Who Are The People Behind Malware Scams? - Part 2/2 | Talking Point | Full Episode
ฝัง
- เผยแพร่เมื่อ 20 พ.ค. 2024
- After investigating how malware scams affect victims, host Steven Chia heads to Vietnam to find out who is behind these scams and how easy it is to create malware. He meets a notorious ex-hacker who digs further into an app embedded with malware that was making its rounds in Singapore. He also finds out how sophisticated scams are going to get, and what we can do to protect ourselves.
WATCH Part 1: • How Do Scammers Take O...
00:00 Introduction
04:02 How Vietnam became an international cybercrime hotspot
07:36 How easy is it to create malware?
12:36 Ex-hacker analyses a malware app used in Singapore
15:14 Zero-click hacks: A sophisticated new malware to look out for
19:15 Tips to tell if your phone has been infected by malware
20:45 What to do if you think your phone has been infected
About the show:
Talking Point investigates a current issue or event, offering different perspectives to local stories and revealing how it all affects you.
================================================
#CNAInsider #CNATalkingPoint #Scammer #Malware #Android #iPhone #Vietnam
For more, SUBSCRIBE to CNA INSIDER!
cna.asia/insideryoutubesub
Follow CNA INSIDER on:
Instagram: / cnainsider
Facebook: / cnainsider
Website: cna.asia/cnainsider
It is also important to note if all else fails and you can't control your phone, you can also unplug your home modem fibre optic cable (if you are at home) and physically remove your SIM card on your phone to stop mobile data. This should prevent hackers from receiving your OTP even if they compromised your passwords.
You can also buy an RFID-blocking pouch to keep your phone in which will stop all wireless signals and put your phone in airplane mode while you sleep.
Ahhh such a simple solution but it never crossed my mind (and I most definitely wouldn't think about doing this at most kanchiong moment).
Thank you for this and for making the effort to type!
I've problem with our data mobile phone design old phone in the 90s we can remove the batteries so we can disconnect fast.
if all else fails, try a hammer! Quick, easy and costly but not as costly as losing the entire balance in your bank account.
You can also force restart your phone by long-pressing/holding the power button until the phone restarts. Then after restart, do not unlock the phone.
This will interrupt the connection temporarily, giving you the time to remove the SIM card or turning off your WiFi terminal.
Yeah I was also going to ask if it would help if you put your phone to airplane mode.
I’m glad Hieu turned his knowledge and skills in a good use for society now instead of create pain for others! Keep it up, good works!
I was waiting for this ever since i watched Part 1.
Thanks so much for sharing this excellent videos!!!👍👏🏻👏🏻😍😍😍
Even a missed call can get you a malware is just crazy scary, you don't even need to be tricked now!
Really? How? Crap.
@@M_SC I just found out from this episode too, Steve mentioned it. One of the zero click malwares.
@@M_SCIt is done by exploiting vulnerabilities in the device. For example, there was an exploit called "BLASTPASS" last month that targeted iPhones. This is why it is important to keep your software updated.
It would be nice to know how to avoid or prevent this😂😅
@@rosemaryng7994software updates can patch the loophole
Cyber Crime should have international Cooperations with international Police / Agency
Last year, the Philippines 🇵🇭 authorities closed 175 Chinese gambling organizations,
and deported 40,000 Chinese nationals who entered into the country and worked illegally, many as *online scammers and other shady activities.*
The next main concern is the use of Flipper Zero device to read, connect to devices be it apple, android, wifi, nfc. It’s how that device can be configured for each use.
Very much appreciated that.
I wish people would take open source more seriously.
Great journalism. Also i like how chill Nyugen Quang Dong's dress sense is at 5:50.
Steven, what Mercedes car were you driving?
Servers run on mobile devices, too. An attacker can destroy the device and buy a new one serving i.e. 'malware'.
Providers have (obligatory) to be checked. Software releases and individual modifications of these also might be checked.
As soon there is no genetical id of each communication device user and producer/seller it will stay difficult to proof responsibility (especially in countries with large population like China, India, Russia)
The fewer people participate in communication the faster a safe environment can be set up.
Interesting also would be to make a great |diff| of communication from a mobile device to a carrier and of the same information sent to web/satellite..
Can prevent all this scams.Stop all digital online Overseas funds transferred. Only can do it company to company and if individuals person want to do Overseas funds transfer have to go directly to the bank branch.
This is an eye opener. I was aware of the Russian and Chinese hacking history, but wasn't aware of Vietnam doing it so much. While Vietnamese kids are learning coding, the British ones are struggling with Maths and English, when leaving school can barely do Maths and spell a short message without errors, have very poor grasp of the world geography, and they will be generous donors to the Asian hackers, because they don't get enough practical education for life. Mind boggling.
