News category archyve:

Catelites: Android Malware That Faked Login Pages to Hijack Accounts

Reports suggesting that banking malware is on the rise once again keep coming out, and so it is important to remind ourselves how this malware operates. In this report, we analyze Catelites, an infamous banking malware that used fake apps on Android to attack unsuspecting users. This malicious threat was used primarily as a data stealer, and while it was, most likely, used to steal login credentials from banking apps, it could have stolen logins from any app that the user was opening. The only condition was that the infection could create an overlay for this app. Read more »

BabyShark Is yet Another Malicious Threat to Spread via Emails

Our email inboxes have not been safe for years now, but we continue to get tricked into opening misleading messages sent by schemers and cybercriminals. Some of them are set up to trick us into disclosing personal information. Others are employed to scam us out of our money. Finally, we have those spam emails that are created to expose us to malicious infections. This method has been employed by the attackers behind the malicious BabyShark, a Trojan that silently collects and leaks sensitive information after execution. If this dangerous threat is discovered, it must be removed as soon as possible, but even if you delete BabyShark, a great deal of damage could have been done already. Read more »

VBShower

VBShower is a malicious application that was spread during Cloud Atlas attacks. So far, it is unknown who is behind these attacks, but it looks like their targets are all government entities, international organizations, and institutions alike. As one could imagine, gathering sensitive information could be the main malware’s task. It was reported that it has capabilities that allow it to avoid getting detected, which suggests the malicious application was meant to work silently in the background. In other words, it is doubtful a victim would notice its presence, which means it could stay on a system for a long time. Thus, institutions in the hackers’ radar are advised to be cautious. For more information on how VBShower works and where it comes from, we encourage you to read the rest of this report. Read more »

Careless App Installation Can Lead to the Invasion of Monokle

Monokle is the name you need to remember because it belongs to one of the most vicious Android apps out there. This malicious threat can use trojanized apps to slither into your device, and then it can manipulate it, steal information, and use various spying techniques. The victims of this malware are not safe because the attackers – and whoever gets access to the retrieved information – can know the physical location of the victim, can know where they are planning to be at specific times, and can spy on them using audio and video input. Basically, whoever has this malware on their device can become a victim of a serious attack, and even their physical security could be jeopardized. Due to the history of the infection and the complex spying abilities, it is believed that this malware was built to target very specific victims. Unfortunately, whatever the case might be, deleting Monokle might not be an easy option. Read more »

Rising Sun Backdoor Attacks Companies Across the World

Most infections that malware experts deal with on a daily basis are infections targeted at the general public, and they can affect users regardless of their location or job title. However, infections that have specific targets do exist as well, and Rising Sun backdoor is one of those threats. Malware researchers inform that this infection was specifically designed to attack defense, energy, financial, and nuclear companies. Most victims of this malware were found in the United States; however, it has impacted organizations in South America, Europe, Africa, Asia, and Australia too. Read more »

Torii Botnet Can Be Used to Exfiltrate Personal Data, Researchers Say

A botnet is a network of computers/systems that are infected with the same kind of malware to perform cyber attacks on a large scale. Torii Botnet is one of the newest botnets to be uncovered, but it is believed to have been active for at least a year now. Most botnets are utilized for mass spam email attacks that could, for example, be used to spread ransomware or expose users to phishing scams. They can also be used for DDoS (distributed denial-of-service) attacks that are primarily meant to disrupt regular traffic to a server or network. Read more »

Facebook vaguely responds to accusations of a major privacy breach associated with Cambridge Analytica

As you may have heard, Facebook has been in the midst of a security breach controversy associated with Cambridge Analytica and the U.S presidential campaign. Over the past week, the #detelefacebook has been trending all around the world. Furthermore, Facebook's shares have plummeted and continue to do so during this time. In fact, according to the CNBC report Mark Zuckerberg, the CEO of the company, has sold  1.14 million shares as part of regularly scheduled programs.

New York Times and Observer broke the story regarding the security breach on 17 and 18 March respectively. Reports stated that Facebook might have been aware of the fact that a company known as Cambridge Analytica exploited up to 50 million users on their platform. Further stamens from Facebook and the whistleblower Christopher Wylie shed light on how all of this might have happened. Read more »

Ev Ransomware

A new nasty infection Ev Ransomware has been detected by specialists working in the malware research department. According to them, this threat has been developed by an Indonesian group of malware developers, and it does not differ much from such prevalent threats as WannaCry Ransomware and Petya Ransomware. That is, it also has the one and only goal it seeks to achieve – to get easy money. Actually, there is one tiny feature that distinguishes it from the remaining ransomware infections that can be spotted in the wild – it is not a threat targeting the Windows OS. Instead, it primarily targets WordPress websites. When the ransomware infection is successfully uploaded by an attacker to the compromised website, the encryption of files starts immediately. Then, the message to pay 0.2 BTC (~ $959 at today’s price) is displayed. Specifically speaking, your website will open only a black window with a message if Ev Ransomware encrypts its files successfully. Ransomware is no longer a new type of malware, so malware researchers already have much knowledge about these infections. They say that there is one thing that unites them all – they want victims’ money and do not hesitate to tell them that. There is, most probably, no need to say that paying money to malicious software developers is the worst they can do. Even if you pay, your website will, most likely, not be fixed because the decryption mechanism of Ev Ransomware does not work properly. Of course, a fixed version of this threat might be uploaded to your website too, but this does not change anything. Read more »

Developer Mode Extensions

Developer Mode Extensions

In this report, we would like to talk about Google Chrome’s Developer Mode feature and the so-called Developer Mode Extensions. It is quite obvious the mentioned feature was created for add-ons’ developers rather than their users. While it may seem like a useful tool for testing designed applications, the research shows this feature might be abused by unreliable programs to bypass the browser’s security. Therefore, if your default browser is Google Chrome and you have not yet heard about such settings, we would advise you to read this article carefully so you would know how to identify potential threats and protect the system from Developer Mode Extensions that could put your computer in danger. Those who encounter such applications could get rid of them manually as it is shown in the instructions located at the end of the article. Read more »

Windows 10 Creators Update

It is possible that your Windows OS has not yet prompted you about the most exciting Windows 10 Creators Update, so we are here to tell you more about it since this is probably the one you have been waiting for. Due to the number of users with Windows 10, it is possible that you will have to wait a couple of months until your system can be updated. But this should not worry you too much because you can manually initiate it. Nonetheless, before you rush to do so, let us tell you more about this great update that concerns general virtual security, graphic design (3D), music, gaming, and e-book readings. This serious upgrade is all about creativity and entertainment. If you have had enough of the old ways of 2D graphics and design, sluggish gaming performance, slow browsing experience, this Windows 10 Creators Update is definitely for you and those issues, a thing of the past. Please read on to learn more about this fantastic novelty. Read more »