot, by using encryption and decryption. DataShielder NFC HSM can also protect your data stored in computers or removable media, by using encryption and decryption. However, neither device can protect your device from FormBook’s remote control, exploit kit, drive-by download, or unsecured social media, which can compromise your system and your data. Therefore, you should also use an antivirus software and a firewall to prevent FormBook from accessing your device.

Articles, Digital Security

What is Juice Jacking and How to Avoid It?

Posted on May 6, 2023July 26, 2023 by FMTAD

06
May

Juice Jacking by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.

How to protect yourself from Juice Jacking”

Do you often use public USB chargers to recharge your smartphone or tablet? If so, you may be exposing your device to a cyberattack called Juice Jacking. In this article, we will explain what Juice Jacking is and how to protect yourself from it.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

Juice Jacking: How to Avoid This Cyberattack

Do you often use public USB chargers to recharge your smartphone or tablet? If so, you may be exposing your device to a cyberattack called Juice Jacking. This is a type of attack that can steal your data or infect your device when you use a public USB charger. In this article, we will explain what Juice Jacking is and how to protect yourself from it.

What is Juice Jacking?

Juice Jacking is an attack that hackers can perform. They put malware on the public charger’s USB port. When you plug your device into the charger, the malware can access your data or infect your device.

Juice Jacking can take two forms:

Data theft: the malware can copy your contacts, photos, messages, passwords or any other sensitive information stored on your device.
Malware installation: the malware can install a program that will do malicious things to your device.

The Lack of Awareness and Protection of Juice Jacking Among Users Worldwide

One of the reasons why juice jacking is a serious threat is that many people are unaware of it or do not take precautions when using public USB ports. According to a 2019 study by the University of Illinois at Urbana-Champaign, 64% of Americans use public USB ports to charge their devices, and 15% of them do not know what juice jacking is. The study also found that only 8% of the participants used a USB data blocker or a power-only cable to protect their devices from potential attacks. A similar situation exists in other countries, such as the United Kingdom and Australia. A 2020 study by Comparitech surveyed more than 2,000 people in the UK and found that 45% of them used public USB ports to charge their devices, and 50% of them had never heard of juice jacking. A 2019 study by Finder analyzed the behavior of more than 1,000 people in Australia and found that 41% of them used public USB ports at least once a month, and 21% of them did not know what juice jacking was. These studies show that there is a need for more education and awareness on the risks and prevention of juice jacking.

How to prevent Juice Jacking?

To prevent Juice Jacking, don’t use public USB chargers. Instead, you can use your own charger or a portable battery. However, if you have no choice but to use a public charger, you can take some precautions:

Use a USB data blocker. This is a device that blocks the data transfer between the charger and your device. It only allows the power to pass through.
Turn off your device before plugging it into the charger. This may reduce the risk of data theft or infection.
Use a VPN app on your device. This can encrypt your data and make it harder for hackers to access it.

How to protect yourself from Juice Jacking with EviCore NFC HSM and EviCypher Technology

Juice Jacking is a cyberattack that steals or modifies your data through malicious USB chargers. You need a secure and portable encryption solution to protect yourself from this threat. EviCore NFC HSM and EviCypher technology can help you.

EviCore NFC HSM is a contactless hardware security module (HSM). It stores your sensitive data and protects it with configurable multi-factor authentication. You can access your data with your smartphone via NFC (Near Field Communication).

EviCypher is a hardware encryption device that works with EviCore NFC HSM. It encrypts and decrypts your documents, emails and messages with your smartphone. You can use it with any messaging service and enjoy an advanced electronic signature system.

With EviCore NFC HSM and EviCypher, you can avoid hackers who use malicious USB chargers. Your data are safe and secure offline, without any server or database. To learn more about this innovative technology, visit the website EviCore NFC HSM by Freemindtronic.

EviCore NFC HSM and EviCypher are products and services from Freemindtronic. Freemindtronic is a company specialized in NFC security solutions. It offers the best encryption products on the market.

