Items tagged with Malware

The eighth and final season of HBO's popular Game of Thrones series is nearly upon us, which means that winter is finally coming. That also means an invasion of malware. Not from HBO, mind you, but through the sometimes sordid torrent community where illegal downloads flourish. As it were, Game of Thrones is the top TV show torrent used to cover up malware, according to data by Kaspersky. Kaspersky's full report includes plenty of interesting data. To start with, it found that the total number of users who encountered malware piggybacking on TV show torrents in 2018 was 126,340. That's actually a 33 percent decrease from 2017, though still a relatively large number. Game of Thrones topped The... Read more...
The Federal Trade Commission (FTC) has hit Office Depot with a $25 million fine for its part in an expansive scheme to trick customers into paying for oftentimes unnecessary computer repairs. Office Depot used software provided by Support.com to in effect lie to customers about the existence of viruses and malware on their computers. According to the FTC report, Office Depot stores used software called PC Health Check, which was supplied by Support.com. Office Depot offered up the software as a free tool that would tell a customer if their system was compromised by malware. However, according to the FTC, the PC Health Check software presented customers with a “No Win Scenario”, to... Read more...
Remember when malware on mobile devices was not really a thing? Neither do we, not anymore. Hackers and cyber miscreants go where the numbers are, and there are a lot of people who own a mobile device these days. As it relates to that, a security firm has discovered a serious vulnerability in a hugely popular Android app. Called UC Browser, the app has been downloaded by more than 500 million Google Play users. It currently sits at a fractionally better than 4-star rating (out of 5 stars) out of around 19.5 million user reviews. In case you have never heard of it, UC Browser is a free web browser for Android devices that allows users to search, download, share videos, and so forth. Developed... Read more...
Hold onto your wallet. Researchers at ESET have discovered the first known instance of a relatively new strain of cryptocurrency-stealing malware, called a "clipper", on the Google Play Store. They reported their findings to the Play Store's security team on February 1st, who quickly took down the offending application. The attack uses a remarkably simple trick to part users with their digital funds. Cryptocurrency values are assigned to a long, unique string of characters known as a wallet. In order to make a transaction, a sender typically needs to enter the recipient's wallet address in their app. This is similar to how you would put a real-world address on an envelope in order for it to be... Read more...
Google has removed over two dozen malicious Android apps from the Play Store that were collectively downloaded millions of times. The apps, which went to great lengths to appear legitimate, sent users pornographic content, redirected them to phishing websites, and collected photos under the guise of applying filters to them. The three most downloaded of the bunch were camera apps, and specifically Pro Camera Beauty, Cartoon Art Photo, and Emoji Camera. Each one notched over 1 million downloads. Several others were downloaded hundreds of thousands of times, such as Artistic Effect Filter, which racked up over half a million downloads. "These apps seemingly allows users to 'beautify' their pictures... Read more...
Google still has a massive malware problem within the Google Play store. In November, we learned that apps from Cheetah Mobile had been part of a massive click fraud scheme that saw apps from it and Kika Tech stealing millions of dollars in fraudulent clicks. The apps had reportedly been downloaded around 2 billion times in total. A malware-infected QR Reader app had racked up 500,000 downloads in March of last year before being removed from the store. Now Google has reportedly removed another 85 apps from Google Play because they were malware laden. The batch of 85 apps wasn't removed from the Google Play store until analysts with Trend Micro discovered that the apps had malware inside.... Read more...
The USB Implementers Forum (USB-IF) has announced a new authentication standard that can be implemented for USB-C devices and complimenting chargers. USB-C Authentication, as it’s called, uses 128-bit “cryptographic-based authentication” to help mitigate potential security intrusions from USB thumb drives and chargers that could be used to deliver malicious payloads/firmware. The USB-IF says that with its new authentication protocol, the host device would be able to in effect enter in a secure “handshake” with another USB-C device, confirming its identify. At the moment the connection is made, the host would be able to determine “product aspects as the capabilities... Read more...
