Items tagged with Malware

Symantec has issued a warning that it found at least eight different apps on Google Play that were infected with a malware called Android.Sockbot. The apps all posed as add-ons for Minecraft: Pocket Edition and claimed to change the way characters look in the game with new skins. The infection from these apps was widespread with an install base between 600,000 and 2.6 million devices. The malware was mainly focused on infecting users in the U.S., but there were infections in Russia, Ukraine, Brazil, and Germany as well. Symantec says that it set up network analysis of the malware and found that... Read more...
All statistics are notable in their own right, but once in a while, one comes along that seems downright mind-boggling. Take this one: 500 million people are currently affected by unauthorized cryptocurrency mining. Remember when pop-up ads were the biggest offense? That's child's play. If you run into a website running a mining script, you'll be paying real money by way of a higher power bill. AdGuard, a company specializing in blocking unwanted scripts from websites, has just released a report on its research which includes the 500 million stat above. That's far from being the only interesting... Read more...
Come on, Equifax, you're killing us here. We were already positively dumbfounded when Equifax reported that a security breach resulted in the personal information of over 140 million Americans -- including social security numbers – has been stolen via a website security vulnerability. What was even more unfathomable is that the attack went undetected for months, and that it took a few more months for Equifax to disclose the magnitude of the breach. Now we're learning that Equifax has done it again. Just when we thought we couldn’t think any less of the company, Randy Abrams, an independent security... Read more...
Researchers have still been working their way through the hack that resulted in the very popular CCleaner security app being used as a host for malware. The initial attack was thought by many to have caused minimal harm to computer systems that were infected, but it looks like there was a secondary attack that may be more nefarious. According to the researchers, the hackers were able to piggyback on that initial malware wave and install a second piece of malicious software on the computers working daily in some of the biggest tech firms around the world. The real target of this attack is now thought... Read more...
Users of the popular CCleaner program by Piriform are being advised to update the application after researchers at Cisco's Talos division discovered hackers had hidden malware inside. The contaminated utility served as a beacon call for additional forms of malware—using a backdoor, an attacker could run code from a remote IP address. The threat was discovered in CCleaner 5.33 released on August 15, and CCleaner Cloud 1.07 released on August 24. According to Piriform, which is owned by security outfit Avast, the affected version of CCleaner may have been used by up to 3 percent of its userbase.... Read more...
There is some big money to be made in cryptocurrency mining, assuming the operation is large enough. That is especially true when the value of volatile digital currencies such as Bitcoin and Ethereum skyrocket, as both have done in recent times. Unfortunately, there are some undesirable side effects to the cryptocurrency boom—we all know about the shortage of graphics cards, but even more troubling is that some mining groups are exploiting PCs with malware for more firepower. The situation is getting worse, according to Russian antivirus vendor Kaspersky Labs. A new report by Kaspersky claims that... Read more...
It's been an unfortunately busy few weeks for Android vulnerabilities. Earlier in the month, we wrote about SonicSpy, a grandiose piece of malware that could gain an incredible amount of control over your device - including, of course, being able to record your audio. Just last week, we followed-up with another story talking about the 500 apps Google obliterated from the Play Store that bundled an exploited ad network. Today, WireX is the name of the game, a piece of malware whose sole purpose is to turn our innocent mobile devices into a DDoSing bot network. On August 17, WireX hit many content... Read more...
The Internet of Things (IoT) sounded like a great idea at first glance when it first began picking up steam. However, the problem with giving every single gadget that we come in contact with access to the internet is that no one really thought much about security, leaving many these things vulnerable to viruses and malware. The Mirai DDoS attack taught us a valuable lesson about IoT devices with poor security practices: they can be a huge threat to networks, with attacks involving nearly a million bots. The big rub here is that many of those devices are still a threat, leaving security researchers... Read more...
Just last weekend, we wrote about SonicSpy, a grossly robust piece of malware that infected hundreds of apps on the Play Store. Google is always quick to remove this awful junk when it is detected, but the fact that we keep talking about the issue means it's not going away. It was security research firm Lookout that informed us of SonicSpy, and apparently, the company has been working overtime, as it now introduces us to yet another piece of Android maliciousness, an ad network called lgexin. This issue has impacted many apps on the Play Store, although it's not guaranteed that all of them unleashed... Read more...
A freelance security consultant and Handler at SANS Internet Storm Center has discovered a rather interesting exploit in Microsoft Word, one that allows an attacker to abuse the productivity program's ability to auto-update links. This is a feature that is enabled by default—when you add links to external sources like URLs, World with automatically update them without any prompts. Therein lies the issue. "The infection vector was classic: The document (‘N_Order#xxxxx.docx with 5 random numbers) was received as an attachment and has a VT score of 12/59 this morning. The file has an embedded link... Read more...
For a long time, Apple's Mac line of computers were thought by some users to be immune to malware and viruses. Some of that was due to hackers and nefarious sorts aiming for the low hanging fruit of the much larger Windows user base. Things have changed with Macs growing in popularity over the years and there are many different viruses and malware out there that target Mac users today. MacRansom was one of the latest bits of malware aimed at Apple fans, and now, a malware called Fruitfly is ready to wreak havoc. The malware has reportedly been making the rounds for years (perhaps... Read more...
Here's something you don't see too often: a ransomware creator unearthing the master decryption key for public consumption. That's exactly what we're seeing from Petya's original developer, allowing those affected by certain versions of Petya to recover their data, and developers the ability to create decrypters to make the entire process that much easier. Unfortunately, there are a number of major caveats here. The biggest one is the fact that most of those affected by these specific versions of Petya dealt with it last year, not recently. It stands to reason that many of those folks did not clone... Read more...
Imitation may not be the sincerest or safest form of flattery. Check Point Software Technologies Ltd. researchers just revealed that CopyCat Android malware infected 14 million devices worldwide in 2016, and eight million of these infected devices were also rooted. How was this malware so successful? According to Check Point, CopyCat has a modular structure. They noted, “This allows the malware developers to choose and change their strategy and the malware’s behavior on the device to accommodate their current target.” CopyCat mimicked popular apps that were spread through third-party distributors.... Read more...
Over the past few years, one of the most prevalent types of malware has been ransomware - an infection that automatically locks down your sensitive data, and then makes you buy it back with your hard-earned cash. In May, one of the hardest-hitting ransomware strikes occurred, via the appropriately named WannaCry. Now, that's "old" news; today, the major threat is Petya, another piece of ransomware. Or is it? That's the big question. As we covered a couple of times this week, Petya is designated as ransomware that seems to be mostly striking computers in Europe. If infected, the user is told to... Read more...
1 2 3 4 5 Next ... Last