Tag Archive for: clicking

Clicking these texts allows devious malware to take over your phone

/in


Text messages have not gone out of fashion. While platforms like WhatsApp and Telegram have exploded in use, 2.1 trillion text messages were still sent in 2020. Facebook Messenger is also a popular choice, and the company recently introduced end-to-end encryption.

Unfortunately, text messages are also popular with cybercriminals. Constantly developed to infect as many devices as possible, malware hiding in texts is an ever-growing concern.

While they come in different forms, an old trick has been re-engineered to cause financial havoc. Read on to see how malicious text messages can install money-grabbing malware.

Here’s the backstory

Medusa malware made its first appearance in July 2020, sparking concern with its ability to infect devices rapidly. The malware is also known as Tanglebot and is spread through text messages containing malicious links. If the malware infects your device, crooks can steal data and even take over your phone. 

ThreatFabric researchers noticed a development change in the current version, making Medusa even more dangerous. In addition to the regular reading of text messages and accessing your contacts, it can now steal your money too. It’s a dangerous banking trojan that you need to keep off your gadget.

This particular scam combines SMS (short message service or text messages) and phishing and is known as smishing. These attacks attempt to gain your trust by imitating brands and companies you know or support.

The malware performs fraudulent actions either through a keylogger or by taking control of your device’s clipboard. And it isn’t easy to spot. Built into the malware’s code are instructions for evading antivirus detection and preventing the installation of apps that will detect it.

According to ThreatFabric, here’s how the scheme works: you receive a message via text that contains malicious links. Scammers pretend to have information on a delivery or an app that needs an immediate update. But the link leads to a malicious download that will infect your device with malware.

Once…

Source…

Warning to Nigerians: Avoid clicking links sent through SMS, malware in circulation, NCC says

/in


  • Nigerians have been asked not to click on any link sent through SMS because it can contain a terrible virus
  • According to the Nigerian Communications Commission (NCC), the virus infects Android mobile devices
  • Some of the messages with the link to the malware are said to contain information on COVID vaccination and power outages

The Nigerian Communications Commission (NCC) has warned the public of TangleBot, a new virus infecting Android mobile devices through short messaging service (SMS).

This was disclosed in a statement issued on Saturday by Ikechukwu Adinde, NCC spokesman, following a recent security advisory made available to the commission by the Nigeria Computer Emergency Response Team (ngCERT).

Avoid clicking links sent through SMS, malware in circulation, NCC says
NCC asks Nigerians to avoid clicking links sent through SMS. Photo: NCC
Source: Facebook

Some of the messages with the link to the malware are said to contain information on COVID vaccination and power outages.

“The aim behind both or either of the messages (on COVID-19 or impending power outages) is to encourage potential victims to follow a link that supposedly offers detailed information,” the statement reads.

Read also

Stop charging your phone in public places, ‘Yahoo boys’ can hack into your phones NCC warns Nigerians

Do you have a groundbreaking story you would like us to publish? Please reach us through [email protected]!

“Once at the page, users are asked to update applications such as Adobe Flash Player to view the page’s content by going through nine (9) dialogue boxes to give acceptance to different permissions that will allow the malware operators initiate the malware configuration process.

“The immediate consequence to this, is that the malware then steals sensitive data stored on the device and monitors almost every user activity, including camera use, audio conversations, and location, among other things.”

The NCC added that the malware takes control of the targeted device, including access to banking data.

“In order to ensure maximum protection for Internet users in the country, the ngCERT has offered a number of preventive measures to be taken by the consumers. These measures include an advisory to telecom consumers and other Internet users to refrain…

Source…

Cyber Security Means Not Clicking On That Link

/in


COVID changed the way we used the internet. Whether for streaming TV, buying groceries, or video-calling, many people created new online digital accounts during the pandemic. As we spend more of our lives online, it’s increasingly important to keep information safe online.

October is Cybersecurity Awareness Month, and experts are urging consumers to protect their accounts. That includes being mindful at work where ransomware attacks on companies often happen when an employee clicks on a link that they shouldn’t have.

To find out what we all need to know, Eric Douglas spoke with Bill Gardner, a white-hat hacker and a cybersecurity professor at Marshall University. He says there is a tremendous demand for people trained in the field.

Douglas: October is Cyber Security month. Where did that come from?

thumbnail_Gardner3.jpeg

Cybersecurity professor and white-hat hacker, Bill Gardner.

Gardner: That was originally floated by the federal government because we need to do better with cybersecurity. Every breach we have is the worst one in history. Right? There’s things users can do to protect themselves, and that’s the whole thrust behind it.

Douglas: Let’s talk about the ever-escalating breaches for a minute. What’s going on for the average Joe? What should I know about my personal cybersecurity?

Gardner: From the top-down approach, agencies who work on this problem need to share data. And they’re not always doing it. We need to keep an eye on threat intelligence, who the bad actors are, so we can do a better job defending against them. As a person, it’s the same old adage. It really hasn’t changed a lot. Be suspicious of email when you don’t know where it’s coming from. If it sounds too good to be true, it probably is. If you get a text message from AT&T, go to the AT&T website or through the AT&T app to see if it’s legitimate or not.

If you’re expecting a package from Amazon, or through FedEx, don’t just click on links that are sent to you saying it’s been delayed. All those things are the things that hook you. We call it phishing. It hooks you into clicking on an attachment or going to a web page that’s compromised. If you look at breaches, probably 97…

Source…

HSE hack may have happened due to something as simple as an employee clicking on a link

/in


Cybersecurity experts last night warned that it could be weeks before HSE systems return to normal after yesterday’s ransomware attack.

Ronan Murphy, of Cork-based cybersecurity experts Smarttech247, said it could be into next month before remedial work fixes problems caused by what has been described as “the most significant attack the Irish State has ever had”.

“This will cause unbelievable disruption to the HSE,” he said.

That is the nature of these ransomware attacks — it is the fact that they are incredibly disruptive despite how easy they are to launch. 

‘Simple precautions and software updates’

He said that while there are hundreds of ways ransomware can be spread throughout a network, it usually starts with something as simple as an employee clicking on a link or opening an email attachment.

However, that action alone could be made all the worse if the person clicking on the link or downloading the file was working on a system that did not have all its software updated to the latest versions.

If their system did not have the most up-to-date security patches, there would have been an added vulnerability in their system.

“Ransomware exploits known vulnerabilities in a network,” Mr Murphy said. “It is not overly sophisticated.

“Once it gets into a network, it spreads very fast and encrypts data, and a ransom note pops up on the screen, warning the user they have 72 hours to pay up.” 

‘Attack could have been planned for months’

IP-Performance’s chief information security officer Phil Cracknell, a former cybersecurity adviser to the UK government, said the attack could also have been initiated by someone figuring out the user name and password of somebody with access to the HSE network.

He also suggested that this particular attack could have been launched weeks or months ago, but only initiated early on Friday morning.

“There is not enough information out about this attack so far, “ he said.

“Various buzzwords are being used, like ‘zero-day threat’ and ‘distributed denial of service’ [DDOS] attack.

‘There could be more to this incident…’

“However, you wouldn’t normally associate such attacks with a ransomware attack,” he said: 

Source…