Researchers working for the ESET security company, have uncovered a new trojan that’s targeting Android users in Australia, New Zealand and Turkey. The malware is trying to steal important login information for major banks and financial institutions, and then steal money out of those accounts.
Yesterday security researchers at ESET announced they were tracing a new type of malware that’s quickly spreading across Android devices. The piece of software originally gets on users’ phones by masquerading as Adobe’s Flash Player.
Once installed, the trojan looks for financial institution apps that may be installed on the user’s device. These include the major bank chains available in Australia, New Zealand and Turkey, as well as few social apps likes Skype. Once it identifies these apps it downloads fake login screens for each of them from its control and command (C&C) server.
Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday.
Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.
Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of Microsoft Corp's Windows operating system.
Palo Alto Threat Intelligence Director Ryan Olson said the "KeRanger" malware, which appeared on Friday, was the first functioning ransomware attacking Apple's Mac computers.
"This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom," Olson said in a telephone interview.
An Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs. The representative said he could not immediately provide other details.
At the beginning of the year, Microsoft revealed that over 200 million devices were running Windows 10, including 22 million in the enterprise and education sectors. The new operating system won a big vote of confidence last month from the US Department of Defense, which has committed to upgrading 4 million of its machines to Windows 10 within the next year, and as more large organizations put their trust in the OS, Microsoft is keen to ensure that it remains its "most secure platform ever".
As Microsoft explained today, organizations are continuing to face significant threats from cyberattacks:
Even with the best defense, sophisticated attackers are using social engineering and zero-day vulnerabilities to break-in to corporate networks. Thousands of such attacks were reported in 2015 alone. We’ve found it currently takes an enterprise more than 200 days to detect a security breach and 80 days to contain it. During this time, attackers can wreak havoc on a corporate network, stealing data, breaching privacy, and destroying the trust of customers. These attacks are incredibly expensive, costing organizations an average of $12 million per incident with broader impact to a company’s reputation.
With this in mind, Microsoft has announced Windows Defender Advanced Threat Protection (ATP), a new service which it says "will help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations."
Building on security features integrated into Windows 10, ATP harnesses the power of the cloud, going beyond simple scans for known malware, by attempting to identify unusual behavior and activities across corporate systems and networks that may be indicative of an attack. Microsoft says that its intelligent security graph "provides big-data security analytics that look across aggregate behaviors to identify anomalies - informed by anonymous information from over 1 billion Windows devices, 2.5 trillion indexed URLs on the Web, 600 million reputation look-ups online, and over 1 million suspicious files detonated every day."
Android users are being warned about a new strain of malware called Mazar Bot that is hitting smartphones, giving attackers full administrative rights to monitor and control nearly every aspect of the phone.
The manipulative and persistent piece of malware, found to be in active use by researchers at Heimdal Security, takes hold via a malware-ridden SMS/MMS message that, once clicked, spreads a torrent of alarming exploits such as sending malicious text messages, anonymously accessing the web, putting the phone into sleep mode and even fully erasing all content from the device.
Google has recently announced its plans to start cracking down on websites that display deceptive ads. The company will begin warning users if they ever enter such places on the web with a message stating "deceptive site ahead", once they click on an ad it suspects contains "social engineered" content.
The company aims to lessen this significantly through its updated social engineering policy. It lists possible deceptive social engineered ads, some of which:
These ads, like the images on the right, may come in a form of an alleged "download button," usually stating that a plugin needs to be installed in order for content on the website to be utilized. Another type of deceitful ad is one that states that a user's system is outdated, and that they should click on the illusory message box in order to keep their computer updated. And lastly, one of the most common tricks is an ad disguising as a download/play button for a streaming website.