malware

Fri
01
Mar
John Lister's picture

Android Malware Targets Banking Apps

The latest malware targeting banking users may have infected up to 200,000 Android devices. The criminals behind Anatsa have deliberately exploited what's meant to be a useful feature that makes users' lives easier. The attacks have some familiar ... features such as distributing the malware through free tools that perform some basic functions and finding ways around the Android permission system. What makes it a particularly nasty campaign is that it takes advantage of the Android Accessibility system. Security researchers at ThreatFabric spotted the malware in five apps with similar names: ... (view more)

Mon
27
Nov
John Lister's picture

Mac Users Targeted In Browser Scam

Mac users have been warned to watch out for bogus updates to the Safari and Chrome browsers. It's a scam to spread data-stealing malware. The AMOS malware, also called Atomic Stealer, is particularly nasty as it targets data stored or transmitted by ... web browsers. This includes login details, passwords, and credit card numbers. It also looks for cryptocurrency wallets, which give access to Bitcoin and other cryptocurrencies that can be stolen and turned into cash. (Source: malwarebytes.com ) The malware has been around since the spring when the scammers targeted people searching for popular ... (view more)

Thu
24
Aug
John Lister's picture

AI Struggles to Write Malware

Artificial Intelligence tools aren't as useful for writing malware as it first seemed. However, they may be useful for phishing scams and other social engineering. Two recent security company reports covered by The Register explored how malware ... scammers are particularly interested in AI tools that generate material. The theory goes that such tools could write code designed to exploit vulnerabilities in software and websites. (Source: theregister.com ) It's not a completely outlandish theory as some users have found such tools can efficiently write code for a particular task. It can take ... (view more)

Wed
07
Jun
John Lister's picture

60,000 Android Apps Were Malware

More than 60,000 Android apps contained a nasty piece of malware designed to steal banking information. The scam doesn't target the official Google Play store, but rather third-party sources. The rogue apps fall into two main categories. Some are ... designed to closely resemble real, popular apps. Others are promoted as "modded" versions of genuine apps that are supposedly identical but with an alteration that supposedly removes ads or a requirement to pay a subscription. In reality, the scammers have taken the genuine apps, copied them, and made one modification. Unfortunately that modification ... (view more)

Thu
30
Mar
John Lister's picture

Email Malware Returns With New Tricks

A notorious botnet that spreads malware through fake emails is back in action. Emotet has returned with some new tactics to try to bypass security checks. Emotet had already gained a reputation for being (comparatively) successful at fooling humans ... and computers alike. Its most notable characteristic was that it not only used messages that appeared to come from a trusted contact, but that it addressed the recipient by name and even appeared to be a reply to a previous genuine message. Most commonly, Emotet sends malware through Microsoft Word documents with macros. These are now disabled by ... (view more)

Fri
03
Mar
John Lister's picture

Samsung Tackles 'Zero-Click' Malware

Samsung's flagship phone is getting special protection against a particularly nasty form of mobile malware. It combats zero-click attacks, which can steal data or compromise a handset without needing any action by the user. The hacking technique ... hasn't been widely seen in real-world attacks on Android phones, though Samsung claims it has worked on Apple devices. Samsung clearly believes it's just a matter of time before attackers find a vulnerability that would make such an attack almost irresistible. The company explains that a zero-click attack would exploit such a vulnerability by sending ... (view more)

Tue
20
Sep
John Lister's picture

Phone Cleaner and Security Apps Were Scams

Two more applications have been removed from the Google Play Store after turning out to be a front for malware. As always in such cases, users who already have the apps installed need to uninstall them as this won't happen automatically. The apps in ... question are called Mister Phone Cleaner and Kylhavy Mobile Security. They had 50,000 and 10,000 downloads respectively before Google pulled the listings. The scam in these cases has a couple of key differences from the familiar story of scammers disguising malware as legitimate apps and finding a way to bypass Google's security checks. That ... (view more)

Thu
04
Aug
John Lister's picture

New Android Malware Discovered

Some Google Play Store apps with more than a million downloads have turned out to house malware. It's a reminder that however good Google's security vetting process is, it's not perfectly reliable. Two security companies, ThreatLabZ and Evina, say ... they found a total of 60 apps that are or have been in the Play Store and house one of four "families" of malware. One type appears to be new and has been dubbed Autolycos by researcher Maxime Ingrao. Promoted via Facebook and Instagram ads, the apps use a common technique. They are listed as carrying out a specific feature, which they ... (view more)

Mon
25
Apr
John Lister's picture

Android Malware Hides Behind Black Screen

A new variant of Android malware quite literally hides its activities. 'Octo' darkens the screen so that users can't see it stealing data. Researchers at Threat Fabric say the malware takes advantage of a built-in Android feature called ... "STREAM_SCREEN". It's not quite a live feed, but remotely transmits around one screenshot a second. (Source: threatfabric.com ) The scammers then misuse an accessibility feature in Android to remotely control the device. The stream screening lets them see what they are doing, despite not having physical access. Black Screen Disguise The sneakiest ... (view more)

Tue
29
Mar
John Lister's picture

Scammers Get Creative With Disguised Downloads

Scammers who don't want to write their own malware can now pay just $20 to start a campaign of attacks. They can then customize their "bait" with Windows installations and non-fungible tokens (NFTs) among the ways to target users. The malware is ... available on dark web sites. These are sites that are part of the world wide web, but set up in a way that means they aren't indexed by search engines. That makes them suitable for people who don't want their activities easily traced. A piece of malware called BitRAT costs just $20 for lifetime access. The name derives from "remote ... (view more)

Pages

Subscribe to RSS - malware