fbpx

Download free GDPR compliance checklist!

Tag Archives for " malware "

Fake Netflix app hijacked WhatsApp messages to spread malware on Android phones

A fraudulent Netflix app which took control of users’ WhatsApp accounts has been spreading on Google’s Play Store.

The “FlixOnline” app claimed that it would let users access Netflix content from multiple regions on their phones.

Instead, it monitored the users’ WhatsApp notifications, sending automatically replies to the users messages telling them to sign up for FlixOnline.

Source: Fake Netflix app hijacked WhatsApp messages to spread malware on Android phones | The Independent

Computer giant Acer hit by $50 million ransomware attack

Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000.

The ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof.

In response to BleepingComputer’s inquiries, Acer did not provide a clear answer regarding whether they suffered a REvil ransomware attack, saying instead that they “reported recent abnormal situations” to relevant LEAs and DPAs.

Source: Computer giant Acer hit by $50 million ransomware attack

More Mac malware was detected last year than ever before

There has been a significant increase in the amount of malware targeting macOS devices over the past 12 months, new research has claimed.

A report from Atlas VPN found that the development of macOS malware surged by 1,092% in 2020 as hackers increasingly targeting Apple’s computing devices, including the all-new M1 Macs.

Overall, 674,273 new malware samples were detected in 2020 – a huge rise from the previous year, when there were only 56,556 samples detected.

Source: More Mac malware was detected last year than ever before | TechRadar

Microsoft Confirms Its Network Was Breached With Tainted SolarWinds Updates

Microsoft confirmed that its network was among the thousands infected with tainted software updates from SolarWinds, even as new data the company has released suggest the likely Russian actors behind the campaign were focused on a smaller set of targets than originally thought.

Microsoft on Friday said that it had detected malicious SolarWinds binaries in its environment, which the company isolated and removed. However, the software giant denied a Reuters report on Thursday that claimed Microsoft’s own products were then used to distribute malware to other organizations in much the same way SolarWinds’ Orion network product management technology was abused.

Source: Microsoft Confirms Its Network Was Breached With …

Iranian hackers’ Android malware spies on dissidents by stealing 2FA codes

An Iranian hacking group made Android malware that appears built to spy on regime critics by stealing their two-factor codes.

The attackers first use a phishing trojan to collect login details, and then try those with the real site. If the victim has two-factor authentication turned on, the newly-reported malware intercepts the incoming SMS messages and quietly sends copies to the intruders.

Source: Iranian hackers’ Android malware spies on dissidents by stealing 2FA codes | Engadget

TikTok, WeChat & Co: How does spyware get into smartphones?

TikTok, WeChat and thousands of other apps from China look harmless but are, in fact, malware, experts say. The apps cleverly disguise their origin. How can we protect ourselves from them?

Many apps seem innocuous and harmless to start with. At first, there is only a small back door that an attacker can use later. “Even if you look at the app now, and it is only doing harmless things, the Chinese manufacturer is often able to extend the functionality at runtime,” says founder and CEO of the IT security company CIROSEC. “All of a sudden, the app does completely different things without having been updated somewhere from the app store.”

Source: TikTok, WeChat & Co: How does spyware get into smartphones? | Science| In-depth reporting on science and technology | DW | 27.08.2020

Hackers are hiding virtual credit card skimmers in image file metadata

Hackers put Magecart JavaScript code into the EXIF metadata of image files, which is then loaded and executed by compromised stores.

Hiding malicious code inside of images is nothing new, but it’s the first time security researchers have seen them used to obscure credit card skimmers.

Source: Hackers are hiding virtual credit card skimmers in image file metadata | Engadget

Google removes 49 Chrome extensions caught stealing crypto-wallet keys

The Chrome extensions were mimicking cryptocurrency wallet apps like Ledger, MyEtherWallet, Trezor, Electrum, and others, but, in reality, they were stealing users’ private keys and mnemonic phrases.

49 extensions appear to have been put together by the same person/group, believed to be a Russian-based threat actor. Whilst the extensions all function the same, the branding is different depending on the user they are targeting.

Source: Exclusive: Google removes 49 Chrome extensions caught stealing crypto-wallet keys | ZDNet

Attack on Home Routers Sends Users to Spoofed Sites That Push Malware

Researchers are warning that a hack of Linksys and D-Link routers is redirecting users to malicious sites posing as COVID-19 informational resources.

The hacks redirect users to malicious sites that install malware or attempt to phish passwords.

Source: Attack on Home Routers Sends Users to Spoofed Sites That Push Malware | News | Communications of the ACM

Android surveillanceware operators jump on the coronavirus fear bandwagon

Researchers have uncovered a mobile surveillance campaign that has used more than 30 malicious Android apps to spy on targets over the past 11 months. Two of the most recent samples are exploiting the coronavirus by hiding off-the-shelf surveillanceware inside apps that promise to provide information about the ongoing pandemic.

One of the apps, “corona live 1.1,” is a trojanized version of “corona live,” a legitimate app that provides an interface to data found on tracker from Johns Hopkins University. Buried inside the spoofed app is a sample of SpyMax, a commercially available piece of surveillanceware that gives attackers real-time control of infected devices.

A second app used in the same campaign is called “Crona.” The campaign, which has been active since April 2019 at the latest, was discovered by researchers from mobile-security provider Lookout.

Source: Android surveillanceware operators jump on the coronavirus fear bandwagon | Ars Technica

1 2 3 6
>