malware

Mon
25
Nov
John Lister's picture

Bizarre Google Search Risk Claim is Overhyped

Claims that typing "Are Bengal cats legal in Australia?" into Google could destroy your computer and empty your bank account are somewhat overblown. But beneath the hyperbole, there's an interesting tactic from hackers. Numerous media sources have ... written stories about the supposed dangers of a "six word phrase" that users must not type for fear of exposing their personal data. The implication is that there's some sort of magical booby trap, but the reality is a little duller. The problem was spotted by Sophos which noted that several of the top search results for the query about the cats ... (view more)

Wed
02
Oct
John Lister's picture

Necro Malware Infects 'Modified' Spotify, WhatsApp

"Modified" versions of popular apps have helped distribute a nasty piece of Android malware. The tactic expanded the reach of the Necro Trojan despite Google's security checks. Necro was able to survive for some time before discovery, largely ... because the infection wasn't obvious to users. Its main purpose was to hijack phones and use them to make money for the people behind the malware. This included displaying paid ads in the background so that users didn't see them, but the scammers were able to claim revenue from advertisers. The malware would also install apps on the phone to earn ... (view more)

Wed
14
Aug
John Lister's picture

Android Malware Hidden For Years

Five rogue Android apps remained in the Google Play store for more than two years. They hosted notorious malware called Mandrake that was hidden through some creative means. According to SecureList, the apps were titled AirFS, Amber, Astro Explorer, ... Brain Matrix and CryptoPulsing. The good news is that the apps had hardly any downloads, one of the reasons they attracted little attention. The real concern is whether malware distributors are using the same tactics with other apps. (Source: securelist.com ) Mandrake has been known about since 2020, though appears to have been in circulation ... (view more)

Wed
12
Jun
John Lister's picture

Google Play 'Update' May Be Scam

Android scammers are using a creatively nasty way to spread malware. They've disguised it as an update for the Google Play store itself. It's a particularly cheeky way to try to get credibility for a malware scam. Not only is Google Play the ... official place to get Android apps in the first place, but the best and simplest Android security tip is to only use apps from Google Play. In this case, the malware doesn't originate as an app but instead as a bogus link. This could be on a web page, in a text message or in an email. The supposed source is Google itself and the link comes with a message ... (view more)

Fri
17
May
John Lister's picture

'Dirty Stream' Floods Android With Malware

A new form of Android malware can hijack legitimate apps. "Dirty Stream" take advantage of a legitimate function designed to make life easier for users. The function is called ContentProvider and allows one mobile app to access data from, or ... communicate with, another app. It makes it possible to, for example, open a PDF attachment from a messaging app in a dedicated PDF reader app. The people behind the DirtyStream malware found a vulnerability in the way ContentProvider worked. This made it possible not only to force another app to open a compromised file, but to then use the contents to ... (view more)

Fri
05
Apr
John Lister's picture

Scammers Hijack Google Search AI Results

Recently, Google has started baking artificial intelligence (AI) into its standard search results. However, the new AI-powered responses have been criticized for giving credibility to scams, including leading users to malicious sites where their ... systems could be compromised by ransomware and similar. Although the baked-in artificial intelligence results have already been available for people who have intentionally asked to try it, what's important to note is that Google is now rolling it out for some ordinary users when they carry out a search. The idea of the new tool is to better handle ... (view more)

Thu
28
Mar
John Lister's picture

Chrome Improves Real-Time Protection

Google says Chrome will now warn users about risky sites using real-time information. The improvements won't compromise user privacy. Chrome already offers a feature called Safe Browsing. The default option, "standard protection," kicks in when ... users are about to visit a site, download a file or install an extension. The feature compares the target URL (website address) against a database of known and suspected security risks and warns the user of a match. The optional "enhanced protection" option will also actively check the target site for any signs that it may be compromised, threaten ... (view more)

Fri
01
Mar
John Lister's picture

Android Malware Targets Banking Apps

The latest malware targeting banking users may have infected up to 200,000 Android devices. The criminals behind Anatsa have deliberately exploited what's meant to be a useful feature that makes users' lives easier. The attacks have some familiar ... features such as distributing the malware through free tools that perform some basic functions and finding ways around the Android permission system. What makes it a particularly nasty campaign is that it takes advantage of the Android Accessibility system. Security researchers at ThreatFabric spotted the malware in five apps with similar names: ... (view more)

Mon
27
Nov
John Lister's picture

Mac Users Targeted In Browser Scam

Mac users have been warned to watch out for bogus updates to the Safari and Chrome browsers. It's a scam to spread data-stealing malware. The AMOS malware, also called Atomic Stealer, is particularly nasty as it targets data stored or transmitted by ... web browsers. This includes login details, passwords, and credit card numbers. It also looks for cryptocurrency wallets, which give access to Bitcoin and other cryptocurrencies that can be stolen and turned into cash. (Source: malwarebytes.com ) The malware has been around since the spring when the scammers targeted people searching for popular ... (view more)

Thu
24
Aug
John Lister's picture

AI Struggles to Write Malware

Artificial Intelligence tools aren't as useful for writing malware as it first seemed. However, they may be useful for phishing scams and other social engineering. Two recent security company reports covered by The Register explored how malware ... scammers are particularly interested in AI tools that generate material. The theory goes that such tools could write code designed to exploit vulnerabilities in software and websites. (Source: theregister.com ) It's not a completely outlandish theory as some users have found such tools can efficiently write code for a particular task. It can take ... (view more)

Pages

Subscribe to RSS - malware