Cyber attacks have gained momentum all over the world. Although especially large sites are targeted by one attacker after another, phones are still the most attacked devices. Now, cyber hackers are targeting contactless data transfer that facilitates users’ transactions, such as AirDrop. Hackers who infiltrate the phone without even realizing what the users are are taking over everything from social media accounts to banking data.
Especially if we consider that smartphones are a part of our lives, danger is with us every minute. Because cyber hackers often try to hack into people over various links or Wi-Fi in order to infiltrate phones and take over social media accounts and banking transactions.
Even the vulnerabilities of software and hardware, the risks that may arise from our usage errors, have costly consequences for users. Now, the new target of cyber hackers is the contactless data transfer feature prepared to facilitate the transactions of users such as AirDrop, developed by Apple.
Although the AirDrop wireless file and link transfer system developed by Apple pioneered this technology, in the following years, Android manufacturers have also developed technologies that enable file transfers to be made on their own brand and model devices.
In fact, for users using tablets, phones and computers of the same brand, wireless file transfer has provided significant time savings and practicality. But this practicality brought danger.
The researchers explained that while the devices were sending data, it was possible for an approaching stranger to intercept personal data such as the AirDrop user’s phone number and email due to a vulnerability in the software.
A cybersecurity expert, one of the users exposed to this attack, said that many times while sitting in one of the coffee chains, he received a request to send files from people he did not know to his phone via AirDrop, and that he had detected that many people sitting around him had experienced this situation, and warned those who were possible, but many people accepted that they wanted to share this file.
In a message posted on a forum on the Dark Web, cyber threat elements claimed to have obtained the data of 5.4 million accounts by exploiting a vulnerability that was identified on Twitter and later fixed.
The threat actors, who put the data up for sale for $ 30,000, claimed that the database included information belonging to the accounts of celebrities and big companies. The attackers, who also shared the sample data set, also captured email and phone numbers.
– We should only accept file, link sharing requests from people we know with technologies such as Airdrop, Wifi Direct on our mobile devices. Otherwise, our mobile device can be compromised by attackers with an application or a connection. In this case, banking, e-government, password storage applications installed on our mobile device may also have to capture your photos and personal data.
– Keeping the operating system and applications of our mobile devices up to date ensures that we are protected against possible security vulnerabilities.
– If we are not using, keeping bluetooth and wifi features off will protect us against possible attacks.
– Donanım olarak eski kalmış artık işletim sistemi ve uygulama güncellemesi desteği olmayan cihazlarda wifi ve bluetooth kullanmak olası açıkların güncellemeler ile kapatılmamış olması nedeniyle büyük risk oluşturmaktadır.