• bitcoinBitcoin (BTC) $ 61,563.00
  • ethereumEthereum (ETH) $ 2,996.91
  • tetherTether (USDT) $ 1.00
  • bnbBNB (BNB) $ 547.17
  • solanaSolana (SOL) $ 131.35
  • usd-coinUSDC (USDC) $ 1.00
  • staked-etherLido Staked Ether (STETH) $ 2,990.04
  • xrpXRP (XRP) $ 0.491118
  • the-open-networkToncoin (TON) $ 6.00
  • dogecoinDogecoin (DOGE) $ 0.145012
  • cardanoCardano (ADA) $ 0.443737
  • shiba-inuShiba Inu (SHIB) $ 0.000022
  • avalanche-2Avalanche (AVAX) $ 34.02
  • tronTRON (TRX) $ 0.109587
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 61,549.00
  • bitcoin-cashBitcoin Cash (BCH) $ 480.82
  • polkadotPolkadot (DOT) $ 6.62
  • chainlinkChainlink (LINK) $ 13.14
  • matic-networkPolygon (MATIC) $ 0.664138
  • litecoinLitecoin (LTC) $ 80.86
  • nearNEAR Protocol (NEAR) $ 5.50
  • internet-computerInternet Computer (ICP) $ 12.04
  • leo-tokenLEO Token (LEO) $ 5.85
  • uniswapUniswap (UNI) $ 6.98
  • daiDai (DAI) $ 0.999879
  • aptosAptos (APT) $ 9.14
  • first-digital-usdFirst Digital USD (FDUSD) $ 1.00
  • ethereum-classicEthereum Classic (ETC) $ 25.49
  • mantleMantle (MNT) $ 1.12
  • blockstackStacks (STX) $ 2.32
  • okbOKB (OKB) $ 54.97
  • crypto-com-chainCronos (CRO) $ 0.121651
  • filecoinFilecoin (FIL) $ 5.86
  • cosmosCosmos Hub (ATOM) $ 8.09
  • stellarStellar (XLM) $ 0.107705
  • arbitrumArbitrum (ARB) $ 1.13
  • bittensorBittensor (TAO) $ 447.87
  • render-tokenRender (RNDR) $ 7.68
  • makerMaker (MKR) $ 3,125.45
  • hedera-hashgraphHedera (HBAR) $ 0.079250
  • vechainVeChain (VET) $ 0.038142
  • immutable-xImmutable (IMX) $ 1.91
  • kaspaKaspa (KAS) $ 0.115628
  • ethena-usdeEthena USDe (USDE) $ 1.00
  • dogwifcoindogwifhat (WIF) $ 2.36
  • injective-protocolInjective (INJ) $ 25.57
  • the-graphThe Graph (GRT) $ 0.242270
  • optimismOptimism (OP) $ 2.19
  • wrapped-eethWrapped eETH (WEETH) $ 3,100.95
  • moneroMonero (XMR) $ 114.68
  • pepePepe (PEPE) $ 0.000005
  • fetch-aiFetch.ai (FET) $ 1.95
  • theta-tokenTheta Network (THETA) $ 2.01
  • fantomFantom (FTM) $ 0.664384
  • bitget-tokenBitget Token (BGB) $ 1.30
  • coredaoorgCore (CORE) $ 2.05
  • lido-daoLido DAO (LDO) $ 1.94
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,305.93
  • celestiaCelestia (TIA) $ 9.56
  • suiSui (SUI) $ 1.23
  • arweaveArweave (AR) $ 24.18
  • galaGALA (GALA) $ 0.041169
  • thorchainTHORChain (RUNE) $ 4.51
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,069.91
  • quant-networkQuant (QNT) $ 101.51
  • sei-networkSei (SEI) $ 0.494444
  • beam-2Beam (BEAM) $ 0.025995
  • algorandAlgorand (ALGO) $ 0.167573
  • whitebitWhiteBIT Coin (WBT) $ 9.26
  • bitcoin-svBitcoin SV (BSV) $ 65.20
  • flokiFLOKI (FLOKI) $ 0.000133
  • zebec-protocolZebec Protocol (ZBC) $ 0.024911
  • flowFlow (FLOW) $ 0.847961
  • jupiter-exchange-solanaJupiter (JUP) $ 0.931069
  • aaveAave (AAVE) $ 84.13
  • ethenaEthena (ENA) $ 0.880021
  • flare-networksFlare (FLR) $ 0.031627
  • bittorrentBitTorrent (BTT) $ 0.000001
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 2,978.19
  • neoNEO (NEO) $ 16.63
  • ondo-financeOndo (ONDO) $ 0.762058
  • ribbon-financeRibbon Finance (RBN) $ 1.12
  • tokenize-xchangeTokenize Xchange (TKX) $ 13.55
  • elrond-erd-2MultiversX (EGLD) $ 40.18
  • singularitynetSingularityNET (AGIX) $ 0.807338
  • wormholeWormhole (W) $ 0.556186
  • axie-infinityAxie Infinity (AXS) $ 6.94
  • dydx-chaindYdX (DYDX) $ 2.12
  • chilizChiliz (CHZ) $ 0.108776
  • ecasheCash (XEC) $ 0.000049
  • the-sandboxThe Sandbox (SAND) $ 0.427899
  • roninRonin (RON) $ 3.06
  • worldcoin-wldWorldcoin (WLD) $ 4.88
  • bonkBonk (BONK) $ 0.000014
  • tezosTezos (XTZ) $ 0.944911
  • havvenSynthetix Network (SNX) $ 2.77
  • nervos-networkNervos Network (CKB) $ 0.020393
  • conflux-tokenConflux (CFX) $ 0.228644
  • starknetStarknet (STRK) $ 1.22
  • ordinalsORDI (ORDI) $ 42.33
  • cheeleeCheelee (CHEEL) $ 15.46
  • gatechain-tokenGate (GT) $ 6.54
  • akash-networkAkash Network (AKT) $ 3.75
