Modern Wi-Fi Networks are Vulnerable, Risk on Bitcoin Wallet?

KRAKS WIFIEarlier this week, Mathy Vanhoef of the Imec-DistriNet research group, discovered serious weaknesses and vulnerabilities in WPA2, a protocol which is used to secure all modern Wi-Fi networks.

Vanhoef’s paper noted:

“An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks.”

How Does it Affect Devices and are Bitcoin Wallets in Danger?

As Vanhoef explained in his paper, any device from mobile phones to computers using public Wi-Fi connections can be vulnerable to data theft. Many analysts including CNET executive editor Roger Cheng explained that at this point, any device that is connected to a public Wi-Fi connection is vulnerable.

“This is pretty serious. The bad news is pretty much every Wi-Fi enabled device is vulnerable. The good news is that it has to be local. The hacker has to be near the Wi-Fi network. It can’t launch a widespread attack,” said Cheng in an interview with CBS.

Analysts have explained that hackers targeting local Wi-Fi connections in public areas such as airports can breach the local systems of Wi-Fi-enabled devices, and as such, hackers can steal information ranging from passwords to local app data. Furthermore, because Android and Linux devices are more vulnerable to KRACKs than other devices or operating systems, Bitcoin and cryptocurrency wallets installed on Android and Linux devices could easily become vulnerable to local attacks.

Vanhoef’s paper explained that around 50 percent of Android devices are vulnerable to KRACKs and other types of attacks that are capable of extracting sensitive information efficiently.

“Because Android uses wpa_supplicant, Android 6.0 and above also contains this vulnerability. This makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices. Note that currently 50% of Android devices are vulnerable to this exceptionally devastating variant of our attack,” read Vanhoef’s paper.

2 Factor Authentication (2FA) For Bitcoin Wallets, Preferably Apps like Google Authenticator

In order to prevent KRACKs and targeted Wi-Fi attacks from revealing the passwords and pin numbers used for Bitcoin wallets it is important that users enable multiple-layered 2FA for maximum protection. Blockchain, the second largest Bitcoin wallet application behind Coinbase in terms of user base, recommends that users enable both email and Google Authenticator protection along with two passcodes, establishing four layers of security that are extremely difficult to breach.

Generally, Bitcoin wallet developers and experts recommend users avoid 2FA via SMS, because phone vulnerabilities or social engineering can lead to numbers being compromised

Read more

Who’s winning African commercial online banking?

According to the recent report by WhySatisfy and Brandwatch, it was found that one bank in each country analysed (Kenya, Nigeria and South Africa) dominated online and social media conversations.

Competition in this space is fierce though and thus the major players can change at any time. Getting the lion’s share of voice can be achieved relatively simply, for example: by running an effective social media marketing campaign (e.g. Standard Bank’s #WhatsYourNext campaign). The audience for this industry is very active on Twitter and this platform has become one of the easiest ways for customers to interact with a bank.

Who's winning online in African commercial banking?Millennials are mobile

In order to not get left behind, banks need to be innovative and agile in listening. Understanding and engaging with the needs of today’s customers. Millennials are the future of the commercial banking industry. Its success will be based on the banks’ ability to get their internet banking and mobile banking customer experiences right.

The experience of ‘visiting your branch’ needs to be completely digital, from beginning to end. If the user has to go offline for a single step, they’ll be lost. An example of a bank that is winning at this is Capital One in the USA. They recognised where the future success of their bank lies and therefore only target millennials. When studying this target market, they found that the top two places millennials like to hangout are: coffee shops and yoga studios. Capital One Cafes were born…”We believe that banking should fit your life, not the other way around.”

The report also notes that the majority of conversations on social in this industry were around mobile and internet banking which is not surprising as this is a very mobile savvy user base. Mobile banking is where future success lies. In the past quarter, this topic of discussion online and on social media was growing at an accelerating rate.

On the web, 37% of all conversations were around mobile banking which was reflected on Facebook and Twitter, with 29% and 42% respectively. This data shows just how active commercial banking customers are on social media in Kenya, Nigeria and South Africa.

Changing perceptions

In Africa, mobile connectivity is growing exponentially, with 90% penetration of the continent’s 1.2bn population, 57% of which are smartphones. Being able to access a full range of banking services for your mobile device is centred around convenience. Customers want to be able to access and transact with their money at any time but most importantly, in a secure way. Succeeding with social customer service mid-June until now has also seen a sharp increase in online and social discussions about service – another high priority area for customers.