A more technical explanation by ethical hackers

The Juice Jacking is a cyberattack that exploits the vulnerability of the USB ports that are used for both charging and data transfer. Ethical hackers, who are security professionals who use their skills for good, have demonstrated how this attack works and how to prevent it.

One of the first demonstrations of Juice Jacking was made by researchers from the University of Michigan in 2011 at the DEF CON hacker convention. They set up an informative kiosk on Juice Jacking to raise awareness among visitors about the danger of plugging their devices into public charging stations. When a visitor plugged in their phone, the screen turned red and displayed a warning message: “You should not trust public kiosks with your smart phoneYou should not trust public kiosks with your smart phone You should not trust public kiosks with your smart phone”.

The researchers also showed how malicious actors could use the kiosk to steal data, track devices, or compromise them. They also provided information on how to compromise charging kiosks.

Another demonstration was made by security researchersecurity researcher Kyle Osborn in 2012. He published an attack framework called P2P-ADB that uses a USB On-The-Go cable to connect an attacker’s phone to a victim’s device. The framework includes examples and proofs of concept that would allow hackers to unlock locked phones, steal data from a phone, including authentication keys that would allow the attacker to access the owner’s Google account.

In 2013, security researchers from Georgia Tech published a proof of concept of a malicious tool called Mactans that uses the USB charging port of an Apple mobile device. They used low-cost hardware components to build a small malicious wall charger that can inject malware into an iPhone running

In 2014, security researchers Karsten Nohl and Jakob Lell from srlabs published their research on the BadUSB attack at the Black Hat USA conference . They showed how hackers can reprogram USB devices such as flash drives or cables to act as keyboards or network cards and send commands or data to a connected device.

These demonstrations show how Juice Jacking can be performed by skilled hackers who have access to the USB ports or cables in public places. They also show how users can protect themselves by using their own chargers or batteries, using data blockers, turning off their devices, or using VPN apps.

Some examples and testimonials

Juice Jacking is a serious threat for users of public USB chargers. It can compromise your data and your device’s security. Here are some examples and testimonials that illustrate the risks of Juice Jacking:

In 2011, at the DEF CON hacker convention, an informative kiosk on Juice Jacking was set up to raise awareness among visitors about the danger of plugging their devices into public charging stations . When a visitor plugged in their phone, the screen turned red and displayed a warning message: “You should not trust public kiosks with your smart phone” .
In 2013, security researchers from Georgia Tech presented a proof of concept of a malicious wall charger that could inject malware into an iPhone running the latest version of iOS while it was being charged. The malware bypasses all the built-in security measures in iOS and hides itself in the same way that Apple hides background processes in iOS .
In 2019, the Los Angeles County District Attorney warned travelers about Juice Jacking in airports. He advised travelers to use electrical outlets rather than USB ports to charge their devices.
In 2020, a French journalist testified that she was a victim of Juice Jacking during a trip to India. She said that her phone was infected by malware after plugging it into a USB port in a hotel. The malware sent her messages asking her to pay a ransom to get her data back.

To illustrate the phenomenon of Juice Jacking further, you can also check out these videos:

A video explanation from ZDNet that presents Juice Jacking and its consequences.
A video demonstration from ETX Studio that shows how to protect yourself from Juice Jacking with a USB data blocker.
A video information from Slate that explains why you should not be afraid of Juice Jacking and how it is unlikely to happen.

Some scientific and statistical sources

Juice Jacking is a topic that interests security researchers and public authorities. Here are some scientific and statistical sources that address Juice Jacking:

An academic paper published in 2011 by researchers from the University of Michigan that analyzes the risks associated with using public USB ports and proposes solutions to reduce them.
A technical report published in 2014 by researchers from Johns Hopkins University that describes a method to detect and prevent Juice Jacking on Android devices.
A study conducted in 2017 by Kaspersky Lab that reveals that 25% of French users have already used a public USB charger and that 12% of them have already suffered a loss or theft of data as a result of such use.

