Ransomware, Bitcoin and Bitcoin Forensics

To get free 56 page article on 

Ransomware, Bitcoin & Bitcoin Forensics 

Subscribe the blog https://cybersecurityaudits.blogspot.in or drop email at cyberpathshala@gmail.com

What is Blue Whale Game & How to Protect Children

The Blue Whale Game alias "Blue Whale Challenge", exists in several countries and can be accessed via Social Media Accounts. The game allegedly consists of a series of tasks assigned to players by administrators during 50- day period, with the final challenge requiring the player to commit suicide. The participants are also asked to share the photographs  to the  blue whale game administrator as evidence that they have completed each task assigned to them. 
The term "Blue Whale" comes from the phenomenon of beached whales, which is linked to suicide. (wikipedia.org) 
Blue Whale Game began in Russia in 2013 and caused first suicide in 2015. Philipp Budeikin a psychology student who was expelled from the university, claimed that he invented the game with purpose- to "clean" the world by pushing mentally weak to suicide . Budeikin was arrested and found guilty to "inciting at least 16 teenage girls to commit suicide", leading to Russian Suicide Prevention Legislation.
 Cases have been reported in various countries like Argentina, Brazil, Bulgaria, Chile, China, Colombia, Georgia, India, Italy, Kenya, Paraguay, Portugal, Russia, Saudi Arabia, Serbia, Spain, United States, Uruguay and Venezuela (Source- wikipedia.org)

Cases in India- 
In  Kerala a 16 year old boy commited suicide on 26th July 2017 after playing the online Blue Whale Game. It was said that he ended his life after completing the tasks of this game. His mother acknowledged that her son had informed her about playing the Blue Whale Game, and that he told her not to worry if he dies soon. Boy used to visit cemeteries during the night and go to sea beaches alone.

Source-http://www.deccanchronicle.com/nation/current-affairs/160817/kerala-teen-commits-suicide-to-allegedly-complete-blue-whale-challenge.html

On 30th July 2017, 14 year old boy committed suicide by jumping from the seventh floor of an building in Mumbai, though the Mumbai Police said that they had not found evidence that the teenager had played the game. The boy left a statement - Only thing you will be left with is a picture of mine.

Source-http://indiatoday.intoday.in/story/mumbai-suicide-boy-kills-self-teenager-suicide-andheri-blue-whale-online-game-online-challenge-bluewhale/1/1015159.html

On 10th August 2017, a class VII student of Indore, Madhya Pradesh attempted to suicide and was pulled away by other students. The boy apparently recorded the whole 50 stages of the game, in his school diary.

Source- http://zeenews.india.com/india/blue-whale-challenge-entraps-another-class-7-student-jumps-off-from-school-building-in-indore-2032004.html

Steps already taken by Government
 The government has directed Internet and social networking giants such as Google, Facebook and Microsoft to “immediately remove” any link to the “deadly game” Blue Whale which has allegedly caused several suicides by children in the country.

Source-http://economictimes.indiatimes.com/articleshow/60070772.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst

 "For many teens that are contemplating suicide, there's often a sense of disconnect, a sense that they're alone in the world, that nobody really cares about or values them," Dr. Sally Nazari told InsideEdition.com 

Source-  https://www.aol.com/article/news/2017/08/02/inside-the-blue-whale-challenge-suicide-game/23061666/

  How to Protect your Children/Students-

1. Talk to your child, let them share anything they want  or see anything which scares them.
2. Use Parental Control Software.
3. Notice if they are withdrawing from family and friends.
4. Notice any change in their behavior like outburst of anger, irritation, sleeping disorder etc.
5. Antivirus/Internet Security software also have features to block unwanted websites, keywords, content etc.
6. Monitor Internet History, the websites your children browse.
7. Check their text messages, log messages, whatsapp, snapchat etc.
8. Check what do they do on Social Networking Websites, be friend on their Facebook etc.
9. Loss of interest in any activity which they loved.
10. If required don’t hesitate in taking the expert’s help.
    I value your feedback so write  your queries, suggestions.
    In case of any technical support please do write at -  
    email- cyberpathshala@gmail.com 
    website- www.cybersecuritydelhi.com 
    
    Disclaimer: Kindly do not post any defamatory, infringing, obscene, indecent, discriminatory or unlawful material or information.

Beware of Sim Card Swap Fraud

Nowadays many people are loosing huge amount of money because of Sim Card Swap Fraud.
People normally link their  banking account number with mobile phone sim card and after demonetization, online money transactions have increased rapidly. Because people have no cyber security awareness so they fall victim in the hands of scamsters.