Adding value
Banks need to show potential customers they are able to add value and are willing to help with any problems quickly and efficiently.

The customer needs to be made to feel at ease with the service they are receiving and that their bank is looking after their hard-earned money. Effective social customer care has developed into a leading driver of success. All it takes is a single action or key element to completely change how the bank is perceived by a customer. It is good to see that all banks analysed were active daily on social media; interacting with their customers.

Almost 80% of these social discussions were neutral, while only 12% were negative and 8% were positive. On the web 28% of conversations were around service, which was mirrored by the conversations on Facebook and Twitter. Almost a quarter of all conversations were service related as well, being 26% and 24% respectively. Read more

Nigeria remains the most mobilized country in the world

According to a recent report released by Twinpine Networks, a premium mobile advertising network, Nigeria has retained its position as the most mobilized country in the world. Mobile penetration in the country increased from 40 percent recorded last year to 74 percent this year. 81 percent of the mobile traffic in Nigeria comes through mobile compared to India and South Africa, which has 79 percent and 78 percent respectively.

Twine pine

With the growing number of mobile phone users in Nigeria, it is not out of place to say that Nigerians are mobile-obsessed. This is due to the fact that almost everyone in the country, which includes those in the rural area, has a phone. People who don’t have electricity in their homes look for ways to charge their phones. The power bank market in the country is also a growing market because people need a mobile backup charger to charge their phones. Businesses in Nigeria now make use of mobile advertising to advertise their businesses instead of making use of the older way of using billboards, which actually costs more.

The report titled “ 2017 Nigeria Mobile trend report” also revealed that there are 91.5 million unique mobile users in Nigeria out of an estimated 192 million people.

Some other highlights of the reports are

Usage of multi-sim phones 

The report revealed that Nigeria is the country with the highest number of multi-sim phones in the world. The number stands at 66 percent followed by Bangladesh and Tanzania, which stands at 63 percent and 53 percent respectively.

Online activities that Nigerians engage in weekly

Social media is the most popular activity that Nigerians engage on followed by using search engines, checking emails and watching online videos.

Mobile commerce trend in Nigeria

The report showed that 63 percent of all M-Commerce orders in Nigeria come from Mobile. The top three products that Nigerians use their mobile phones to buy are mobile phones, beauty and perfumes and women’s clothing. Surprisingly, the report revealed that more men shop online than women. 61 percent of mobile shoppers are men while 39 percent are women.

Type of app that Nigerians pay for

Most Nigerians hardly pay for apps but the report revealed that Nigerians who paid for apps paid for game apps followed by music and entertainment.

How many Nigerians use mobile banking app

According to the report, about 71.5 percent of Nigerians use a mobile banking app. The benefits of using mobile banking apps are numerous. 63.6 percent of them use it to transfer money, 47.3 percent use it to purchase airtime and 42.7 percent use it to check their account balance

For more insight on the report, please click here to download.

Mobile Trojans steal users’ money through WAP-billing services

Mobile Trojan clickers that are stealing money from Android users through WAP-billing have been discovered by Kaspersky Lab researchers. The trend is becoming common with thousands of affected users in different countries across the globe.

Mobile TrojanWireless Application Protocol (WAP) billing has been widely used by mobile network operators for paid services and subscriptions for many years. This form of mobile payment charges costs directly to the user’s mobile phone bill, without the need for bank card registration or a sign-up process. A user is usually redirected to a different web page via a button and offered a range of additional services.

By clicking on it, the user activates a subscription, and his mobile account is charged. In this current threat scenario, all of these actions can be easily implemented by a Trojan, which performs in secret and clicks on every page by itself. In addition, a simple registration of domains in a mobile operator’s billing system, allows fraudsters to relatively easy connect their website to a WAP-billing service. As a result, money from a victim’s account flows directly to the hackers’ accounts.

“We haven’t seen these types of Trojans for a while. The fact that they have become so popular lately might indicate that cybercriminals have started to use other verified techniques, such as WAP-billing, to exploit users. Moreover, a premium rate SMS Trojan is more difficult to create. It is also interesting that malware has targeted mainly Russia and India, which could be connected to the state of their internal, local telecoms markets. However, we have also detected the Trojans in South Africa and Egypt”, says Roman Unuchek, security expert at Kaspersky Lab.

Read more