Conclusion

Juice Jacking is a cyberattack that targets users of public USB chargers. It can compromise your data and your device’s security. To avoid it, you should use your own charger or battery whenever possible. If you have to use a public charger, you should use a USB data blocker, turn off your device, or use a VPN app.

We hope this article helped you understand what Juice Jacking is and how to protect yourself from it.

Articles, Phishing

Protect Your Data from AMOS Malware

Posted on May 4, 2023May 4, 2023 by FMTAD

04
May

AMOS Malware Protection by Jacques gascuel
This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.
Related topic : CryptBot malware

Protect Your Mac from AMOS Malware

Are you worried about the threat of AMOS malware on your Mac? Keep your data safe with Keepser Cold Wallet. Learn how this technology can protect your sensitive information from this dangerous malware.

Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

March 25, 2024

2024 Crypto Currency Cryptocurrency Cyberculture Legal information

EU Sanctions Cryptocurrency Regulation: A Comprehensive Overview

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

ECHR landmark ruling in favor of encrypted messaging, featuring EviCypher NFC HSM technology by Freemindtronic.

2024 Cyberculture Legal information

Encrypted messaging: ECHR says no to states that want to spy on them

February 21, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

Woman holding a smartphone with a padlock icon on the screen, promoting protection from stalkerware.

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

January 26, 2024

Digital image showing a confused user at a computer surrounded by complex password symbols

2024 Articles Cyberculture EviPass Password

Human Limitations in Strong Passwords Creation

January 22, 2024

AMOS Malware Protection with Keepser Cold Wallet

The Threat of AMOS Malware on macOS

AMOS malware is a growing threat to macOS users. Hackers are marketing a new malware for the macOS operating system. Named Atomic Macos Stealer or AMOS, this malicious software is designed to steal user data for $1,000 per month. It extracts passwords from the keychain, steals files on disks, cookies, as well as cards and identification information stored in the browser and tries to extract data from 50 different cryptocurrency wallets. Buyers also benefit from a complete web dashboard to brute force MetaMask.

How AMOS Malware Works

AMOS is capable of accessing iCloud keychain passwords, system information, files from the desktop and documents folder, as well as the Mac password. It is able to infiltrate applications such as Chrome and Firefox and extract autofill information, passwords, cookies, wallets and credit card information. Cryptocurrency wallets such as Electrum, Binance and Atomic are specific targets.

The malware is being propagated using an unsigned disk image file called Setup.dmg. Once executed, the file prompts the victim to enter their system password on a bogus prompt. This allows the malware to escalate privileges and carry out its malicious activities. This technique is similar to that used by other macOS malware, such as MacStealer.

How to Protect Against AMOS Malware

The increase in the deployment of macOS stealer malware by non-state actors highlights the need for users to be cautious when downloading and installing software. The cybersecurity industry recommends that users only download and install software from trustworthy sources, enable two-factor authentication, review app permissions, and refrain from opening suspicious links received via email or SMS messages.

The Solution: Keepser Cold Wallet with EviVault Technology

However, there is a solution to protect your sensitive data against AMOS malware. For only €387, you can purchase two NFC Cold Wallet Keepser from Keepser Group with EviVault technology from Freemindtronic SL. These wallets allow you to store offline and physically externalized from macOS and/or PC computers the private keys and/or seed phrases of cryptocurrency wallets as well as identifier and password pairs. Thus, it will simply be impossible to extract sensitive data from a computer that is not physically present in these computers, even for this AMOS malware.

By using EviVault NFC Cold Wallet technologies from Freemindtronic embedded in Keepser products, you can protect your sensitive data against malware attacks such as AMOS or Cryptbot. These wallets also work on macOS, providing additional protection to Mac users.

