Chinese Fireball malware infects over 250 million PCs worldwide

Security researchers are warning users about a dangerous new form of malware dubbed Fireball that has already infected 250 million computers worldwide.

The malware, dubbed Fireball, was discovered by CheckPoint security and is already present on 20 percent of world’s corporate networks, the company said.

According to security firm CheckPoint, Fireball takes over your internet browser and is capable of launching unauthorised tasks, like downloading files containing even more malware onto your machine.

It can also hijack your web traffic in order to generate fraudulent ad revenue. …

Fireball works by installing a plugin that boosts the advertisements belonging to Rafotech, which generates fraudulent clicks and fake web traffic.

Fireball Global Infection Rates (darker pink = more infections)

India, Brazil and Mexico are the countries with most infections of Fireball and there have also been 5.5 million infections found in the United States. It is not known how many infections are in Thailand but Check Point said there had been some instances of Fireball infecting computers in the kingdom. …

Source: Chinese Fireball malware infects 250 million PCs worldwide – here’s how to check if your PC is infected


Intel chip vulnerability lets hackers easily hijack fleets of PCs

Security researchers say exploiting the vulnerability requires little technical expertise, and can result in a hacker taking full control of an affected PC.

A vulnerability in Intel chips that went undiscovered for almost a decade allows hackers to remotely gain full control over affected Windows PCs without needing a password.

The “critical”-rated bug, disclosed by Intel last week, lies in a feature of Intel’s Active Management Technology (more commonly known as just AMT), which allows IT administrators to remotely carry out maintenance and other tasks on entire fleets of computers as if they were there in person, like software updates and wiping hard drives. AMT also allows the administrator to remotely control the computer’s keyboard and mouse, even if the PC is powered off. …

Source: Intel chip vulnerability lets hackers easily hijack fleets of PCs


Will the Internet of Things always be so vulnerable?

The Internet of Things (IoT) has undergone an amazing transformation, from a pipe dream to a marketing buzzword, and now an impending reality. Recent estimates expect the number of internet-connected devices to reach 26 billion by 2020, with some studies suggesting an even higher output. With an exponential increase in devices communicating with us, other devices, and with the internet at large, how can anyone keep private information safe? …

In 2015, more than 165 million personal records were exposed, through cybersecurity breaches over the course of the year. A staggering 64 per cent of Americans have been personally affected by a major data breach. It’s no longer a question of “if” cyber criminals will target you — it’s a matter of “when.”

Cyberattacks have not only become common, they’ve also become exponentially more dangerous, as we connect more and more of our devices to global networks. The large majority of cybersecurity professionals are concerned about the potential weaponisation of IoT, and only 30 per cent of them believe their organisations are fully prepared for the risks inherent in IoT. Furthermore, experts feel only one out of every ten IoT devices has adequate security measures. …

Source: Will the Internet of Things always be so vulnerable?


Millions of people have downloaded a nasty smartphone virus

Android owners have been put on high alert after researchers identified a new virus that has been downloaded more than two million times.

The malware is called Falseguide and is hidden in apps found on Google Play, the online store where Android users download new software.

The virus lurks inside apps which appear to be guides to popular games.

Once victims download these apps, their phones are infected.

Currently, the Russian hackers behind the malware appear to be trying to build a botnet – a large group of hacked devices which can be controlled as one and used to perform hack attacks against websites and other targets. …

Source: Millions of people have downloaded a nasty smartphone virus and YOU could be its next victim


German cybersecurity chief: Army attacked over 284,000 times this year

Computers belonging to the German army were attacked by hackers close to 300,000 times in the first few weeks of this year, Ludwig Leinhos, the new head of cyber command of the German army, told Bild Sunday.

Leinhos, who took charge of the German army’s cyber unit on Saturday, said that in future, wars could be won and lost online and Germany must prepare for the worst.

“From hacker attacks to state attacks, we must be prepared for everything,” Leinhos said. “In the first nine weeks of this year alone, the Bundeswehr computers were attacked more than 284,000 times.”

Bild reported that 13,500 computer specialists will be working within the cybersecurity wing of the German army in response to the threat. …

Source: German cybersecurity chief: Army attacked over 284,000 times this year


Enterprise Chat Client HipChat Hacked

HipChat is a team chat app. Claiming to be “built for business” it promises some very nice features, including group chat, video chat, and screen sharing. Earlier today, all HipChat users were forced to reset their password because the HipChat servers had been broken into.

The hack was due to a vulnerability in a third-party library. The attackers may have gained access to user’s name, email, and hashed passwords, although at this time, there is no indication that user’s messages or content were compromised, although .05 percent of this information was fully available to the attackers. …

Source: Enterprise Chat Client HipChat Hacked – UTB Blogs


Is Everything Hackable In The Internet Of Things?

The impact of the Mirai botnet has raised concerns about the internet of things, but saying everything is hackable is misleading. There are manufacturers focusing on IoT for consumers that take security seriously, though I’ve noticed that they are the minority.

From what I’ve seen, some of those manufacturers have internal security programs including application and product security teams, incident response teams, bug bounty programs and public documentation for researchers and consumers. But others only have a few – or even none at all.

Many IoT devices lack basic security controls, and assume that the network or router is responsible for defense. This is caused by lack of security awareness among manufacturers. These manufacturers are building devices and then branding (white labeling) them with their customer’s brand. For example, many of the devices that were used in the Mirai botnet came from one manufacturer, but they were sold by many other companies. …

Source: Is Everything Hackable In The Internet Of Things?


1 in 5 UK firms hit by cyber attacks in 2016

One in five British businesses has been hit by a cyber attack in the past year, according to the British Chamber of Commerce (BCC).

Polling more than 1,200 UK businesses, the BCC found that 20% had been hit by a cyber-attack in the last 12 months. It was revealed that big businesses are far more likely to be targeted by hackers (42%), rather than smaller firms (18%).

“Cyber-attacks risk companies’ finances, confidence and reputation, with victims reporting not only monetary losses but costs from disruption to their business and productivity. While firms of all sizes – from major corporations to one-man operations – fall prey to attacks, our evidence shows that large companies are more likely to experience them,” said Dr Adam Marshall, Director General of the BCC. …

Source: 1 in 5 UK firms hit by cyber attacks last year – Computer Business Review


Hajime IoT malware looks more sophisticated than Mirai

The Mirai malware took control of poorly secured IoT devices, creating a large botnet that was used in a DDoS attack against DNS provider Dyn, which in turn took down a large portion of the internet last year. …

Hajime is yet another malware which is taking over poorly secured IoT devices. However, this malware works in a very different way than Mirai, which also makes it harder to stop.

The Mirai malware takes orders from command and control servers. While this is a typical method used by malware, it also provides a method to combat the botnet. Internet service providers have been cutting off access to these C&C servers when they are found. Hajime doesn’t suffer this weakness.

Instead of using C&C servers, Hajime instead communicates via a peer-to-peer network utilizing tools used in BitTorrent. This makes blocking communications that much harder, if not impossible. …

Source: You Thought Mirai Was Bad? Meet Hajime. – UTB Blogs