How Scamsters Operate-

Scamster calls his victim claiming that he is from his mobile service provider and says that you are using 3G sim card and company is offering you 4G sim free of cost for improved internet services. He then sends 20 digit number by SMS after disconnecting the call. Victim sends this 20 digit number back to the caller or tells over phone and presses options 1 or 2 as asked by the caller. Within few seconds victim's sim card get deactivated and this is what scamster wants.

Victim thinks that his mobile services will resume within sometime unfortunately sim card never gets activated. And scamster do online shopping using his linked bank account.

Actually scamsters already have a new duplicate sim for the victim's mobile number, which they get either by producing fake documents or by impersonating the victim. After getting the duplicate sim card, scamster calls the victim and uses new duplicate sim card to receive OTP from the bank..

How to protect from CyberBullying - Cyber Safety Measures for Teenagers

Cyber bullying is not only common rather increasing day by day among teenagers, school going students.  Cyber-bullying requires high level of attention because not only children are stressed at psychological level but often they go into depression or committed suicide or sometimes behave very aggressively or rudely after having been muddled in  cyber-bullying incidents.

Intentionally or unintentionally when a child, or school going student is harassed, humiliated,  by another child using mobile phones or any electronic media or Internet is called as Cyber-bullying. 

Cyber bullying incidents normally take place on social networking websites such as Facebook,  and Twitter etc. Mcafee 2014 study reveals that 87% of youth have witnessed cyber bullying.

Safety Measures Parents and Teachers can opt to save their child or student from being a victim of cyber bullying incident-

1. To ensure safety and security parents and teachers must spend time with children and discuss their online activities. Know what exactly they do browse or post. It has been seen that girls prefer social media chat programs like Instagram while boys prefer to interact over gaming console. 
2. Ask your child to enable privacy settings on Facebook, Twitter etc.
3. Get access of your children’s social media accounts and passwords of children’s devices, in case of any emergency you can help them or know their whereabouts.
4. Educate children to keep their passwords safe and tell them not share their passwords with their friends. 
5. Schools must educate the students about cyberbullying, cyber ethics and cyber law as well. 
6. Never allow them to share their personal information openly like email ids, mobile number or address etc.
7. Tell them not to open emails or Facebook messages from unknown persons or from known cyber bullies. Ask them to delete such messages without reading. 
8. Take Screen shots of cyber  bullying incidents and report the incident to the police.
9. Report cyber bullying incident to the relevant website by clicking on the “Report Abuse” button.
10. Educate children that social media friends may not be your real friends. 

How to Report a fake facebook account

Many times non IT background people ask about how to block a fake facebook account or report any profile to facebook therefore I am putting all the required information on one page in order help non-IT people. Facebook has already given all the information on its website.

If someone is troubling you on face book  then Block or report  fake face book account-

If you have a Facebook account and want to report someone that's pretending to be you or someone you know:

1. Go to the profile of the fake account.
2. Click on the cover photo and select Report.
3. Follow the on-screen instructions to file a report.

If you don't have a Facebook account and need to report someone who is pretending to be you, click on the below mentioned link to report  about imposter

https://www.facebook.com/help/contact/295309487309948?helpref=faq_content

Report a fake facebook account that’s pretending to be you?

Impostor accounts aren't allowed on Facebook. If someone created an account pretending to be you:

1. Go to the impostor profile
• If you can't find it, try searching for the name used on the profile or asking your friends if they can send you a link to it.
2. Click on the cover photo and select Report
3. Follow the on-screen instructions 

How do I report a Page?

To report a Page:

1. Go to the Page you want to report
2. Hover over More below the Page's cover photo
3. Select Report Page
4. Choose the option that best describes the issue and follow the on-screen instructions.

What is SSL Certificate and How to Install SSL Certificate

What is an SSL (Secure Sockets Layer) Certificate

Secure Sockets Layer(SSL) certificate provides a secure connection between internet browsers and websites, so that data transmits securely over internet. Websites secured with SSL display a padlock in the browsers URL and a green address bar if website is secured by an EV(Extended Validation) Certificate. Users on websites with SSL Certificates will also see " https://  " in the address bar.

SSL protocol is used to protect e-business house or e-commerce customers, and it ensures that their online transactions remain confidential. All web browsers have the ability to interact with secured websites as long as the website's certificate is from a recognized certificate authority. 

Normally you can see the difference when you visit the site with a browser. Firefox for example will highlight the domain in blue for domain-validated SSL, and green for extended-validation SSL.

