Share This

Sunday, August 11, 2024

No banking on hacked phones

 


PETALING JAYA: Customers with compromised devices will be temporarily restricted from accessing banking apps as banks in Malaysia roll out a feature that detects high-risk malware and suspicious remote access.

In a statement yesterday, the Association of Banks Malaysia (ABM) and Association of Islamic Banking and Financial Institutions Malaysia (Aibim) said the feature, called malware shielding, will be embedded within the banks’ native mobile banking apps.

Both organisations stated that the feature is designed to prevent unauthorised transactions, protect customers’ funds, and shield them from malware scams.

“It will essentially alert or block customers from conducting banking activities on compromised devices,” said the statement. 

Banks that have enabled the feature on their mobile banking apps include Alliance Bank, AmBank, Bank Muamalat, Bank Simpanan Nasional, CIMB Bank, HSBC Bank, Maybank, MBSB Bank, OCBC Bank, Public Bank, RHB Bank, Standard Chartered, and UOB Bank.

“Emphasising customer privacy, malware shielding is only activated upon the customer launching the mobile banking app and does not run in the background 24/7,” said ABM chairman Datuk Khairussaleh Ramli in the statement.

He added that customers’ banking information and personal data will remain confidential.

Bank Negara governor Datuk Seri Abdul Rasheed Ghaffour said the fight against online scams is a shared responsibility, welcoming the move by banks to enhance online banking apps with added security features.

“This helps to create a more secure banking environment for all Malaysians. We also urge members of the public to remain vigilant against requests to download apps from unofficial sources,” he added.

Customers are advised to reach out to their banks’ 24/7 fraud hotline for assistance should they encounter a temporary restriction.

When contacted, National Cyber Security Agency (Nacsa) chief executive Dr Megat Zuhairy Megat Tajuddin said the measure is well-suited to address specific challenges faced by users in Malaysia as cyber threats are becoming increasingly sophisticated and prevalent.

“In 2023, 40% of the total incidents monitored by the National Cyber Coordination and Command Centre (NC4) were malware-related. In 2024, up until June, the NC4 handled 34% of incidents related to malware,” Megat Zuhairy said.

While the temporary restriction is regarded as an important preventive step, Megat Zuhairy said its effectiveness is also dependent on users.

“They need to adhere to recommended cyber hygiene practices such as to only download apps from official platforms and avoid performing online activities through unsecured WiFi networks,” he said.

Malaysia Cybersecurity Community rawSEC chairman Ts Tahrizi Tahreb said the malware shielding technology could potentially prevent several types of banking malware that are used by hackers to infiltrate devices and perform unauthorised financial transactions.

“Some of them include Cerberus which can mimic legitimate banking app interfaces to capture user credentials and one-time passwords through overlays and screenshots,” he said.

Tahrizi added that another type of malware called Gustuff has been known to target over 100 banking apps and can automate bank transactions on compromised devices.

“These malware types often exploit vulnerabilities in mobile banking applications, making them prime targets for shielding technologies,” he said.

Malaysia Cyber Consumer Association (MCCA) said the initiative represents a proactive approach to addressing the growing threat of cyberattacks on financial systems.

“However, MCCA also emphasises the importance of implementing this feature with caution, transparency, and a strong focus on user education,” its chairman Siraj Jalil said.

He added that the criteria used to define a “compromised device” must be transparent and precise.

“The effectiveness of such a solution hinges on its ability to accurately identify compromised devices without generating false positives. A significant number of false positives could lead to legitimate users being locked out of their banking apps, causing unnecessary frustration and potential financial disruption.

“If users find themselves frequently locked out of their apps, they might resort to using web-based banking solutions, which may not be as secure as the mobile apps, or they could turn to unofficial methods to bypass the restrictions, further exposing themselves to risks,” said Siraj.

Tahrizi said banks can further enhance security and customer protection by implementing some additional measures.

“Banks should regularly test their apps through application security testing (AST) and infrastructure security testing (IST). All identified issues should be tracked, with priority given to remediating critical and high vulnerabilities,” he added.