  • jasmycoinJasmyCoin (JASMY) $ 0.017769
  • gnosisGnosis (GNO) $ 326.00
  • pyth-networkPyth Network (PYTH) $ 0.562098
  • eosEOS (EOS) $ 0.727989
  • mina-protocolMina Protocol (MINA) $ 0.765498
  • msolMarinade staked SOL (MSOL) $ 154.71
  • decentralandDecentraland (MANA) $ 0.425571
  • kucoin-sharesKuCoin (KCS) $ 8.23
  • apecoinApeCoin (APE) $ 1.21
  • axelarAxelar (AXL) $ 1.18
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,017.80
  • usddUSDD (USDD) $ 0.983938
  • iotaIOTA (IOTA) $ 0.218441
  • kavaKava (KAVA) $ 0.647426
  • dexeDeXe (DEXE) $ 12.05
  • heliumHelium (HNT) $ 4.14
  • aioz-networkAIOZ Network (AIOZ) $ 0.624096
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.71
  • nexoNEXO (NEXO) $ 1.20
  • frax-etherFrax Ether (FRXETH) $ 2,986.40
  • echelon-primeEchelon Prime (PRIME) $ 17.60
  • dydxdYdX (ETHDYDX) $ 2.12
  • fraxFrax (FRAX) $ 1.00
  • klay-tokenKlaytn (KLAY) $ 0.179520
  • swethSwell Ethereum (SWETH) $ 3,149.88
  • aerodrome-financeAerodrome Finance (AERO) $ 1.55
  • oasis-networkOasis Network (ROSE) $ 0.090165
  • bitcoin-goldBitcoin Gold (BTG) $ 34.68
  • lido-staked-solLido Staked SOL (STSOL) $ 154.25
  • osmosisOsmosis (OSMO) $ 0.903334
  • tether-goldTether Gold (XAUT) $ 2,378.19
  • corgiaiCorgiAI (CORGIAI) $ 0.001702
  • dymensionDymension (DYM) $ 3.56
  • pendlePendle (PENDLE) $ 5.97
  • blurBlur (BLUR) $ 0.373970
  • terra-lunaTerra Luna Classic (LUNC) $ 0.000098
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,187.39
  • fasttokenFasttoken (FTN) $ 1.78
  • mantra-daoMANTRA (OM) $ 0.674683
  • illuviumIlluvium (ILV) $ 86.90
  • astarAstar (ASTR) $ 0.097106
  • theta-fuelTheta Fuel (TFUEL) $ 0.082502
  • radixRadix (XRD) $ 0.051415
  • sats-ordinalsSATS (Ordinals) (SATS) $ 0.00000026
  • mx-tokenMX (MX) $ 5.33
  • woo-networkWOO (WOO) $ 0.280435
  • based-brettBrett (BRETT) $ 0.062825
  • wemix-tokenWEMIX (WEMIX) $ 1.45
  • xdce-crowd-saleXDC Network (XDC) $ 0.036697
  • true-usdTrueUSD (TUSD) $ 1.00
  • curve-dao-tokenCurve DAO (CRV) $ 0.427309
  • ocean-protocolOcean Protocol (OCEAN) $ 0.825349
  • book-of-memeBOOK OF MEME (BOME) $ 0.008932
  • iotexIoTeX (IOTX) $ 0.051432
  • staked-frax-etherStaked Frax Ether (SFRXETH) $ 3,227.91
  • skaleSKALE (SKL) $ 0.090832
  • altlayerAltLayer (ALT) $ 0.365375
  • enjincoinEnjin Coin (ENJ) $ 0.318493
  • 1inch1inch (1INCH) $ 0.387603
  • stepnGMT (GMT) $ 0.229764
  • apenftAPENFT (NFT) $ 0.00000045
  • manta-networkManta Network (MANTA) $ 1.77
  • pax-goldPAX Gold (PAXG) $ 2,400.47
  • polymeshPolymesh (POLYX) $ 0.414848
  • superfarmSuperVerse (SUPER) $ 0.940897
  • zilliqaZilliqa (ZIL) $ 0.023314
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.02
  • ankrAnkr Network (ANKR) $ 0.042553
  • cat-in-a-dogs-worldcat in a dogs world (MEW) $ 0.004719
  • ethereum-name-serviceEthereum Name Service (ENS) $ 13.31
  • celoCelo (CELO) $ 0.778276
  • 0x0x Protocol (ZRX) $ 0.484637
  • memecoin-2Memecoin (MEME) $ 0.024845
  • amp-tokenAmp (AMP) $ 0.007215
  • terra-luna-2Terra (LUNA) $ 0.592731
  • rocket-poolRocket Pool (RPL) $ 19.94
  • aelfaelf (ELF) $ 0.551688
  • compound-wrapped-btccWBTC (CWBTC) $ 1,234.04
  • ether-fiEther.fi (ETHFI) $ 3.44
  • siacoinSiacoin (SC) $ 0.006897
  • ravencoinRavencoin (RVN) $ 0.028625
  • ethereum-pow-iouEthereumPoW (ETHW) $ 3.65
  • qtumQtum (QTUM) $ 3.68
  • holotokenHolo (HOT) $ 0.002167
  • frax-shareFrax Share (FXS) $ 4.82
  • raydiumRaydium (RAY) $ 1.44
  • jeo-bodenJeo Boden (BODEN) $ 0.551079
  • pups-ordinalsPUPS (Ordinals) (PUPS) $ 47.86
  • biconomyBiconomy (BICO) $ 0.499807
  • livepeerLivepeer (LPT) $ 11.56
  • safepalSafePal (SFP) $ 0.789824
  • stader-ethxStader ETHx (ETHX) $ 3,069.65
  • project-galaxyGalxe (GAL) $ 3.43
  • origintrailOriginTrail (TRAC) $ 0.887215
  • compound-governance-tokenCompound (COMP) $ 52.68
  • casper-networkCasper Network (CSPR) $ 0.029897
  • basic-attention-tokenBasic Attention (BAT) $ 0.236679