There are so many from Thailand as well
I have received more than 10 calls from Thailand phone numbers in the past weeks asking for investments or join in their chat group
Can't understand the zero click malware thing. You mean they just send you a message / missed call, you don't even have to open said message and your phone is infected?! How to defend against such attacks? There seems to be no hope... deleting all banking apps seems to be the only option but that would leave you severely compromised in this day and age 🙄
Wow, mind blowing, how can this zero click malware works? No wonder i have been receiving unknown miss call, almost like 3-4 times per week. When i call back these missed calls, it will reply "the number you have dialed is not in service". Now it makes me relates those calls to this zero click malware. It is a SAD world! Technology supposed to help people's life but not to scam and disturb people's life.
There will always be people on the other side that'll misuse any inventions available to their own advantage.
For iPhone, just keep your iOS up to date. That’s the best u can do.
It's strange that ppl would never use their PC without an antivirus app in the past, but no one ever considered installing an antivirus application.. for their phones
Because we are so used to think phones dun need antivirus or that virus only affects Windows PC.
I feel having an antivirus program that works in the background that checks ur application and protects ur data is important.
If u dun want to spend money.. some antivirus programs do offer "free" protection but they will give u some apps of cos telling you to consider buying their paid services.
Of cos (they do need to survive also)
I would consider using a paid antivirus app or since I am a paid Office 365 user, Microsoft has a free antivirus app, Defender for ppl with office 365 subscription.
Sure it's not fool proof but it's an added layer of defense.
@@marvint480while using a lesser used OS like Symbian or Harmony OS or Blackberry can be seen as "safe" since ppl will write malware for the majority OS . But using lesser known OS also means the OS has less patching and less ppl looking into the loopholes and such. So it's like you get less support and also banking apps dun make apps for Symbian, WhatsApp or chat apps also may not have the supported features.
The shocking breath and depth of the scandal prompts the question of who else knew about the dealings but kept silent during the entire episode.
It also raises the possibility that the incident is not an isolated one and whether more such cases exist within the stable of Government-linked companies and their worldwide dealings.
Need more information on zero click hack and prevention!
Wish my phone give me more user control eg restricting unknown overseas calls or messages. Blocking them after they are in seem to be too late.
Antivirus software like Kaspersky can help to prevent macilious software?
They can't, if you ignore all warnings and notifications.
Yes, only on PC.
On your phone, keep the phone updated and use common sense & read the warning popups.
Oh my god. The mass population are so vulnerable. 😢😢😢
Vietnamese ex-hacker is a amazing
Just found out about him too th-cam.com/video/ePnVgdGJqmw/w-d-xo.html
Is it safer to use pc for banking usage only with vpn?
It isn't the device. It is the user behind the device. Gullible users will fall for any scam regardless of the device.
No. When a malware on a smartphone is trying to gain access to your phone, there will be countless pop-ups at different points asking for permission giving you a chance to revert and notice things.
But malware on PC can be very quiet. When you get a malware on a PC; once you opened it, it can already access nearly everything without any pop-up. And can access everything if you clicked "Yes" on the only one pop-up that can appear.
This is because apps on smartphone is more restricted by the phone itself, and needs a confirmation from the user before it can access things. Unlike on PC where apps have relatively unrestricted access.
VPN can only protect you from hackers between you and the destination server, like if you're in public WiFi so IT administrator, internet provider, and people on the same WiFi can't see what you're doing.
VPN doesn't protect you if the hacker already has access to your device or the destination server, like if your PC or the bank got infected with malware.
Untrustworthy VPNs may even be unsecure and leak your data, and VPN will obscure your location making it harder for service providers like your bank to distinguish between you & the hacker if you were to be hacked and an investigation started. This will make the investigation harder, so don't use it.
Just wondering will anti virus software in android phone will help to prevent this?
did you watch the 1st episode? The victim was warned a few times about the malicious app but she decided to install it anyway to get free food. There is no technology solution to protect idiots.
No. It's not very helpful. Anti-virus on smartphones are very limited. Because smartphone apps being very restricted, the antivirus can only get a list of app names and compare it against a database of known malware. The hacker can simply change the app name and it wouldn't be detected until it's too late.
It's unlike on computers where apps have more freedom, antivirus can actually analyze app behaviors, internet connection, and file activities to detect malware. It doesn't have to only rely on a list of known malware like on smartphone.
Best way to protect yourself on the phone is to keep your phone updated, only install apps from Play Store/App Store, don't install apps from outside of the store, read the warning popups, and use common sense (for example, Zoom might need Screen recording permission when you're trying to share PowerPoint on your screen, but a shopping app certainly does not need such permission)
The big question is why the government there not doing anything? The main culprits understand are mainly from China and Taiwan are allowed to operate freely without any issue from the local authority and police. Won't be surprise the recent $2b case caught in Singapore are some of the main culprits too, but business still as usual.
