malware

If you use Microsoft Teams, watch out for bogus advertisements offering an "update". It's a scam designed to install malware that tries to steal personal data. The group chat and video conferencing tool has understandably become more popular this ... year with the increase in remote desktop connections to workplaces. That's attracted the attention of scammers who have put together a creative strategy to steal data. It's important to note that the attack doesn't aim to exploit any vulnerability in Teams itself. Instead, it's simply aimed at people using it, particularly those who have only started ... (view more)

Infopackets Reader Nancy P. writes: " Dear Dennis, Back in January I was paying bills on my bank website, when suddenly a red warning screen appeared, stating that my PC was locked and that I needed to call Microsoft to fix the problem. The phone ... number listed was 855-755-2888. There were loud sirens going off, and the computer was speaking to me. There was no way to get past the warning screen and I could not use my computer. Not knowing any better, I called the number and spoke to a man with a very thick Indian accent . He said their company name was PC Safe Pro and that they were ... (view more)

Microsoft says it has disrupted "one of the world's most persistent malware operations." The action against "Trickbot" reportedly involved working with the US military. Trickbot is a botnet , created by infecting computers with malware then ... hijacking and combining their resources for further malicious activity. The operators largely built it using bogus emails that tricked users into opening a file attachment or clicking a link that downloaded and installed malware. The uses of Trickbot have included stealing login details such as online banking credentials; accessing sensitive data; and ... (view more)

A new strain of Android malware targets both social media accounts and online banking. It's a reminder of the risks of installing software from outside of the official Google Play store. The malware is dubbed BlackRock and appears to ultimately ... derive from the code used in an attack called LokiBot. Now thought to be inactive, LokiBot attempted to gain access to financial accounts through banking and related apps. One technique involved using automated scripts to login to a PayPal account and transfer money to the scammers. (Source: threatfabric.com ) BlackRock looks to take the same tactics ... (view more)

Microsoft is testing a new Windows 10 security measure that could neutralize a malware technique. It's called Kernel Data Protection and will protect part of a computer's memory from tampering. The idea is to protect two key software parts of a ... computer: the operating system kernel and drivers. The kernel is the most central part of a system and acts a little like a central command point, deciding what the computer does at any precise moment. Meanwhile, drivers control the way the operating system communicates and interacts with hardware devices. Within the computer's memory, the kernel is ... (view more)

An email with a "winky face" for a subject line has helped a malware campaign become one of the most widespread in the world. It's a scam to expand the reach of the Phorpiex botnet which distributes spam and malware from infected machines to others ... online the Internet. According to researchers at security company Check Point, Phorpiex jumped from the 13th most detected malware campaign in May to the number two slot last month. It reports that one in 50 organizations suffered at least one attempted breach from Phorpiex last month. (Source: zdnet.com ) Ransomware, Botnets and Blackmail The ... (view more)

Google has removed 25 malicious Android apps which tried to steal user Facebook logins. As always, it's worth checking devices to see if these apps are installed, because they won't automatically uninstall from phones even being ousted from the Play ... Store. This particular batch of apps didn't have a common subject, but each promised to carry out a basic function, including: a flashlight, file cleaner, or card game. Hidden deep inside each app was malicious software that ran behind the scenes. The malware came alive each time an app was opened on the phone, specifically checking to see if the ... (view more)

A security company says it found a simple way to turn antivirus software into a weapon for attackers. Most major manufacturers have now fixed the problem, but it's a reminder to keep such software updated. The discovery by Rack911 Labs effectively ... meant that a hacker could force the antivirus software to delete files on a computer. That would mean the hacker would need to have gained access to a computer first - whether internally on a network, or remotely using malware. The exploit is based on one of the most fundamental actions of any antivirus software: they scan files, check if they are a ... (view more)

Security researchers have warned of 56 infected Android apps that could compromise performance. They've been deleted from the Google Play Store, but could still be on users' phones and tablets. According to Check Point, the apps contain malware ... designed to hijack phones and simulate user actions to click on ads. That could run down batteries and eat into mobile data allowances. (Source: checkpoint.com ) The 56 apps include 24 supposedly aimed at children, and 32 which offer simple utilities. They all work as designed: the problem is what's happening in the background. (Source: express.co.uk ... (view more)

Windows 10's built-in security tool Windows Defender has stopped working properly for some users. There's a workaround for those who want added peace of mind. Exactly what's causing the problem isn't yet clear, but some users are finding both manual ... and automatic scans produce messages such as: "Items skipped during scan: The Windows Defender Antivirus scan skipped an item due to exclusion or network scanning settings." In other cases, the error message reports that the entire scan was skipped. The message isn't proving particularly helpful as it's not clear what items are actually being ... (view more)