Search results for: fake Flash Player update

coronavirus

Cyber crooks continue to exploit COVID-19 for their malicious schemes

A time of chaos is a time for opportunity for unscrupulous individuals and groups, and COVID-19 is seemingly an unmissable boon for cyber crooks. We’ve already covered a variety of COVID-19-themed scams, phishing attempts, hoaxes and malware delivery campaigns, but new and inventive approaches are popping up daily. The latest schemes and scams that exploit COVID-19 Proofpoint researchers have observed COVID-19 being used as a pretext in BEC scams: “BEC attacks are often delivered in … More

danger

Fake alerts about outdated security certificates lead to malware

Cyber criminals have been trying out a new approach for delivering malware: fake alerts about outdated security certificates, complete with an “Install (Recommended)” button pointing to the malware. The malware peddlers behind this scheme are obviously counting on users not knowing exactly what a security certificate is and that they are not responsible for keeping it updated, as well as exploiting users’ desire to keep themselves safe online. The scheme The malicious alerts have been … More

Adobe Flash

Fake Flash updaters deliver cryptominers AND update Flash

Cryptominers have dethroned ransomware as the top malware threat and cybercriminals are coming up with new ways to keep the mining activity secret from the victims. One of these includes tricking users into unknowingly downloading and running the mining software via a fake Adobe Flash updater. To keep up appearances, the fake updater uses pop-up notifications from the official Adobe installer. The campaign At the start of August, Palo Alto Networks researchers have noticed Windows … More

danger

Thousands of WP, Joomla and SquareSpace sites serving malicious updates

Thousands of compromised WordPress, Joomla and SquareSpace-based sites are actively pushing malware disguised as Firefox, Chrome and Flash Player updates to visitors. This campaign has been going on since at least December 2017 and has been gaining steam. The malicious actors are injecting JavaScript that triggers the download requests into the content management systems’ JavaScript files or directly into the sites’ homepage. Keeping the effort on the down-low The malware peddlers are using a variety … More

danger

A look at the top seven ransomware attacks in the past decade

In part one of this series, we discussed exactly what ransomware is, including the effects of and motives behind different types of attacks. In this second article, I’ll look at the top seven ransomware attacks within the past decade and how they managed to infiltrate networks around the world. 1. Reveton Reveton, ransomware that started spreading in 2010, was based on a Citadel Trojan. This ransomware used its payload to display an alert message on … More

Google Play

Sneaky malware downloader found in apps on Google Play

Google has removed from Google Play eight apps that have served as downloaders for Android banking malware. The malware The packages – a mixture of Android cleaners and news app – looked pretty legitimate: they did not ask for any suspicious permissions, and mimicked the activity the user expected them to exhibit. What the users could not see is that, in the background, they decrypted and executed a first stage payload, which then decrypted and … More

NotPetya successor Bad Rabbit hits orgs in Russia, Ukraine

Bad Rabbit ransomware, apparently modeled on NotPetya, has hit a number of organizations across Russia, Ukraine, and Eastern Europe on Tuesday. Russian security outfit Group-IB was among the first ones who flagged the attack. “Amongst victims, this affected computers and servers of the Kiev metro, the Ministry of Infrastructure and Odessa International Airport, as well as a number of state organisations in the Russian Federation. Victims in the Russian Federation included Federal news sites and … More

fake anti-wannacry

Bogus anti-WannaCry apps cropping up on Google Play

While the world is still battling the WannaCry ransomworm menace, fraudsters have decided to exploit the threat’s visibility and users’ confusion to make them install fake Android apps that supposedly protect against it. WannaCry hits Russia’s postal service Reuters has reported on Wednesday that the Russian postal service was among the organizations hit with WannaCry last week, and that it is still dealing with the aftermath. According to some of the employees, the malware apparently … More

German Android users bombarded with banking malware masquerading as legitimate apps

Fortinet researcher Kai Lu warns of a fake email app that is capable of stealing login credentials from 15 different mobile banking apps for German banks. “Once this malicious app is installed and device administrator rights are granted, when the user first launches a targeted banking app the malicious app sends a request via HTTPS to its C2 server to get the payload. The C2 server then responds with a fake customized login webpage, and … More

Android Trojan targets customers of 94 banks in US, Europe

If you/ve recently installed a Flash Player Android app and now almost every app you open asks you for your payment card details, you’ve been infected with a banking Trojan. It is unclear where the fake, malicious Flash Player can be downloaded from, but it’s likely one or more third-party apps stores popular around the world. What is clear is that the app is bad news. Once victims install and run it, it will push … More

binary

Week in review: EU-US Privacy Shield, using AI to build an army of virtual analysts

Here’s an overview of some of last week’s most interesting news and articles: Fake Amazon survey-for-money offer leads to account compromise “As a valued customer we would like to present you with an opportunity to make a quick buck,” says the email, decked out with the Amazon logo and using a similar color scheme. Harnessing artificial intelligence to build an army of virtual analysts PatternEx, a startup that gathered a team of AI researcher from … More

Apple

Mac users beware! Scareware hides behind fake Flash Player update

Mac users are being targeted by scareware peddlers, warns SANS ISC CTO Johannes Ullrich. The malware is delivered in the form of a Flash Player update. The attack starts on Facebook, where potential targets are tricked into clicking a link via a click-baiting item. Once they land on the destination site, it shows the following warning: “While I wasn’t able to capture the exact trigger for the popup advertising the update, I suspect it was … More