Chinese Fireball malware infects over 250 million PCs worldwide

Security researchers are warning users about a dangerous new form of malware dubbed Fireball that has already infected 250 million computers worldwide.

The malware, dubbed Fireball, was discovered by CheckPoint security and is already present on 20 percent of world’s corporate networks, the company said.

According to security firm CheckPoint, Fireball takes over your internet browser and is capable of launching unauthorised tasks, like downloading files containing even more malware onto your machine.

It can also hijack your web traffic in order to generate fraudulent ad revenue. …

Fireball works by installing a plugin that boosts the advertisements belonging to Rafotech, which generates fraudulent clicks and fake web traffic.

Fireball Global Infection Rates (darker pink = more infections)

India, Brazil and Mexico are the countries with most infections of Fireball and there have also been 5.5 million infections found in the United States. It is not known how many infections are in Thailand but Check Point said there had been some instances of Fireball infecting computers in the kingdom. …

Source: Chinese Fireball malware infects 250 million PCs worldwide – here’s how to check if your PC is infected

Share

Millions of people have downloaded a nasty smartphone virus

Android owners have been put on high alert after researchers identified a new virus that has been downloaded more than two million times.

The malware is called Falseguide and is hidden in apps found on Google Play, the online store where Android users download new software.

The virus lurks inside apps which appear to be guides to popular games.

Once victims download these apps, their phones are infected.

Currently, the Russian hackers behind the malware appear to be trying to build a botnet – a large group of hacked devices which can be controlled as one and used to perform hack attacks against websites and other targets. …

Source: Millions of people have downloaded a nasty smartphone virus and YOU could be its next victim

Share

Hajime IoT malware looks more sophisticated than Mirai

The Mirai malware took control of poorly secured IoT devices, creating a large botnet that was used in a DDoS attack against DNS provider Dyn, which in turn took down a large portion of the internet last year. …

Hajime is yet another malware which is taking over poorly secured IoT devices. However, this malware works in a very different way than Mirai, which also makes it harder to stop.

The Mirai malware takes orders from command and control servers. While this is a typical method used by malware, it also provides a method to combat the botnet. Internet service providers have been cutting off access to these C&C servers when they are found. Hajime doesn’t suffer this weakness.

Instead of using C&C servers, Hajime instead communicates via a peer-to-peer network utilizing tools used in BitTorrent. This makes blocking communications that much harder, if not impossible. …

Source: You Thought Mirai Was Bad? Meet Hajime. – UTB Blogs

Share

Leaked NSA Malware Puts Windows Computers At Risk

A group of hackers have released malware made by the NSA that puts all computers running Windows at risk of being hacked.

The Shadow Brokers hacking group claimed in a blog post on Friday that it had obtained US National Security Agency tools that enable them to steal users’ data.

Friday’s blog post included downloads to potent exploits and hacking tools that target most versions of Microsoft Windows, and included evidence of hacks on the SWIFT banking system of several banks around the globe.

The group directed  visitors to download files and codes that revealed previously undisclosed computer exploits made by the NSA—known as zero-day exploits—that experts have warned are likely to cause chaos around the world in the coming weeks. …

Source: Leaked NSA Malware Puts All Windows Computers At Risk

Share

Deutsche Telekom warns of spam mails disguised as an invoice

Criminals are currently sending out fake telecom bills which contain links to dangerous malware and are difficult to detect as a fake.

Currently, Deutsche Telekom warns its customers of dangerous spam mails. Criminals are sending out fake telecom bills. Clicking on a link will download a javascript file which is used to pollute your PC with malicious software.

Telekom advises not to click on the link and delete the email immediately. …

Source: Telekom warnt vor Spam-Mails getarnt als Rechnung – connect

Share

Brickerbot Shows Why We Need a Secured IoT

There’s a new malware which is destroying IoT devices.

A security researcher at cybersecurity company Radware, has discovered a new malware. This malware, dubbed Brickerbot, is not your typical malware. It’s not trying to steal your information, or take control of your device, no, it just wants to break it.

The malware works much like the Mirai botnet that took down much of the internet last year. It searches the internet for vulnerable devices IoT devices running embedded versions of Linux. Once found, it carries out a “permanent denial of service” attack. This bricks the device altogether. …

Luckily, someone is working to change this. It was just earlier this month that John Chen wrote, “‘Is a securely connected world really possible?’. Yes it is and, not only is it possible, it is a category that BlackBerry is bringing definition to and providing leadership in. We recognize that security is a cat and mouse game, requiring constant investment and innovation and that is what we do, day in, day out. “

Source: Brickerbot Shows Why We Need a Secured IoT – UTB Blogs

Share

20 Million Mobile Devices at High Risk of Attack, Study Finds

Skycure found that 1.19% of all mobile devices are at high risk for malware infections.

While that might sound like a good number, Varun Kohli, vice president of marketing at Skycure, explains that 1.19% of 2 billion mobile devices worldwide translates to 23.8 million infected devices.

“It’s kind of deceiving, but for a company with 1,000 employees that means that 10 devices are at high risk,” Kohli says. “All a bad guy needs is one device to get into the network and start compromising data.”

The study also found that 71% of mobile devices are running on security patches that are at least two months old. This information is fairly in line with Google’s newly published Android Security report, which found that about 50% of Android devices didn’t install a single security update in 2016.

“We still see a lot of vulnerabilities on mobile devices, especially as people hold on to their devices longer,” says Phil Hochmuth, program director for enterprise mobility at IDC. “However, mobile security is getting better, the biometrics have improved, and at corporations if people bring their own devices, they have to comply with the company’s mobile management software.”

Mobile malware – adware, hidden apps, potentially unwanted apps, spyware, and Trojans – grew more than 500% from the first quarter of 2016 to the fourth quarter of that year, according to Skycure’s data. …

Source: 20 Million Mobile Devices at High Risk of Attack, Study Finds

Share

New Word macro malware infects macOS and Windows

Another form of Microsoft Word malware that infects both macOS and Windows machines has been detected.

The malicious VBA (Visual Basic for Applications) code is buried in a Word document macro and automatically adapts its attack depending on the operating system used. Once installed, it can be used to download more payload files to your computer. …

Because the attack is disguised as an innocent Word macro, it goes undetected until it is too late. If you’ve told your computer to open macros automatically, malicious code can be executed before you have any idea it’s there. …

Source: New Word macro malware infects macOS and Windows

Share

Fresh WikiLeaks Dump Shows CIA Was Hacking iPhones A Year After Launch

A new Wikileaks release called DarkMatter was released today, affirming that the Central Intelligence Agency has long targeted Apple Macs, creating malware designed to evade the tech giant’s security mechanisms. The leak also revealed the CIA had been targeting the iPhone since 2008, a year after the landmark device was released.

That slice of info was included in a small dump of information Wednesday, that included manuals for a handful of implants and rootkits – malware that can hide at the lowest level of Apple systems, the kernel and the firmware of the device. …

Source: Fresh Wikileaks Dump Shows CIA Was Hacking iPhones A Year After Launch

Share