This upcoming webinar explores how organizations need to combine security, backups, and recovery planning to reduce the impact of modern cyberattacks.
Category: cybercrime/malcode – Page 3
TrickMo Android banker adopts TON blockchain for covert comms
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications.
The TrickMo banker was first spotted in September 2019 and has remained in active development, constantly receiving updates since then.
In October 2024, Zimperium analyzed 40 variants of the malware delivered via 16 droppers, communicating with 22 distinct command-and-control (C2) infrastructures, and targeting sensitive data belonging to users worldwide.
Hackers abuse Google ads, Claude.ai chats to push Mac malware
Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign.
Users searching for “Claude mac download” may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac.
The campaign was spotted by Berk Albayrak, a security engineer at Trendyol Group, who shared his findings on LinkedIn.
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss.
The 28 apps have collectively racked up more than 7.3 million downloads, with one of them alone accounting for over 3 million downloads, before they were taken down from the official app storefront. The activity, codenamed CallPhantom by Slovakian cybersecurity company ESET, primarily targeted Android users in India and the broader Asia-Pacific region.
“The offending apps, which we named CallPhantom based on their false claims, purport to provide access to call histories, SMS records, and even WhatsApp call logs for any phone number,” ESET security researcher Lukáš Štefanko said in a report shared with The Hacker News. “To unlock this supposed feature, users are asked to pay — but all they get in return is randomly generated data.”
NVIDIA confirms GeForce NOW data breach affecting Armenian users
NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has been exposed in a data breach.
The gaming and hardware giant has clarified that the impact is limited to Armenia, and was caused by a compromise of the infrastructure operated by a regional partner.
The company added that its own network was not impacted by the incident.
Agentic AI: Navigating The Evolving Frontier
Link:
#artificialIntelligence #agenticai #ai #cybersecurity #governance #tech Forbes
Kindly see my latest article: By Chuck Brooks.
The Strategic Inflection Point: From Automation to Autonomy. This moment is characterized by operational autonomy and technical innovation. Agentic AI is increasingly establishing itself as the standard decision-making framework in critical systems. This transition resembles cloud computing and mobile networks, yet it possesses agency. Incorporating intent into machines.
Anthropic research warns AI could build itself by 2028
In this exclusive interview, Axios co-founder Mike Allen sits down with Anthropic co-founder Jack Clark to discuss his warning that by 2028, AI systems may be able to improve and build better versions of themselves.
Clark explains why Anthropic is preparing for the possibility of an “intelligence explosion,” how advanced AI could accelerate breakthroughs in science and medicine, and why governments, companies and researchers need new plans for cyber threats, bio risks, economic disruption and the future of work.
Timestamps:
00:00 — Introduction: the future of AI
00:41 — The 2028 prediction: AI building itself.
01:49 — The risks of rapid acceleration.
03:11 — The 3D printer metaphor.
05:21 — Intelligence explosion and fire drill scenarios.
06:55 — Building a \.
Canvas login portals hacked in mass ShinyHunters extortion campaign
The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting a vulnerability to deface Canvas login portals for hundreds of colleges and universities.
The defacements, which were visible for roughly 30 minutes before being taken offline, displayed a message from ShinyHunters claiming responsibility for the earlier Instructure breach and threatening to leak stolen data if a ransom is not paid.
The message warns that Instructure and schools have until May 12 to contact them to negotiate a ransom, or students’ data will be leaked.
New TCLBanker malware self-spreads over WhatsApp and Outlook
A new trojan named TCLBanker, which targets 59 banking, fintech, and cryptocurrency platforms, uses a trojanized MSI installer for Logitech AI Prompt Builder to infect systems.
Additionally, the malware includes self-spreading worm modules for WhatsApp and Outlook that automatically infect new victims.
The new banking trojan was discovered by Elastic Security Labs, whose researchers believe it’s a major evolution of the older Maverick/Sorvepotel malware family.