News tagged: Malware
Eight Android applications with a combined 600,000 to 2.6 million downloads have been removed from Google Play after it was revealed they added devices to a botnet. The botnet became more capable of carrying out DDoS attacks and other attacks because of its army of devices.
If you're a celebrity, dissident, whistleblower, or perhaps just paranoid, Google's new "Advanced Protection" system is likely a better way to secure your account. The new opt-in security system requires a USB key for accessing your account via desktop.
It appears the malware that spread through CCleaner downloads was targeted at some of the world's largest tech companies. The targeted nature of the attack wasn't initially clear, but it has since become evident, according to posts from Avast and Cisco's Talos research group.
CCleaner, a free system maintenance application, has been spreading malware for up to a month. Hackers exploited a vulnerability with the software's download channel, meaning anyone who recently installed the software also installed malware. This attack has impacted millions.
Google has taken 300 apps off the Play Store after they were connected to a widespread DDoS attack. Researchers found the apps were taking over devices in order to use them to bombard sites with illegitimate traffic. The botnet, WireX, was noticed by Akamai, a CDN.
Android devices all around the world have been infected with malware that can force a device to participate in a DDoS attack. Researchers say this is the first time DDoS malware has been an issue for Android devices. The WireX botnet spread through 300 apps on Google Play.
Vietnam is being hit with a growing number of phishing attacks from hacker groups associated with the Chinese government. According to FireEye, a cybersecurity firm, China has targeted many Vietnamese officials with phishing emails in hopes of breaking into government systems.
Security researcher Marcus Hutchins received a lot of attention after he helped stop the WannaCry ransomware. WannaCry infected tens of thousands of computers, inflicting widespread damage. Hutchins was able to halt the spread by registering a domain being used by the software.
Researchers have come across a piece of Mac malware that managed to go undetected for years. The surveillance malware, known as Fruitfly, can give hackers control over webcams, keyboards, and other parts of a system. It was undiscovered for years despite being easy to spot.
Researchers with Check Point Software Technologies say a malware campaign known as CopyCat successfully infected 14 million Android devices. By infecting those devices, the malware was able to generate $1.5 million from fraudulent app installs and advertising.
Evidence suggests the Petya malware attack came from a state actor, which could make it an act of war, according to NATO. Researchers with the international organization found the malware "can most likely be attributed to a state actor." More evidence is needed.
Petya, a new piece of ransomware that's been spreading through Russia and Ukraine, is now present in the United States. It's also spread to parts of Europe, Asia, and Australia. The malware has affected banking systems in some countries and disabled a Chernobyl monitoring system.
More evidence is pointing to North Korea as the source of the WannaCry ransomware. According to the BBC, the National Cyber Security Center in the UK believes Korean hackers from the Lazarus group were responsible for the attack. Lazarus is linked to Korea.
Tens of millions of Android devices may be infected with Judy, a recently highlighted piece of malware. Check Point says around 36.5 million devices could contain the malicious software, which is designed to illegitimately generate ad revenue. Judy got past Google's defenses.
Subtitle files that are often downloaded by people with pirated movies/shows are being used by hackers to hide malware. Checkpoint reports the exploit has given hackers a way to control someone's desktop by getting them to load fake movie/show subtitles.
A malicious website pretending to be associated with WhatsApp is spreading adware. It's located at "whatsapp.com," yet the characters are replaced with those from the Cyrillic alphabet, making it easier to appear legitimate. The URL could definitely trick people.
Security firm FireEye reports hackers "aligned with Vietnamese government interests" are targeting companies, journalists, and governments around the world. They've been carrying out cyberattacks for at least 3 years. The implicated group is known as OceanLotus.
Renault and Nissan have both been affected by the WannaCrypt ransomware, forcing some of their plants to temporarily shut down. Several European plants operated by Renault had to halt their work because data on their computers was entirely inaccessible.
The reach of WannaCrypt, a fast-growing ransomware, will significantly increase as business begins Monday, says Robert Wainwright, executive director of Europol. There are already upwards of 200,000 victims in over 150 countries. Indonesia has issued a similar warning.
Microsoft has issued a special patch to address a "crazy bad" Windows Defender exploit first reported by Google's Project Zero over the weekend. Tavis Ormandy and Natalie Silvanovich, two Project Zero researchers, reported the security hole on Twitter.