Skip to main content

Posts

Showing posts from February 15, 2020

New Malware dubbed Name Emotet Hacks Nearby Wi-Fi Networks to New Victims!!

Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks. According to  researchers at Binary Defense , the newly discovered  Emotet  sample leverages a "Wi-Fi spreader" module to scan Wi-Fi networks, and then attempts to infect devices that are connected to them. The cybersecurity firm said the Wi-Fi spreader has a timestamp of April 16, 2018, indicating the spreading behavior has been running "unnoticed" for close to two years until it was detected for the first time last month. The development marks an escalation of Emotet's capabilities, as networks in close physical proximity to the original victim are now susceptible to infection. How Does Emotet's Wi-Fi Spreader Module Work? The updated version of the malware works by leveraging an already compromised host to list all the ...

More than 1.9B Malicious App Installs in 2019 were blocked by Google Play Protect

Google continues to enhance the safety of Google Play with continuous improvements, enhancements, and teams to fight against malicious apps and developers. Google Play Protect is built-in malware protection for Android, it was introduced in the year 2017, aiming to detect malicious apps in the Google Play and off of user’s devices. According to Android Security & Privacy  report  2018, Google blocks more than 3.2 billion malicious apps installation. Starting from October 2018, Google announced a new policy update to limit the apps unnecessarily accessing sensitive information such as SMS and Call Log data. Google Play Protect scans over 100B apps Google Play protects scans more than 100B apps every day and alerts the users about the security measures and the steps that need to be taken. It also notified you if you have installed new or rarely installed apps in the ecosystem when the play protects is enabled it shows the following warning when the malicious ...

Around 1.7 Million Users Data were stolen by 500 Chrome Extensions!!

Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers. These extensions were part of a malvertising and ad-fraud campaign that's been operating at least since January 2019, although evidence points out the possibility that the actor behind the scheme may have been active since 2017. The findings come as part of a  joint investigation  by security researcher Jamila Kaya and Cisco-owned Duo Security, which unearthed 70 Chrome Extensions with over 1.7 million installations. Upon sharing the discovery privately with Google, the company went on to identify 430 more problematic browser extensions, all of which have since been deactivated. "The prominence of malvertising as an attack vector will continue to rise as long as tracking-based advertising remains ubiquitous, and particularly if users remain underserved by protection mechanisms," s...