Facebook Under Fire: Suspected VPN Data Theft Unveiled

0 21

Facebook Under Fire: Suspected VPN Data Theft Unveiled

  beincrypto.com 8 h

Facebook Under Fire: Suspected VPN Data Theft Unveiled

Facebook has come under scrutiny for its alleged involvement in VPN data theft.

Tech analyst HaxRob, through his in-depth analysis, brought the issue to light, while tech journalist Naomi Brockwell further commented on it, revealing a complex web of user data interception and manipulation.

Facebook’s Alledge Data Theft Via VPN

HaxRob’s investigation unveiled that Facebook, leveraging its acquisition of Onavo, engaged in practices that could potentially intercept and analyze user data transmitted across other applications. By integrating root certificates into users’ mobile devices, Facebook purportedly could monitor and intercept traffic from a myriad of apps.

The controversy centers around Onavo. Before its removal from app stores, it ostensibly offered VPN services under the guise of user safety. However, archived descriptions and app functionalities hint at a darker purpose.

“This code, which included a client-side “kit” that installed a “root” certificate on Snapchat users’ mobile devices, also included custom server-side code based on “squid” through which Facebook’s servers created fake digital certificates to impersonate trusted Snapchat, YouTube, and Amazon analytics servers to redirect and decrypt secure traffic from those apps for Facebook’s strategic analysis,” a court filing reads.

Such actions not only breach user trust but also skirt the boundaries of ethical use of technology, as HaxRob pointed out, “The app managed to establish connectivity back to Facebook’s servers, despite presenting itself as a tool for user safety.”

Naomi Brockwell’s comments further cement the severity of the situation. She described Facebook’s actions as a “man-in-the-middle attack,” accessing SSL traffic and sensitive user data without consent.

“Looks like Facebook did a man-in-the-middle attack using their VPN service to steal data from other apps. This enabled them to see all SSL traffic, by creating a fake digital certificate to impersonate Snapchat, YouTube, Amazon, etc,” Brockwell explained.

The technical dissection of the Onavo app’s operations reveals alarming permissions requests, including overlay capabilities over other apps, access to historical and deleted app usage, and the management of phone calls. Under the pretext of enhancing user safety, these permissions raise significant red flags about the extent of data Facebook could access and manipulate.

Critically, the practice of installing certificates for intercepting app traffic, though hindered by recent Android security improvements, showcases the lengths to which companies might go to gather user data. The exposure of such practices, including the potential collection of mobile subscriber IMSI numbers and the extensive telemetry data amassed from the app’s 10 million downloads, reflect the imperative for stringent regulatory oversight.

This incident is not isolated. It echoes previous fines, like the $20 million penalty imposed by Australia’s ACCC, highlighting the global concern over Facebook’s data handling practices.

Source

Leave A Reply

Your email address will not be published.