Archive for September 30, 2019

Russia planning to introduce tax on cryptocurrencies


The Russian Banking Community has found a way to legalise cryptocurrencies. To do this, it is necessary to legally recognise the mining of digital money as an analogy of the occupation of property or treasure.

"Legally, it could be argued that the first owner of the cryptocurrency "found them", because the receipt from an anonymous system can be conditionally considered a finding,”— EhakingNews quoted the ARB report on «The Concept of Decentralized Cryptocurrency Turnover». Discussion of this document is scheduled for 8 October.

However, the acquirer of digital money does not just seize or find them as a ready-made object. Cryptocurrency arises as a result of mining, that is, human activity. In fact, he creates it himself, explained Anatoly Kozlachkov, the author of the report, Vice-President of ARB.

Based on this, cryptocurrency can be introduced into Russian law as “newly created” (includes property independently produced by a citizen).

Then it can be used in barter transactions and taxed, said Anatoly Kozlachkov.

This is a fair approach, said Andrey Ermolaev, partner of KPMG. According to him, it is impossible to equate cryptocurrencies with ordinary money because it is an investment, and the growth of the value of the paper is always considered as a taxable base.

According to a legal expert Elena Avakyan, an example is a German model involving the payment of tax in the cryptocurrency in which the income is received.

Yuri Brisov, founder of LFCS (Legal Support), called the ARB proposal "the biggest mistake in the list of initiatives of all the time".

"Cryptocurrency received as a result of mining is a payment of remuneration, but not a finding," explained Brisov.

Synergy Research Group Deputy Director-General for Legal Issues and Technologies, Peter Lyalin, also sharply criticized the proposal of the Association of Russian Banks (ARB). He proposed to equate mining to the production of goods, as is practiced, for example, in Australia and Canada.

"I consider the initiative unworked and superficial. It seems that such a proposal was made without taking into account the specifics of the mining as a cryptocurrency mining activity," the expert suggested.

Experts agreed that the initiative of the Association of Russian Banks (ARB) requires further refinement.

Google Takes Down Around 46 Apps by Chinese Developers from its Play Store


Last week, around 46 apps by a Chinese developer, iHandy were taken down by Google from its Play Store. Initially, Google declined to provide reasons for the sudden removal of various security, horoscope, selfie, health and antivirus related apps which were downloaded over millions of times.

However, a total of eight apps were still present on Google’s Play Store, until three more were taken down, as per a Buzzfeed report. The Chinese company, established in the year 2008, claims to have almost 180 million monthly active users in more than 200 countries across the globe. Currently going through investigations, iHandy is one of the world’s largest mobile application developers.

In a conversation with Buzzfeed, iHandy VP Simon Zhu, while expressing how they found Google’s takedown quite unexpected, said “It is an unexpected action from our point of view. We are trying to find out the reasons. Hope the apps will be back to Play Store as soon as possible.”

Notably, Google has taken down apps made by Chinese developers in the past as well for various reasons; in this case, the removal is triggered by deceptive and disruptive ads. In August this year, after Trend Micro discovered malware inside certain apps, Google removed a total of 85 apps from its Play Store, most of these apps were related to gaming or photography and had more than 8 million downloads. The most popular names among these infected apps included, ‘Super Selfie’, ‘Cos Camera’, ‘One Stroke Line Puzzle’ and ‘Pop Camera’.

To exemplify, a very popular app known as ‘Sweet Camera- Selfie Beauty Camera, Filters’ which had over 50 million downloads was also removed in the process and it is not to be found on the Indian Play Store either.

Researchers discovered that all of these infected apps were put on the Play Store via distinct developer accounts and were signed by non-identical digital certificates, but they exhibited the same behaviors and shared a similar code.

Referenced from the statements given by Google’s spokesperson, "Our Google Play developer policies are designed to help create the best experience for users, and we explicitly prohibit deceptive or disruptive ads. When violations are found, we take action,"

Google Takes Down Around 46 Apps by Chinese Developers from its Play Store


Last week, around 46 apps by a Chinese developer, iHandy were taken down by Google from its Play Store. Initially, Google declined to provide reasons for the sudden removal of various security, horoscope, selfie, health and antivirus related apps which were downloaded over millions of times.

However, a total of eight apps were still present on Google’s Play Store, until three more were taken down, as per a Buzzfeed report. The Chinese company, established in the year 2008, claims to have almost 180 million monthly active users in more than 200 countries across the globe. Currently going through investigations, iHandy is one of the world’s largest mobile application developers.

In a conversation with Buzzfeed, iHandy VP Simon Zhu, while expressing how they found Google’s takedown quite unexpected, said “It is an unexpected action from our point of view. We are trying to find out the reasons. Hope the apps will be back to Play Store as soon as possible.”

