Toyota Discloses Another Data Breach Involving Customers in Asia and Oceania - 1

Toyota Discloses Another Data Breach Involving Customers in Asia and Oceania

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

In a statement released this week, Toyota announced discovery of another data breach exposing sensitive information of customers in Asia and Oceania (excluding Japan). The discovery was uncovered in wake of its ongoing investigation into the May 12 data leak incident which left several Japanese customers data at risk.

According to the automaker, this breach was also a result of database misconfiguration of its cloud environment which are managed by TOYOTA Connected Corporation (TC). The cloud service company features a subscription model which allows Toyota customers to use internet in cars to access audio, multimedia, location services and emergency assistance.

The customer and vehicle information which was publicly available could be accessed by anyone who knew where to search. ‘’Vehicle registration number, vehicle ID, customer name, email ID, address, and phone number of customers in some countries in Asia and Oceania (Japan is not included) was exposed between October 2016 – May 2023,’’ said the notification.

The company said that this incident was the result of insufficient dissemination and enforcement of data handling rules. To avoid recurrence, on an ongoing basis, checks and maintenance of cloud environments are being conducted.

Additionally, the company would be investing in the training and education of TC employees regarding data handling rules to ensure safety of customer information.

In its statement, the company also issued an apology to all the affected customers and assured that no third-party had accessed the data nor any copy of it was found on the internet. However, at present the company could not confirm if vehicle location and credit card information was also a part of the leak.

This notification comes right after an earlier statement released by the company in May this year about the exposure of 1.15 million Japanese customers’ data.

New Spyware ‘SpinOk’ Infected Apps Put Millions of Android Users at Risk - 2

New Spyware ‘SpinOk’ Infected Apps Put Millions of Android Users at Risk

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

A new software module with spyware capability was recently discovered by security researchers at Doctor Web. Tracked as ‘SpinOk’, the malware was distributed as a marketing software development kit (SDK). It was found in over a 100 Android apps with cumulative downloads of over 420 million.

The module is said to have spyware functionality as it can extract data from users’ devices and transfer them to threat actor controlled and managed remote servers.

The cleverly designed malware at first glance appears to be legitimate and maintains users’ interest through mini-games and daily rewards (alleged).

When activated, it connects to a command-and-control (C2) server and transfers data from the device’s sensors (gyroscope, magnetometer). This helps it detect controlled (sandbox) environment and adjust its operations to avoid being noticed by security researchers. In a related move, SpinOk bypasses proxy settings, thus hiding network connections during analysis. Then it downloads a list of websites from the remote server for displaying the intended advertising banners (minigames).

As expected, these minigames are visible to the app’s users, but the trojan can gather list of files, verify presence of particular files, copy and replace clipboard contents. These malicious activities can help the hackers access any confidential personal and financial data stored on the victim’s device.

This trojan module and numerous modifications was found in several apps with nearly 421,290,300 downloads. Some popular apps found:

  • Noizz: Video editor with music (100 million installations)
  • Zapya: File transfer and share (100 million installations)
  • VFly: Video editor & video maker (50 million installations)
  • MVBit: MV video status maker (50 million installations)
  • Biugo: Video maker & video editor (50 million installations)

As per the experts’ reports, some of the apps still contained the malicious SDK while others either had it in particular versions or were completely removed from Google Play. The firm also said that they had submitted reports about the undiscovered threat to Google.

Dr. Web’s analysts claim to have found this SDK malware in 101 apps with at least 421,290,300 cumulative downloads. Apparently, a complete list of this SDK infected apps can be found on their website .