Group items tagged

"The new malware, called Anubis, seems to use code forked from Loki. It steals crypto wallet credentials, credit card details and other valuable information from these Windows users. According to MSI, it first discovered the malware in June in the cybercriminal underground. It has the same name with another potent banking Trojan that has been targeting Android smartphones for months."

"Up to 10 million Android smartphones have been infected by malware that generates fake clicks for adverts, say security researchers. The software is also surreptitiously installing apps and spying on the browsing habits of victims. The malware is currently making about $300,000 (£232,000) a month for its creators, suggests research."

"Fidelis malware mangler Jason Reaves says the TrickBot malware has strong code similarities to the Dyre trojan, a menace that ripped through Western banks and businesses in the US, the UK, and Australia, inflicting tens of millions of dollars in damages through dozens of separate spam and phishing campaigns since June 2014. Dyre stole some US$5.5 million from budget carrier Ryanair and fleeced individual businesses of up to $1.5 million each in substantial wire transfers using stolen online banking credentials."

"Dubbed SilentFade (short for "Silently running Facebook Ads with Exploits"), the malware compromised Facebook accounts and used them to promote malicious ads, steal browser cookies and more. The social-media giant said that the Chinese malware campaign started in 2016, but it was first discovered in December 2018, due to a suspicious traffic spike across a number of Facebook endpoints. After an extensive investigation, Facebook shut down the campaign and pursued legal action against the cybercriminals behind the attack in December 2019. "

"A strain of of Android malware has infected 85 million victims across the globe, generating at least $300,000 every month for the gang behind it, thanks to millions of pop-up adverts and app downloads."

"Ransomware is an especially odious type of malware. The way it works is simple. Your computer will be infected with some malicious software. That software then renders your computer entirely unusable, sometimes purporting to be from local law enforcement and accusing you of committing a computer crime or viewing explicit pictures of children. It then demands monetary payment, either in the form of a ransom or a 'fine' before access to your computer is returned."

"Regin is a tool capable of infecting and compromising entire networks, not just individual computers, as security companies Symantec and Kaspersky Labs detailed in their technical reports published on Sunday and Monday. It's not only a computer virus or malware, but also a toolkit or platform that can be used for different purposes, depending on the needs of the attackers. It can collect passwords, retrieve deleted files, and even take over entire networks and infrastructures, according to researchers. "

"If mediocre malware can power some of the largest DDoS attacks ever, and considering the sad state of security of the Internet of Things in general, we should probably brace for more cyberattacks powered by our easy-to-hack "smart" Internet of Things, as many, including ourselves, had predicted months ago."

"A new botnet is actively targeting IoT devices using payloads compiled for a dozen CPU architectures and uses them to launch several types of DDoS and to spread various types of malware. The Dark Nexus botnet as it was named by the Bitdefender researchers who discovered it has gone through a very fast development process since it was initially spotted."

"The malware was delivered through multiple ad networks, and used a number of vulnerabilities, including a recently-patched flaw in Microsoft's former Flash competitor Silverlight, which was discontinued in 2013. When the infected adverts hit users, they redirect the page to servers hosting the malware, which includes the widely-used (amongst cybercriminals) Angler exploit kit. That kit then attempts to find any back door it can into the target's computer, where it will install cryptolocker-style software, which encrypts the user's hard drive and demands payment in bitcoin for the keys to unlock it."

"The error saw over 800 links on the nhs.uk website send visitors to websites serving advertising and malware unrelated with the NHS. "We can confirm that this problem has arisen due to an internal coding error and that NHS Choices has not been maliciously attacked," said a HSCIC spokeswoman on behalf of NHS Choices."

"But Computercop isn't security software -- quite the opposite; it's classic malware. The software, made in New York by a company that markets to law enforcement, is a badly designed keylogger that stores thingstyped into the keyboard -- potentially everything typed on the family PC -- passwords, sensitive communications, banking logins, and more, all stored on the hard drive, either in the clear, or with weak, easily broken encryption. And Computercop users are encouraged to configure the software to email dumps from the keylogger to their accounts (to spy on their children's activity), so that all those keystrokes are vulnerable to interception by anyone between your computer and your email server. "

"Facebook has blocked a group of hackers in China who used the platform to target Uighurs living abroad with links to malware that would infect their devices and enable surveillance."

"Google said in a new blog post that hackers linked to the Chinese government have been impersonating antivirus software McAfee to try to infect victims' machines with malware. And, Google says, the hackers appear to be the same group that unsuccessfully targeted the presidential campaign of former Vice President Joe Biden with a phishing attack earlier this year. A similar group of hackers based in Iran had tried to target President Trump's campaign, but also was unsuccessful."

"According to a report by Sophos, malware and spam are on the rise on social networks such as Twitter, MySpace, Facebook and LinkedIn. In the last year, 57% of users report they have been spammed via social networking sites, an increase of 70.6% compared to last year. Furthermore, 36% of users claim they've been sent malware via social networking sites, which is a rise of 69.8% from last year. On the other hand, CEOs of companies are concerned that their employees' usage of social networks is posing a security risk for their company. Sophos has surveyed more than 500 organizations, discovering that 72% of them think social networks are a danger for their companys, with 60% of them tagging Facebook as the biggest security risk, followed by MySpace, Twitter and LinkedIn. Graham Cluley, senior technology consultant for Sophos, says that Facebook is the biggest threat because it's the biggest social network out there, but he also places some of the blame on Facebook's own privacy rules. "When Facebook rolled-out its new recommended privacy settings late last year, it was a backwards step, encouraging many users to share their information with everybody on the internet," he says. Interestingly enough (and contrasted to some of the reports we've seen lately), Cluley thinks that simply barring access to Facebook is not the solution. "Social networks can be an essential part of the business mix today," he says, "and the answer is not to bar staff from participating in them but to apply some 'social security' instead.""

"A new strain of ransomware has been targeting government agencies and educational institutions in the United States, through scam emails that pretend to be something important. The malware, dubbed as 'MarsJoke' by Proofpoint security researchers, reportedly began a large-scale email campaign which distributed the cryptomalware last week. The developers are sending out emails which seems to be masked as a message from an airline company."

"demonstrate a fiendishly clever procedure for getting data off of airgapped computers that have had their speakers removed to prevent acoustic data-transmission: instead of playing sound through the target computer's speakers, they attack its fans, varying their speeds to produce subtle sounds that humans can barely notice, but which nearby devices can pick up through their microphones."