Domain Validated Website: https://mail.google.com  

Extended Validated Website :  https://www.symantec.com

Extended Validation (EV) : An Extended Validation Certificate (EV) is an public key certificate issued according to a specific set of identity verification criteria. These criteria requires extensive verification of the requesting entity's identity by the CA before a certificate is issued. Certificates issued by a CA under the EV guidelines are not different from other certificates hence we can say that those provide no stronger cryptography than other, cheaper certificates).  EV certificates are mainly presented by web servers to web browsers for use with Transport Layer Security(TLS) connections. This does not guarantee that there isn't a man-in-the-middle attack, or net-wide DNS poisoning. This just ensures that the website you are accessing is the same one as the Certificate Authority views. 

To be more precise "Extended Validation Certificate" tells us about the legal entity who has applied for the SSL certificate.

Why do we need SSL (Secure Socket Layer) on websites

Internet  growth has attracted fraudsters and cyber criminals to exploit any opportunity to steal consumer's confidential information like  bank account numbers and card details. Unless the connection between a client (e.g. internet browser) and a web server is encrypted, then any moderately skilled hacker can easily intercept and read the internet traffic.

How does SSL Certificate creates a Secure Connection - 

1. Browser connects to a web server secured with SSL (https) eg https://www.cybersecuritydelhi.com 

2. Browser sends request to the web server to identify itself.

3. Web server sends a copy of its SSL Certificate along with the web server's public key.

4. Browser checks the certificate's root against a list of trusted CAs and checks that SSL is not expired and its common name is valid for the website that it is connecting to. If browser trusts the certificate then it creates, encrypts and sends back a symmetric key session using the web server's public key.

5. Web Server decrypts the symmetric session key using its private key an sends back an acknowledgement encrypted with the session key to start the encrypted session.

6. Web server and Browsers encrypts transmitted data with the session key.

7. Encrypted data is shared between the browser and the web server and "https" appears in the URL bar.

Benefits of Encryption by SSL-Encryption Protects Data During Transmission

Credentials Establish Identity Online

SSL Certificates are credentials for the online world, uniquely issued to a specific domain and web server and authenticated by the SSL Certificate provider. When a browser connects to a server, the server sends the identification information to the browser.

To view website's credentials, please follow following steps:- 

1. Click on the padlock visible in the browser.

2. Clcik on the trust mark such as Digicert or Norton Secured Seal etc).

3. Look the green address bar, green color appears in case of Extended Validation(EV).

 

SSL Certificate Authority

SSL certificates are issued by a Certificate Authority (CA). Before issuing a certificate CA confirms the identity of the company applying for the certificate, and makes sure that the applicant owns the domain named in the certificate. Certificates issued to a website are chained to what is known as a 'trusted root' certificate, which is owned by the CA. These root certificates are embedded in what is known as the 'certificate store' in popular internet browsers such as Chrome, Firefox and Internet Explorer. 

If a browser encounters a website certificate which chains to a root in its certificate store, then it allows the https connection to proceed. If the browser encounters a certificate which is not chained to a root in its store, then it will warn the end user that the connection is not trusted and that the user should not submit any confidential information. 

Details included in a certificate -

Certificates are issued to companies or legally accountable individuals and will typically contain the domain name, company name, address, city, state, an issued date and an expiry date and contain details of the certificate authority responsible for issuing the certificate. When a browser requests a https connection to a website, it retrieves the website's certificate, it makes sure that it is not expired, checks that it is chained to a root in its certificate store, and will check it is being used by the website for which it has been issued. If it fails any of these checks, the browser will display a warning to the end user.

Difference between SSL and TLS

TLS (Transport Layer Security) is an updated version of SSL

SSL Installation Step by Step Guide

 

Step1-

Login into WHM

Generate a CSR (Certificate Signing Request)for your web server.

(A CSR is an encoded file that provides a standardized way to send the public key to SSL provider/CA along with some information that identifies your company and domain name.)

COPY it in a word file.

Step2

Purchase and Download SSL Certificate

Normally it is a zip folder which contains SSL Certificate and Key.

Step 3

Install SSL on Web server

Copy Private key in the given text box

Copy SSL Certificate in the given box

If you wish , you can paste Certificate Authority Bundle

Next Step-

Now click on Install Button and its done.

Step 4

Restart all the services or web server

Check SSL Certificate has installed correctly or not

Visit your vendor websites as normally all vendors provide links to check the SSL installation. eg 

https://www.sslshopper.com/ssl-checker.html

https://www.geocerts.com/ssl_checker

https://www.ssllabs.com/ssltest/  provides more detailed information and you can improve weaker parts also.

Important Note- SSL Certificate installation does not mean that online data transfer is 100 percent secure and you can peacefully close your eyes :-)  :-)

I will be posting some more interesting information about SSL certificates on website www.cybersecuritydelhi.com therefore keep visiting the website.