Typically when we talk about malware, we are talking about malicious code that is hidden inside software to try and take advantage of end users. An example is a malware that was hiding aboard a fake Adobe Flash update that was designed to install cryptocurrency mining software or other nefarious payloads. Earlier this month, another malware making the rounds was able to steal PayPal account balances despite users having two-factor authentication enabled. Today, a new malware has been identified and this one isn't attacking end users, it's attacking major newspapers around the U.S., underscoring new areas of concern with respect to IT security. The Los Angles Times has confirmed a malware attack... Read more...
Android malware authors are always out looking to make a buck, and it looks as though one particular outfit has struck gold. Researchers from ESET have come across a malicious app called Optimization Android that presents itself as a battery conditioning tool. Image Source: ESET However, the app doesn't actually provide any power optimizations at all. Instead, it simply immediately shuts down when it's opened. However, in the background it is waiting to perform its dastardly deeds. When first installed, the app asks the user for permission to access Android Accessibility services, which is later cleverly used to infiltrate the PayPal payment service. Here's how it works: the Android Accessibility... Read more...
With the value of Bitcoin once again experiencing a big drop this past week, you may begin to think that malware developers would begin shifting focus elsewhere. Unfortunately, that's far from being the case. Even if crypto seems to have modest value, that value becomes substantial when you multiply it by every infected machine; it really is easy money for attackers. In case we needed a reminder that Linux is in fact susceptible to viruses, this latest malware targets that platform specifically. Ultimately, two vulnerabilities need to be exploited (CVE-2016-5195 and CVE-2013-2094) to gain root access, and in effect, full control over the system. Once access is gained to the system, a large 1,000-line... Read more...
Malware-laden apps are nothing new for the Google Play store where Android users go to download apps of all sorts. Google has been heavily criticized over the years for not doing enough to prevent malicious apps from being offered to users via the Google Play Store. This year we have seen a malicious app masquerading as the official Uber app with the intent of stealing real Uber account details. North Korean hackers also created a data-stealing malware app in May with the goal of seeking revenge on defectors. Thirteen game apps were recently identified as being malicious, and together the apps had been installed by over half a million users. The games were all driving simulators with one of them,... Read more...
It's not common to find free software that appears to be as feature-rich and capable as the commercial competition, but where Windows Defender is concerned, it's arguably one of the best free antivirus and anti-malware solutions out there. Many have come to trust it so much, that they don't even run an additional anti-virus solution, and Microsoft takes that responsibility seriously by constantly iterating on the software's capabilities. In a brand-new Windows Insider build, a massive overhaul of Defender can be found. After years of figuring out the best direction to take Defender, Microsoft decided that implementing sandboxes was the only reasonable route, a technique we've seen used in many... Read more...
At least for the time being, it looks like the mad rush to buy graphics cards for cryptocurrency mining and leave gamers with overpriced options is in the rear view mirror. That doesn't mean cryptocurrency mining doesn't still present an annoyance in some sectors, though. Security researchers warn that cryptocurrency malware is currently hiding in a fake Adobe Flash update that is making the rounds. Adobe Flash can't disappear fast enough. In the meantime, it continues to present security issues, sometimes directly through discovered vulnerabilities, or in this case preying on the vigilance of users who aim to keep it updated to prevent the very sort of thing caused by the fake and malicious... Read more...
In recent years, we've seen a number of garden variety consumer electronics devices -- including routers and webcams among others -- that have been sucked into zombie botnets to wreak havoc around the globe. Many of those devices were accessible due to extremely weak passwords that were enacted by default by their manufacturers. California, however, is looking to change this and has passed a law that would require all internet-connected device sold in the state to have a unique "strong" password. This unique password would be obtained in one of two ways as outlined by the "Information Privacy: Connected Devices" bill. Manufacturers can choose to give each individual device... Read more...
First ... Prev 2 3 4 5 6 Next ... Last