Millions of Facebook and Instagram users had their password exposed after being stored in plain text

Last month, Facebook admitted in a blog post that it had inadvertently stored “hundreds of millions” of user account passwords in plaintext for years, dating as far back as 2012.

Facebook said the unencrypted passwords were stored in logs which were accessible to around 2,000 engineers and developers. Facebook has not explained how such a basic step of storing users passwords in encrypted text was missed, the company said that the data was not leaked outside of the company.

Since the announcement Facebook has updated the blog post to state that they discovered additional logs of Instagram passwords being stored in a readable format.”

“We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.”

It’s hard to believe that Facebook can guarantee these passwords were not abused in anyway considering it’s taken so long to acknowledge that so many passwords were left exposed. Facebook has also been caught harvesting approximately 1.5 million users email contacts as well. Facebook is constantly in the news over their lack of basic privacy and security features.

Galaxy S10 face unlock can be bypassed with a video

Face unlock is a great security feature and more and more manufacturers are including this feature. The new Galaxy S10 which launched today and has already had its security feature thrown into question.

Popular Youtuber Unbox Therapy is able to unlock his new Galaxy S10 using a dark video of himself playing on another phone. This means you could potentially unlock someone else’s phone using a video or image of themselves which is easy with apps such as Instagram.

Currently Apple is proving to be the most secure with Face ID however even they acknowledge that Face ID can be unlocked by twins. What are your thoughts on Face ID? Would you be happy for all manufactures to use Face ID or switch back to finger print unlocking.

Roaming Mantis targets iOS users across Europe

According to ZDNet a new malware attack Called “Roaming Mantis,” which initially targeted Android users has now made its way to the iOS community and until recently has mostly targeted South East Asia.

According to researchers at security company Kaspersky Lab, who also examined the previous campaign. “The Roaming Mantis campaign evolved significantly in a short period of time,” says Kaspersky researcher Suguru Ishimaru. The attacks are now making its way to users in Europe. The Roaming Mantis is an information-stealing malware campaign which has added iOS device phishing and cryptocurrency mining to its targets.

Kaspersky Lab says “The rapid growth of the campaign implies that those behind it have a strong financial motivation and are probably well-funded.”

Roaming Mantis targets iOS users across Europe

According to ZDNet a new malware attack Called “Roaming Mantis,” which initially targeted Android users has now made its way to the iOS community and until recently has mostly targeted South East Asia.

According to researchers at security company Kaspersky Lab, who also examined the previous campaign. “The Roaming Mantis campaign evolved significantly in a short period of time,” says Kaspersky researcher Suguru Ishimaru. The attacks are now making its way to users in Europe. The Roaming Mantis is an information-stealing malware campaign which has added iOS device phishing and cryptocurrency mining to its targets.

Kaspersky Lab says “The rapid growth of the campaign implies that those behind it have a strong financial motivation and are probably well-funded.”

Popular keyboard found to have a built-in keylogger

The Mantistek GK2 Mechanical Gaming Keyboard is a popular 104-key accessory and costs costs around €49.66 which won’t break the bank however this keyboard has allegedly been caught silently recording everything you type on your keyboard and sending them to a server maintained by an Alibaba Group.

Users have taken to an online forum to discuss the issue, one user writes,

GK2 owner here. everytime you open the “MANTISTEK Cloud Driver” it sends information to 47.90.52.88 which is tied to Alibaba.com LLC. when you open the page in browser it shows login page with moonrunes that translate to “Cloud mouse platform background management system”.
Apparently it sends information about key presses statistics:
/cms/json/putkeyusedata.php
/cms/json/putuserevent.php
So the microphone (or rather the sound sensor) isn’t recording you 24/7. Honestly I don’t really know what the fuck am I doing, I don’t have much experience with packet analysis. There are some values marked as “eid”, “av”, “hid” and I have no idea what they mean, they aren’t the same as keyboard’s device ID or anything. If there’s someone more experienced than me I’ll be happy to give you .cap file so you can check it out yourself.

Nonetheless all it takes is to add a rule in firewall to block all outgoing connections CMS.exe. The software still works and other than changing the backlight colour it’s not really needed.

As for keyboard itself I’m still having problems with left side of my spacebar rattling, which I think is a problem with a stabilizer (video: https://www.youtube.com/watch?v=NheWR1HiHjo). If someone knows how to fix it I’d be grateful.
Overall the backlight is really nice, but I’m not impressed with the keyboard itself. I feel like I should pick brown/black switches instead of red and I got memed into them because people said they’re for gaymers. It also doesn’t feel much.

Whilst it is recommended to avoid using this keyboard until an official statement is made by the company for those who still need to use it make sure the MantisTek Cloud Driver software is not running in the background, and block the CMS.exe executable in your firewall. You can view all the current posts by users here.

QI Wireless charger from Amazon catches fire!!! Warning!!!!

A few weeks back I purchased a cheap wireless charger off Amazon, the product came up as recommended and as it was cheap I thought it would be great for travelling so if it gets damaged it would not be a big deal however, I arrived home earlier to find it had caught fire.

luckily I caught it early and was able to extinguish it, I have spoken to Amazon who say they have removed it from sale and will investigate, however the item is still currently showing as being for sale. The item is a Qi Wireless Charger,Sainagce Qi Wireless Power Charger Charging Pad. Below is a picture of what the item looks like on Amazon but comes in several colours, please avoid at all costs.

OneLogin breached

Login Manager OneLogin has been breached with encrypted data being accessed and affects all users. 


In a statement OneLogin says “all customers served by our US data centre” and perpetrators had “the ability to decrypt encrypted data”, according to The Register.

OneLogin says those affected have been advised to visit a registration-only support page, outlining the steps they need to take. 

Amazon Scam Emails

There is a new round of spoof email’s being sent from ‘service@amazon.co.uk’, which is informing the recipient that an order has been made on their Amazon account. 


The email uses methods which are often used in scam emails and then tells the user to click on a ‘help centre’ link to receive a full refund from the retail giant if the transaction wasn’t authorised.

Sponsored by Rubber Duck Hosting

The link provided in the email then leads to a fairly convincing-looking website which asks for confirmation of your name, address and bank card information.

Once the user provided the information the fraudsters behind the bogus email are able to siphon funds from bank accounts. Users who may have replied to similar emails are advised to contact their bank and Amazon immediately. 

Save your messages from malicious bug

There is currently a new wave of message app crashing caused by a user sending you a malicious vcf file (contact card) which causes your messages app to crash completely. Thankfully you can open this link here and you will be prompted to open your messages saving you. 


You can download and send it here however we only recommend you use it as a joke and ensure you send them the recovery link. 

Skype backdoor affects 30 million Mac OS X users

A backdoor in Skype for Mac OSX that would allow an attacker to not only log and record Skype call audio, but also retrieve user contact information has. Even patched by Microsoft.


The backdoor is thought to have been created by a developer at Skype prior to Microsoft’s takeover of the company also allowed an attacker to read the content of incoming messages, create chat sessions, modify messages, and carry out other malicious activity and is thought to have exposed some 30 million Mac OS X users. 

The backdoor has been around since 2010 and provided nearly complete access without authentication to Skype on OS X and was originally implamented in and older versions of the Skype Dashboard Widget plugin to access the Desktop API without user interaction.

Original source Hack in the box

AdBlock Detected

Please add us to your AdBlock whitelist

GeeksCorner