The Benefits of EviVault Technology

Thanks to EviVault technology developed by Freemindtronic, the Keepser Cold Wallet is a unique ultra-secure cold storage solution for cryptocurrency wallets, offering anonymous, offline and contactless use via NFC technology, as well as compatibility with NFC Android phones and computer systems via a browser extension.

It’s like they say: “Why pay €1,000 per month to steal sensitive data when you can pay €387 one shot for AMOS malware protection without subscription to protect against it (and other malware like Cryptbot)!” 😉

It is important to take seriously the threats posed by malware such as AMOS and to take the necessary measures to protect your sensitive data. By using advanced technologies such as EviVault NFC Cold Wallet from Freemindtronic embedded in Keepser products, you can ensure that your data is secure.

Sign up for Newsletter

Hackers exploit OAuth2 flaw to bypass 2FA on Google accounts

Google OAuth2 security flaw: Strategies Against Persistent Cookie Threats in Online Services

Google OAuth2 Protocol: Ensuring Account Security and Comparing Different Methods

Google OAuth2 Multilogin Endpoint two-step verification (2SV)

One-time password two-factor authentication (2FA)

Unveiling the Perils of PRISMA: A Deep Dive into Google OAuth2 Security Flaws

Google OAuth2 Security Flaw: A Critical Threat Exploiting Persistent Cookies

How the PRISMA Exploit Works: Exploiting an Undocumented Endpoint

The Impact of the PRISMA Exploit: Stealing Sensitive Data from Millions

Securing Your Google Account from the PRISMA Exploit

How to Protect Yourself from the PRISMA Exploit

How the flaw works

Analysis of the OAuth2 Flaw Affecting Google Account Security: A Statistical Outlook

The Growing Menace: Malware Exploiting Google Account Security Vulnerability

The Extent of the Google Account Security Flaw Caused by OAuth2

Studying the Risks Posed by the Security Flaw

Mitigating the Impact: Proactive Strategies Against OAuth2 Security Flaws in Google Accounts

Recent Victims of Google’s OAuth2 Security Breach: A Global Overview

Voices of the targeted: Testimonies from Google’s OAuth2 Flaw Victims

How to protect yourself from the Google OAuth2 security flaw?

Securing Your Google Account: Proactive Measures Against OAuth2 Exploits

Use a strong and unique password

Enable two-step verification

Check recent activities and connected devices

Be careful of fraudulent emails and websites

Log in regularly to your Google account

PassCypher: A Leading-Edge Solution for Protecting Against Google OAuth2 Vulnerabilities

A leading-edge solution

Advanced security features

A versatile solution

How to use PassCypher

An effective solution

Conclusion: Safeguarding Against Google’s OAuth2 Security Flaws

Secure Your Gmail from FormBook Attacks

How to Protect Your Gmail Account from FormBook Malware

Introduction

What is FormBook and why is it a threat?

How to protect yourself from FormBook?

How to encrypt your Gmail messages and attachments with DataShielder NFC HSM

How to protect your web Gmail account with passwordless and 2FA using PassCypher NFC HSM

How to protect your Gmail account from FormBook with PassCypher NFC HSM

Recent statistics on FormBook

Danger level of FormBook compared to other malware

Forms of attacks of FormBook

How PassCypher NFC HSM and DataShielder NFC HSM can protect you from FormBook attacks

How to protect yourself from Juice Jacking”

Juice Jacking: How to Avoid This Cyberattack

What is Juice Jacking?

The Lack of Awareness and Protection of Juice Jacking Among Users Worldwide

How to prevent Juice Jacking?

How to protect yourself from Juice Jacking with EviCore NFC HSM and EviCypher Technology

A more technical explanation by ethical hackers

Some examples and testimonials

Some scientific and statistical sources

Conclusion

Protect Your Mac from AMOS Malware

AMOS Malware Protection with Keepser Cold Wallet

The Threat of AMOS Malware on macOS

How AMOS Malware Works

How to Protect Against AMOS Malware

The Solution: Keepser Cold Wallet with EviVault Technology

The Benefits of EviVault Technology

Login

Register