Archive for the ‘cybercrime/malcode’ category: Page 23

Sep 8, 2022

This Follicle-Hacking Drug Could One Day Treat Baldness

Posted by in categories: biotech/medical, cybercrime/malcode

Researchers are working on an injectable that could get dormant follicles growing again. Trials on mice show promise.

Sep 7, 2022

A low-cost, viable solution for self-driving cars to spot hacked GPS

Posted by in categories: cybercrime/malcode, robotics/AI, transportation

A lot of hurdles remain before the emerging technology of self-driving personal and commercial vehicles is common, but transportation researchers at The University of Alabama developed a promising, inexpensive system to overcome one challenge: GPS hacking that can send a self-driving vehicle to the wrong destination.

Initial research shows a vehicle can use already installed sensors to detect traveling the wrong route when passengers are unaware of the change, thwarting an attempt to spoof the GPS signal to the vehicle, according to findings outlined in recently published papers in the IEEE Transactions on Intelligent Transportation Systems and Transportation Research Record: Journal of the Transportation Research Board.

Relying on software code and in-vehicle sensors already part of the self-driving system would be cheaper for consumer and to deny the hacked directions used to steer cargo or people away from their intended destination, said Dr. Mizanur Rahman, assistant professor of civil, construction and and affiliate researcher with the Alabama Transportation Institute.

Sep 6, 2022

This brutal hacking tool could steal virtually all of your logins

Posted by in category: cybercrime/malcode

Facebook, Apple, Google, Microsoft logins all reportedly hackable with new EvilProxy service.

Sep 6, 2022

Minecraft is hackers’ favorite game title for hiding malware

Posted by in categories: cybercrime/malcode, transportation

Security researchers have discovered that Minecraft is the most heavily abused game title by cybercriminals, who use it to lure unsuspecting players into installing malware.

Based on stats collected by the security firm between July 2021 and July 2022, Minecraft-related files accounted for roughly 25% of malicious files spreading via game brand abuse, followed by FIFA (11%), Roblox (9.5%), Far Cry (9.4%), and Call of Duty (9%).

Other game titles with notable percentages of abuse during this period are Need for Speed, Grand Theft Auto, Valorant, The Sims, and GS: GO.

Sep 6, 2022

New Linux malware evades detection using multi-stage deployment

Posted by in categories: cryptocurrencies, cybercrime/malcode

A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads.

The malware exploits vulnerabilities to elevate its privileges, adds persistence on the host via crontab, and eventually launches a cryptocurrency miner on infected devices.

Shikitega is quite stealthy, managing to evade anti-virus detection using a polymorphic encoder that makes static, signature-based detection impossible.

Sep 6, 2022

New EvilProxy service lets all hackers use advanced phishing tactics

Posted by in category: cybercrime/malcode

A reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged, promising to steal authentication tokens to bypass multi-factor authentication (MFA) on Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, and even PyPI.

The service enables low-skill threat actors who don’t know how to set up reverse proxies to steal online accounts that are otherwise well-protected.

Reverse proxies are servers that sit between the targeted victim and a legitimate authentication endpoint, such as a company’s login form. When the victim connects to a phishing page, the reverse proxy displays the legitimate login form, forwards requests, and returns responses from the company’s website.

Sep 6, 2022

Addressing the cybersecurity talent gap: New programs from (ISC)2

Posted by in category: cybercrime/malcode

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Cyberattacks, breaches, hacks and ransomware are on the rise — that should come as no news.

And, according to many experts, one of the significant reasons behind this is a long-lamented cybersecurity talent shortage.

Sep 6, 2022

Nitrokod stealth malware hides on a pc for a month before it goes to work infects over 111,000 users

Posted by in categories: cryptocurrencies, cybercrime/malcode

A Turkish entity going by the name of Nitrokod has been accused of running a campaign by spoofing a desktop version of Google Translate to actively mine cryptocurrency from its more than 111,000 users across eleven countries (UK, US, Sri Lanka, Greece, etc., Israel, Germany, Turkey, Cyprus, Australia, Mongolia, and Poland) in 2019.

In addition to Google Translate, there are five other fake desktop applications on the Nitrokod website. Most of them impersonate programs that are not officially available as desktop applications, but as web or mobile applications, which makes the desktop version created by the attackers particularly attractive. In any case, they are popular applications that can be found on websites such as Softpedia and UpToDown.

Continue reading “Nitrokod stealth malware hides on a pc for a month before it goes to work infects over 111,000 users” »

Sep 6, 2022

Elon Musk’s crypto interview was broadcast on the South Korean government’s YouTube channel that was hacked and renamed ‘SpaceX Invest’

Posted by in categories: cybercrime/malcode, Elon Musk, government, space travel

The channel has around 262,000 subscribers and actively posts videos on government policies and current events. It’s the third YouTube account run by South Korea’s government to have been breached in the last two weeks, Korean daily JoongAng Ilbo’s Lee Jian reported.

The identities and motives of those behind the attacks are not immediately known, the paper wrote, citing a statement from the Ministry of Culture, Sports and Tourism.

The Korea Tourism Organization’s YouTube channel was breached twice once on Thursday and once on Friday and was suspended until Sunday, JoongAng Ilbo reported.

Sep 5, 2022

Prynt Stealer Contains a Backdoor to Steal Victims’ Data Stolen

Posted by in category: cybercrime/malcode

Researchers discovered a private Telegram channel-based backdoor in the information stealing malware, dubbed Prynt Stealer, which its developer added with the intention of secretly stealing a copy of victims’ exfiltrated data when used by other cybercriminals.

“While this untrustworthy behavior is nothing new in the world of cybercrime, the victims’ data end up in the hands of multiple threat actors, increasing the risks of one or more large scale attacks to follow,” Zscaler ThreatLabz researchers Atinderpal Singh and Brett Stone-Gross said in a new report.

Prynt Stealer, which came to light earlier this April, comes with capabilities to log keystrokes, steal credentials from web browsers, and siphon data from Discord and Telegram. It’s sold for $100 for a one-month license and $900 for a lifetime subscription.

Page 23 of 170First2021222324252627Last