Both the Keppel and DBS cases which happened only recently signal a deterioration in the system that governs Singapore.
Equally disturbing is the authorities' knee-jerk denials of such problems and the continued boasts about the integrity of the system and its organisations.
They let in people with fake IT degrees. Asking for trouble.
1:50 older smart phone do have removable batteries....21:15 when hackers take over complete control or just touch display and function buttons....
Thank you for sharing this insightful video. 16oct23
Each communication device would have its own unique MAC address, perhaps banking apps can only be installed in user pre-registered devices? (An additional opt in protection system for concerned account holders) This could be a role at the national Singpass level...?
1. How is that going to help when scammers remotely take over your device and use your banking app on your phone to transfer money to their account?
2. MAC address can be easily spoofed. You don't even connect to WiFi using your real MAC any longer. It's randomized.
The hackers would just simply move to exclusively remote access attack and drop phishing attack (fake website/apps asking you to type in passwords)
When hacker remotely controls & do it through your device, it doesn't appear as new device because it's just as if the hacker was right beside you and stealing your phone to do it.
I feel there is a need to consider installing antivirus.. from reputable companies that is . For protection.. it is not fool proof since the best protection is not to get it in the first place. But having an antivirus app . Can be that 2nd Layer of protection if a mistake happens.
Anti-virus on smartphones are very limited. Due to smartphone apps being very restricted, the antivirus can only get a list of app names and compare it against a database of known malware. The hacker can simply change the app name and it wouldn't be detected until it's too late.
It's unlike on computer where apps have more freedom, so antivirus can actually analyze app behaviors, internet connection, and file activities to detect malware. It doesn't have to rely on a list of known malware.
Best way to protect yourself on the phone is to keep your phone updated, only install apps from Play Store/App Store, don't install apps from outside of the store, read the warning popups, and use common sense (for example, Zoom might need Screen recording permission when you're trying to share PowerPoint on your screen, but a shopping app certainly does not need such permission)
Honestly if ur phone gets hit by malware, it would be safer to get a new one as there have been cases where the malware persist past a factory reset
It probably persisted because after the wipe, the owner downloaded the same apps back to their phone.
What about Metatrader apps that is used for FOREX "investment"?
If it's on Google Play or Apple App Store, its likely safe.
But always be aware of the popups asking for unnecessary permission. If an investment app ask you to share the screen & turn on Accessibility services, it's probably malware.
If they have already captured your credentials, how does factory reset helps in stopping them from accessing your accounts?
It doesn't. Factory reset "cleans" your device from malware.
You still have to change your online passwords that's been leaked to them. It's a race between you and the hackers. If they get to it first, they can lock you out of your own account by changing your password.
Guess they can’t access your otp
@@Mew77778 yes they can IF they are still connected to your device and remotely controlling it.
@@shaggydawg5419 Never leave all eggs in 1 basket... what if my phone number that receive OTP and my bank apps are on 2 different phones? I am wondering if they can still get OTP though
The person working in cybersecurity this video said he could track down the IP address of some scammers. He should then pass that information on to the police so that those people get caught, arrested and imprisoned.
hello vpn
VPN, and Tor you have IP address changing all the time, Krypto= they are open source. You can track them with blockchain. Do not believe about agent will help you bring your money back bla bla bla..is a long way to go.
@@f00kwhiteblackracismwarsh07 VPN is actually sure fire way to get caught.
The problem with that is the Police where the scammers live are more interested in getting a donation from the scammers instead of putting them in jail !!!!!!!!!!!!!
@@markunavail8510 oh my that’s terrible, I hope Interpol helps to get them caught, arrested and imprisoned.
khong guan biscuit tin for the win
People, please take unknown calls and troll them to waste their time. Every minute you spend is a minute these scammers' time wasted and it would slow down their scam,
Good that can insider has this video. Now I know that it is easily to be scammed.
Ah yes. The young and smart lady who didn't thought she could get scammed.
very funny lady
She smart meh??
Yea... I was expecting further details from her story, not just an anecdote to show how "smart" she is.
maybe she think getting good grades make her smart person.
Sorry but your Mercedes looks awesome! You got taste sir!
I dont do the download.
why can’t these scammers earn a decent living rather than stealing via unscrupulous method online… 😡 cheap way of living your lives scammers
Easy way out for them. Plus I’m sure their salary is low for regular jobs compared to other countries
This is not the first time that such a serious debacle has hit Singapore. In 2016, DBS (also a GLC) and other banks in Singapore were caught when money from Malaysia's 1MDB was found to have been laundered through them.
Ngo didn’t get released for good behaviour lolll… I’m 100% certain he entered into a contract with the government to be released early. This makes a good plot for a movie 😎
many hackers switch sides after they're caught and sentenced.
