Items tagged with Malware

If you currently are in possession of a Google account (and who isn’t these days), you might want to pay close attention to the findings of researchers at Check Point. According to Check Point, new malware is making the rounds under the name Gooligan. Gooligan’s main attack vector is through Android-based smartphones, attacking users that have downloaded infected apps. Once Gooligan finds its way onto an Android smartphone or tablet, it proceeds to root the device and then downloads additional payloads to compromise email accounts and steal authentication tokens. But that’s not all, the malware... Read more...
It's been quite some time since malware-laden images have been a major security issue, but the risk is still out there. The attack vector has been exploited recently through a couple of leading social networks: Facebook and LinkedIn. The attack, named "ImageGate" by researchers at Check Point, takes advantage of misconfiguration in these two social networks to make it so that when an image is loaded into a browser, it'll automatically download to the machine. This is similar to going to a download page where after 5 seconds, the download will begin. The difference here is that the downloaded file... Read more...
A cloud security outfit is warning that a new ransomware strain called Stampado has emerged from the underground market and is wreaking havoc on systems. What makes Stampado stand out from the crowd is that it is available on the dark web for only $39 with a full lifetime license. That makes it one of the least expensive and most accessible ransomware strains out there.Don't be fooled by Stampado's low price tag, the ransomware strain is capable of doing big time damage. As is often the case with malware, Stamapado typically arrives on system through spam emails or drive by downloads. It installs... Read more...
When services are provided for free, it's important to evaluate whether or not there's a major caveat that comes along with it. According to an investigation by CBS News, the free "PC Health" checkup provided by Office Depot carries a big one: you could be encouraged to shell out money to fix a nonexistent problem. If this sounds like a shady mechanic or cars salesman, it's essentially the same thing. Office Depot is accused of telling customers that there are serious issues on their PCs, such as installed malware, even when that's not the case, and can charge them upwards of $180 for the privilege... Read more...
Google has a message for webmasters serving up malware and it goes something like this: Fool me once, shame on you. Fool me twice, shame on me. Going forward, Google is plugging what it calls a "gap" in its online protection scheme that allowed sites serving up malicious content to become repeat offenders without much repercussion or warning to users. In the past, sites that ran afoul of Google's "Malware, Unwanted Software, Phishing, and Social Engineering Policies" were temporarily branded with a warning to users. The brand would remain until Google could verify that the site is no longer serving... Read more...
Getting hit with ransomware, a form of malware that encrypts your files and holds them hostage until you pay the hacker responsible to decrypt them, is no laughing matter, at least if you're the victim. But for cyber crooks becoming ever more brazen, the temptation to taunt victims and security researchers is sometimes too much. That's been the case with the person responsible for the DXXD ransomware. DXXD is a nasty bit of code that's been going after servers for the past couple of weeks. Luckily there are good guys out there that act as security super heroes. One of them is Michael Gillespie,... Read more...
What do you usually find in your mailbox? Love letters? Bills? People in Victoria, Australia are finding malware-laden USB drives in their mailboxes, or “letterboxes” as they are called down under. The Victoria police warned citizens about the malicious USB drives, stating, “The USB drives are believed to be extremely harmful and members of the public are urged to avoid plugging them into their computers or other devices.” Once the USB drives are plugged into a computer, they load a fake media streaming service as and create some “serious issues” for users. It is unclear what exactly is on the... Read more...
If you operate a Web server that runs on Linux, we're here to give you a bit of a prod in case you haven't updated it in a while. A piece of ransomware called FairWare is floating around, and as you'll soon see, its name is ironic as it's anything but "fair". Reports are coming in of users who have been struck with this awful type of malware, although it doesn't seem clear at this point exactly how the infection takes place. It's also not clear if this is some sort of automated attack -- one that simply scans the internet at large and infects where it can -- or if the attacks are focused. Either... Read more...
A security researcher for AVG has discovered a new piece of ransomware called Fantom that masquerades as a critical Windows update. Victims who fall for the ruse will see a Windows screen acting like it's installing the update, but what's really happening is that the user's documents and files are being encrypted in the background. Fantom is based on the open-source EDA2 ransomware project, and unfortunately there's no way to decrypt the files without the culprit's help. Plain and simple, you're in a bad spot if you happen to fall for this one. While savvy computer users might spot the ransomware... Read more...
It seems like we have had to report on some major new hack or threat every week as of late. Black-Hat Hackers are becoming more sophisticated, while their wares are becoming more diverse and complicated. One of the latest pieces of malware, the nasty Rex Linux Trojan, packs in DDoS attacks, ransomware, and a Bitcoin miner. Stu Gorton, CEO and Co-Founder of Forkbombus Labs, disclosed a new kind of ransomware that targeted Drupal websites this past May in an interview with Softpedia. It was not particularly effective and could easily be defeated. This particular ransomware has evolved in... Read more...
Whenever I give advice on keeping Windows secure from the many threats on the web, I preface things by saying that even the safest computing habits aren't enough these days. Simply visiting a compromised website can get your system infected, but it's not just Windows users that are at risk. Researchers at security outfit Kaspersky Lab discovered a banking Trojan that's compromising Android users by way of Google's AdSense program. There are plenty of websites out there that use Google's AdSense advertising network, including news sites. "By simply viewing their favorite news sites over their morning... Read more...
Go ahead and cue up Cartman's "No kitty, that's a bad kitty!" soundbite, only this time it's not in reference to stealing those delicious Cheesy Poofs. McAfee's mobile malware research division found a sample of ransomware for Android that it's calling "ElGato," and once infected, it can steal a user's SMS messages, among wreaking other kinds of havoc. ElGato has botnet capabilities and a web-based control panel service, McAfee says. It's an ornery piece of software that reveals itself as a humorous image of a cat on infected devices. In addition to silently swiping potentially sensitive SMS messages,... Read more...
With Nintendo's latest game - a mobile one, at that - the company has proven that there is still a lot of innovating to do in the market. While Pokemon GO is based on another title, Ingress, any game is going to have a greater chance of success when it features one of the most popular franchises ever. GO isn't just some regular Pokemon game: it's making the masses realize that augmented reality can be really cool. What's not cool, though, is that popular mobile apps are a hot target for malware. And since Pokemon GO hasn't been released worldwide yet, many have taken to the scarier parts of the... Read more...
It has been suggested that the microprocessors we use each and every day could pack in a bit more than we bargained for; namely, the tools needed for spying or undetectable access. And unfortunately, according to security researcher and developer Damien Zammit, there's a potential reason to be concerned over the "ME" or Management Engine module found in all Intel chipsets manufactured after the Core 2 era. If you've built your own Intel-based PC in recent years, or have at least reinstalled the OS and needed to install all of the drivers on your own, you've probably noticed a piece of software... Read more...
1 2 3 4 5 Next ... Last