Customers also need to be constantly reminded of the latest potential online scam attempts.

“Ongoing education and awareness of safe mobile banking practices, such as recognising phishing attempts and avoiding suspicious downloads, can empower customers to protect themselves, and this is a very effective first line of defence,” he said.

Source link 

Related posts:

THE FIGHT AGAINST CYBERCRIME IN FINANCIAL SERVICES


EXCLUSIVE On top of the scams list: Beating the cheats

 


Saturday, August 10, 2024

A journey filled with cultural riches

Model student: Goh delivering a speech at her graduation ceremony in 2022, where she received the award for outstanding doctoral graduate. — Photo courtesy of Goh


Scholar says her five-year stay in China nothing short or unforgettable


PETALING JAYA: A Malaysian’s academic journey in China has been enriched with unique opportunities to advance personal growth and experience the country’s rich culture.

Dr Goh Chye Poh said her most fascinating experience was attending the opening ceremony of the 2022 Beijing Paralympic Winter Games and contributing to the production of its theme song music video “Together for a Shared Future” for the Beijing TV station covering the event.

“It was truly a privilege for me and my coursemates to be part of such a significant and unforgettable experience.

“I was honoured to contribute creatively to the representation of the Paralympics through music,” she told The Star in a recent interview. 

Goh, 35, from Taiping, Perak, pursued her doctorate in Chinese International Education at Beijing Language and Culture University on a Chinese government scholarship after completing her master’s degree at Universiti Tunku Abdul Rahman.

Since arriving in China in 2019, she has embraced the country’s diverse experiences.

“Each season brings its own unique beauty, from spring blooms to winter snow. 

“Adapting to the changing seasons requires adjusting not just my clothing and activities but also my mindset.

“Over time, I’ve learnt to fully embrace the rhythms of the four seasons,” she said.

Goh’s academic journey has been marked by achievements, including winning prizes in essay and speech competitions for Asean international students.

“These achievements led to more opportunities to participate in international events,” she said.

Goh also had the opportunity to deliver a speech at her 2022 graduation ceremony after successfully defending her thesis on comparative lexical knowledge systems between Malaysia and China.

To stay updated on industry developments, Goh said she frequently attended or hosted forums.

“Earlier this year, I had the honour of participating in exchange activities in Xinjiang, a crucial Silk Road hub with a rich and diverse culture that left a lasting impression.

“The most rewarding aspect was immersing myself in the daily lives of local residents.

“Seeing the unique cultural charm of each city I visited is so endearing,” she said.

Now living in the central business district of Chaoyang in Beijing, Goh’s passion for learning and experiencing new adventures remains a driving force in her academic and personal pursuits.

“I hope I will visit more cities in China. My time here has been both enriching and fulfilling.

“The country has provided countless opportunities for my career advancement and personal growth,” she said.

Source link 

Related posts:

Thrilled to leave his mark in China

 

Melaka-born lawyer finds the perfect place to work hard and play hard

Thrilled to leave his mark in China

 

Melaka-born lawyer finds the perfect place to work hard and play hard


Friday, August 9, 2024

WADA statement on Reuters story exposing USADA scheme in contravention of World Anti-Doping Code

WADA Exposes USADA's Prolonged Doping Scheme ...


WADA Exposes USADA's Prolonged Doping Scheme ...


The World Anti-Doping Agency (WADA) responds to a Reuters story of 7 August 2024 exposing a scheme whereby the U.S. Anti-Doping Agency (USADA) allowed athletes who had doped, to compete for years, in at least one case without ever publishing or sanctioning their anti-doping rule violations, in direct contravention of the World Anti-Doping Code and USADA’s own rules. 

This USADA scheme threatened the integrity of sporting competition, which the Code seeks to protect. By operating it, USADA was in clear breach of the rules. Contrary to the claims made by USADA, WADA did not sign off on this practice of permitting drug cheats to compete for years on the promise that they would try to obtain incriminating evidence against others. 

