fbpx

Download free GDPR compliance checklist!

Tag Archives for " malware "

Microsoft Confirms Its Network Was Breached With Tainted SolarWinds Updates

Microsoft confirmed that its network was among the thousands infected with tainted software updates from SolarWinds, even as new data the company has released suggest the likely Russian actors behind the campaign were focused on a smaller set of targets than originally thought.

Microsoft on Friday said that it had detected malicious SolarWinds binaries in its environment, which the company isolated and removed. However, the software giant denied a Reuters report on Thursday that claimed Microsoft’s own products were then used to distribute malware to other organizations in much the same way SolarWinds’ Orion network product management technology was abused.

Source: Microsoft Confirms Its Network Was Breached With …

Iranian hackers’ Android malware spies on dissidents by stealing 2FA codes

An Iranian hacking group made Android malware that appears built to spy on regime critics by stealing their two-factor codes.

The attackers first use a phishing trojan to collect login details, and then try those with the real site. If the victim has two-factor authentication turned on, the newly-reported malware intercepts the incoming SMS messages and quietly sends copies to the intruders.

Source: Iranian hackers’ Android malware spies on dissidents by stealing 2FA codes | Engadget

TikTok, WeChat & Co: How does spyware get into smartphones?

TikTok, WeChat and thousands of other apps from China look harmless but are, in fact, malware, experts say. The apps cleverly disguise their origin. How can we protect ourselves from them?

Many apps seem innocuous and harmless to start with. At first, there is only a small back door that an attacker can use later. “Even if you look at the app now, and it is only doing harmless things, the Chinese manufacturer is often able to extend the functionality at runtime,” says founder and CEO of the IT security company CIROSEC. “All of a sudden, the app does completely different things without having been updated somewhere from the app store.”

Source: TikTok, WeChat & Co: How does spyware get into smartphones? | Science| In-depth reporting on science and technology | DW | 27.08.2020

Hackers are hiding virtual credit card skimmers in image file metadata

Hackers put Magecart JavaScript code into the EXIF metadata of image files, which is then loaded and executed by compromised stores.

Hiding malicious code inside of images is nothing new, but it’s the first time security researchers have seen them used to obscure credit card skimmers.

Source: Hackers are hiding virtual credit card skimmers in image file metadata | Engadget

Google removes 49 Chrome extensions caught stealing crypto-wallet keys

The Chrome extensions were mimicking cryptocurrency wallet apps like Ledger, MyEtherWallet, Trezor, Electrum, and others, but, in reality, they were stealing users’ private keys and mnemonic phrases.

49 extensions appear to have been put together by the same person/group, believed to be a Russian-based threat actor. Whilst the extensions all function the same, the branding is different depending on the user they are targeting.

Source: Exclusive: Google removes 49 Chrome extensions caught stealing crypto-wallet keys | ZDNet

Attack on Home Routers Sends Users to Spoofed Sites That Push Malware

Researchers are warning that a hack of Linksys and D-Link routers is redirecting users to malicious sites posing as COVID-19 informational resources.

The hacks redirect users to malicious sites that install malware or attempt to phish passwords.

Source: Attack on Home Routers Sends Users to Spoofed Sites That Push Malware | News | Communications of the ACM

Android surveillanceware operators jump on the coronavirus fear bandwagon

Researchers have uncovered a mobile surveillance campaign that has used more than 30 malicious Android apps to spy on targets over the past 11 months. Two of the most recent samples are exploiting the coronavirus by hiding off-the-shelf surveillanceware inside apps that promise to provide information about the ongoing pandemic.

One of the apps, “corona live 1.1,” is a trojanized version of “corona live,” a legitimate app that provides an interface to data found on tracker from Johns Hopkins University. Buried inside the spoofed app is a sample of SpyMax, a commercially available piece of surveillanceware that gives attackers real-time control of infected devices.

A second app used in the same campaign is called “Crona.” The campaign, which has been active since April 2019 at the latest, was discovered by researchers from mobile-security provider Lookout.

Source: Android surveillanceware operators jump on the coronavirus fear bandwagon | Ars Technica

Retailer fined half a million pounds for data breach of at least 14 million people

The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people.

An attacker installed malware on 5,390 tills at DSG’s Currys PC World and Dixons Travel stores between July 2017 and April 2018, collecting personal data during the nine month period before the attack was detected.

The company’s failure to secure the system allowed unauthorised access to 5.6 million payment card details used in transactions and the personal information of approximately 14 million people, including full names, postcodes, email addresses and failed credit checks from internal servers.

Source: National retailer fined half a million pounds for failing to secure information of at least 14 million people | ICO

Google teams up with security companies to catch bad apps before they hit the Play Store 

Google announced that it’s teaming up with three security companies to help identify malicious apps before they’re published on the Play Store and can potentially do harm to Android users. The company is calling this partnership the App Defense Alliance.

Android is on over 2.5 billion devices, according to Google, and the company says that makes the platform “an attractive target” for abuse.

Source: Google teams up with security companies to catch bad apps before they hit the Play Store – The Verge

Italy hit by a wave of musical ransomware attacks

The musical ransomware, FTCode, plays German rock music whilst encrypting victims’ files.

Researchers at AppRiver discovered FTCode within malicious email campaigns targeting Italian Officer 365 customers. Victims receive emails containing malicious content posing as invoices, documents scans and resumes.

Source: #Privacy: Italy hit by a wave of musical ransomware attacks

1 2 3 6
>