Notably, Google has taken down apps made by Chinese developers in the past as well for various reasons; in this case, the removal is triggered by deceptive and disruptive ads. In August this year, after Trend Micro discovered malware inside certain apps, Google removed a total of 85 apps from its Play Store, most of these apps were related to gaming or photography and had more than 8 million downloads. The most popular names among these infected apps included, ‘Super Selfie’, ‘Cos Camera’, ‘One Stroke Line Puzzle’ and ‘Pop Camera’.

To exemplify, a very popular app known as ‘Sweet Camera- Selfie Beauty Camera, Filters’ which had over 50 million downloads was also removed in the process and it is not to be found on the Indian Play Store either.

Researchers discovered that all of these infected apps were put on the Play Store via distinct developer accounts and were signed by non-identical digital certificates, but they exhibited the same behaviors and shared a similar code.

Referenced from the statements given by Google’s spokesperson, "Our Google Play developer policies are designed to help create the best experience for users, and we explicitly prohibit deceptive or disruptive ads. When violations are found, we take action,"

Telecom Major Airtel Exposes a Major SIM-Swapping Racket


Telecom major Airtel exposes a major SIM-swapping racket that could hijack users' premium numbers and enable the hackers to commit online banking fraud via fake Aadhaar cards.

The complaint filed by Stanely Agenlo, head of facilities, Bharti Airtel, on September 19 reads, ""It has come to Airtel's notice that the Point of Sale have (sic) involved in fraudulent SIM swap of the mobile numbers by forging Proof of Address/Proof of Identity documents of the original customers..."

18 mobile numbers were identified by Airtel in a complaint to the Cyber Crime Police, CID, Bengaluru, where SIM cards were swapped by its retail agents utilizing the 'forged' Aadhaar papers from January 1 to September 19 this year.

The sham was exposed when customers called Airtel helplines saying their numbers had ceased to working all of a sudden and their SIM cards referred to be related to certain 'fancy' numbers ending with digits like 12345, 77777, 33333 and 00000.

“It is suspected these SIM cards might have been used for committing online bank fraud. Further, an internal inquiry by Bharati Airtel disclosed that there is a deep-rooted nexus between the POS retailers and impersonators. The agents committed the above act from January 1to till date,” said Airtel's complaint.

While CID has registered a FIR under the Information Technology Act, 2008 and has already identified a couple of the accused, their sources state that: “We learnt the accused provided SIM cards to customers from other states. But we are not sure of the reason behind the offence; it could be online fraud or just a fancy number racket. But looking at the scale of the fraud, it is unlikely to be limited to fancy numbers alone.”

Police, nonetheless, states that the scam may include thousands of numbers where duplicate SIM cards were procured by adapting to forged identities and address-proof documents, a device progressively being utilized by fraudsters and hackers alike.

When approached for a comment Airtel declined to react on the progress made.

Vulnerability in the WIB SIM-browser allows attackers to take control of millions of mobile phones around the world


Previously, E Hacking News reported on the Simjacker vulnerability, which allows to monitor the owners of the phones.

Simjacker is the first real attack where the malicious instructions are sent directly in the SMS message. Interestingly, messages are not stored in either inbox or outbox, so everything happens completely unnoticed by the victim.

According to the researchers, attackers can exploit the vulnerability regardless of the brand of the user's device. A similar vulnerability was recorded on devices of many manufacturers, including Apple, Samsung, Google, HUAWEI and others.

According to Adaptive Mobile Security experts, the vulnerability has been exploited for at least two years by highly sophisticated cyber criminals (most likely working for the government) to spy on users.

Ginno Security Lab experts claim they identified similar kind of vulnerabilities in 2015 and this is the first time they are publishing the details.

Adaptive Mobile Security said that everything starts with sending a malicious SMS-message. It can be sent from a phone, GSM modem or even a computer. After opening, this malicious message launches the S@T Browser program installed on each SIM card, as mobile operators use it to provide their services. In this way, attackers can gain full control of the victim's phone.

The company Ginno Security Lab claims that they have found vulnerability in both WIB simcard-browser and S@T simcard-browsers.

"The Wireless Internet Browser (WIB) is specified by SmartTrust and is the market leading solution for SIM toolkit based browsing".

By sending a malicious SMS message to the victim's phone number, an attacker can exploit vulnerabilities in the WIB simcard-browser to remotely gain control of the victim's mobile phone to perform malicious actions.  In their demo, they remotely made a call from victim's phone to another phone.

The impact of the vulnerability in WIB is spreading around the world and putting hundreds of millions of telecommunication subscribers worldwide at risk. The security vulnerability comes from the SIM card, does not depend on mobile phones or the mobile phone operating system, so every mobile phone is affected.

According to the researchers, one of the main reasons for the existence of Simjacker vulnerability today is the use of outdated technologies in SIM cards, the specifications of which have not been updated since 2009. Experts have already information their findings to the GSM Association, a trade organisation that represents the interests of mobile operators around the world.