He was captured by the U.S government and served time there. His initial sentence was 30 years but released after 13 years because he helped the U.S goverment to catch other cybercriminals. Its good behavior.😄
"Catch me if you can" madafakas!
I used to use BKAV antivirus software when I was in Vietnam, in short, it was rubbish.
Why the authority dont just check these apps and lure those scammers out pretending to be customers ..authority always late arresting or stopping those scammers ...we victims suffer
We have been receiving scam/spam calls almost everyday. When we report to authority(MCMC), they will say these calls are out of their scope, please report to Police. Police will then tell you that you did not lost anything, only disturbing and scamming calls. Moreover, they said these scammers are outside of the country and hard to stop. Government please get the real "cyber expert" to stop all these scam calls or zero clicks malware & not claiming they cannot do anything.
Please improve the audio quality. The overall volume is low and (yet!) there is audible clipping - how did you achieve this amazing feat? Voices are also muffled and lack clarity. It sounds like some heavily compressed 128kbps MP3 audio clip from the early 2000s.
I can hear it very well
What they get caught there , it is legal in india
Solution: Nokia 3310.
Can't believe can learn to create malware online. How come the Telegraph company don't stop it? Even provides malware services, OMG. Really scary...
I know them in Cambodia. I know there operation. There salary start from 1k USD to 1500k USD plus commissions. The original owner of this scam is Chinese. Laos, Cambodia Vietnam and Thailand. The whole truth was not revealed. Ordinary people can easily detect due to bank transfer records
seem like Vietnam has better cyber security than singapore, should hire them instead of leaving to the locals.
Since they need internet connection to hack our phone, will it be better if we just turn on airplane mode when we notice something suspicious?
if you watch part 1 of this clip, the malware app prevents users from changing settings. You no longer have control of the device EXCEPT removing SIM card to kill data connection and/or unplugging your broadband/WiFi router.
I spend all my money on clothes, so that no one can scam me. Girl math
Doggy Doggy
It's estimated that China's 🇨🇳 cyber army for cyberspace missions is 100 times bigger than the size of Mexican cartels.
So simply put, there nothing we can do about it and just don't be a fool to fall for the tricks. Lol just don't own a phone then best way to prevent scam😅
All this has had a pointed effect on local wages and job opportunity. Take, for instance, PM Lee’s recent lament of the shortage of engineers in Singapore. The problem has become so acutre that we have had to engage Swedish and Japanese engineers to help us figure out what’s causing the interminable breakdowns of our MRT system. Transport Minister Khaw Boon Wan even exhorted our train operators to look to Taipei to emulate the reliability of its rail system.
At the risk of belabouring the point, how did we come to this after 50 years of PAP rule?
You are belaboring the point. Everything is PAP fault?
I have a sure fire way to keep your phone safe !!! first get rid of your smart phone and buy a simple flip phone you can make phone calls but thats it imagine that a phone that only works as a phone !! LMFAO... they are called feature phones or basic phones can only be used to make phone calls.... if you want a phone that will only make calls and text then you want..... Light Phone !!!!!
From india 😂😂
bring back 2fa token
If they can see u type in ur otp then what's the point
@@LolPop-ig4pf physical token not mobile phone
It's happen in Android phone. Please using Iphone
IOS for the win
Ah dit me
I hold you in the highest regard, @Regainassetsofficials in the online sphere. Your unwavering commitment to the recovery genre is truly inspiring, my aspirations is to be like you one, in making a difference in recovery and offering support to others, just as you have supported me, sending blessings from Canada and korea, I will continue to forge ahead!!
ကမ္ဘာနိုင်ငံချင်းအရေးနှင့်ဘာသာရေးတွေမှာကမ္ဘာလူသားအချင်းချင်းမကောင်းစေချင်လို့ဘာသာဝင်ချင်းမတူခဲွဲခြားမကောင်းစေချင်လို့မကောင်းအကြံလေ့လာပြစ်မှားခိုင်းတဲ့အဖွဲ့အစည်းနိုင်ငံဘာသာရေးကကမ္ဘာမှာလောဥပဒေစည်းကမ်းချိုးဖောက်ခိုင်းတဲ့တရားခံအပြစ်ရှိတဲ့ဆိုးမိုက်ယုတ်မာတဲ့ဘာသာရေးနိုင်ငံအဖွဲ့အစည်းမတရားအဆိုးမြင်အကြမ်းဖက်သမားမဖြစ်ဖို့လောဥပဒေစည်းကမ်းနှင့်ငြိမ်းချမ်းရေးကိူလေးစားတန်ဖိုးထားတဲ့အဖွဲ့အစည်းနိုင်ငံဘာသာရေးက ကမ္ဘာမှာအဆင့်ဂုဏ်သိက္ခာမကျပါဘူးအဆင့်ဂုဏ်သိက္ခာမှန်ပါတယ်ကောင်းပါတယ်သဘောပေါ့နော်good night