Within the Code there is a provision whereby an athlete who provides substantial assistance can subsequently apply to have a proportion of their period of ineligibility suspended. However, there is a clear process for that, which does not involve allowing those who have cheated to continue to compete while they may or may not gather incriminating evidence against others and while they could retain a performance-enhancement effect from the substances they took. When WADA eventually found out about this non-compliant practice in 2021, many years after it had started, it immediately instructed USADA to desist. 

WADA is now aware of at least three cases where athletes who had committed serious anti-doping rule violations were allowed to continue to compete for years while they acted as undercover agents for USADA, without it notifying WADA and without there being any provision allowing such a practice under the Code or USADA’s own rules. 

In one case, an elite level athlete, who competed at Olympic qualifier and international events in the United States, admitted to taking steroids and EPO yet was permitted to continue competing all the way up to retirement. Their case was never published, results never disqualified, prize money never returned, and no suspension ever served. The athlete was allowed to line up against their unknowing competitors as if they had never cheated. In that case, when USADA eventually admitted to WADA what had been going on, it advised that any publication of consequences or disqualification of results would put the athlete’s security at risk and asked WADA to agree to non-publication. Being put in this impossible position, WADA had no choice but to agree (after verifying with its Intelligence and Investigations Department that the security threat was credible). The athlete’s doping was therefore never made public. 

In another case of a high-level athlete, USADA never notified WADA of its decision to lift an athlete’s provisional suspension, which is an appealable decision, despite being required to do so under the Code. Had WADA been notified, it would never have allowed this. 

How must other athletes feel knowing they were competing in good faith against those who were known by USADA to have cheated? It is ironic and hypocritical that USADA cries foul when it suspects other Anti-Doping Organizations are not following the rules to the letter while it did not announce doping cases for years and allowed cheats to carry on competing, on the off chance they might help them catch other possible violators. WADA wonders if the USADA Board of Directors, which governs USADA, or U.S. Congress, which funds it, knew about this non-compliant practice that not only undermined the integrity of sporting competition but also put the co-operating athletes’ security at risk.  

WADA statement following comments by CEO of United ...

WADA statement following comments by CEO of United States Anti-Doping Agency

The World Anti-Doping Agency (WADA) is astonished by the outrageous, completely false and defamatory remarks made by the CEO of the United States Anti-Doping Agency (USADA), Travis Tygart, who has made very serious accusations against WADA in connection with the case of 23 swimmers from China that was reported upon by the media earlier today.

Mr. Tygart’s allegations are politically motivated and delivered with the intention of undermining WADA’s work to protect clean sport around the world. WADA notes that the damaging comments have been delivered without any supporting evidence whatsoever.

The truth of this matter is that according to all available scientific evidence and intelligence, thoroughly gathered, assessed and tested by leading anti-doping experts, WADA had no basis to challenge the explanation of environmental contamination. At all times, WADA acted in good faith, according to due process and following advice from external counsel when it decided not to appeal this case. In the absence of any other evidence WADA, still today, stands by the results of its rigorous scientific investigation as well as the approach of its Intelligence and Investigations Department. WADA’s statement of 20 April outlines the Agency’s position on this file in more detail.

It is implicit in his statement that Mr. Tygart does not accept the finding of environmental contamination in this case although he cannot say why. Yet, it is true that in the United States, WADA has also accepted USADA’s similar conclusions of contamination involving a number of U.S. athletes. Mr. Tygart should realize that it is not only American athletes who can fall victim to situations of no-fault contamination.

USADA contacted WADA in early 2023 based on a tip it had received about an alleged cover-up involving these cases but unfortunately was unable to provide any evidence whatsoever.

It should be noted that following Mr. Tygart’s false allegations, WADA has no choice but to refer this matter to its legal counsel for further action

Source link 


Medal Table

 

 < click Live update

Related posts:

Weaponized tests: How US uses extraterritorial jurisdiction to intervene in international sports, tarnish China’s anti-doping efforts

 < click Live update