Tag: detected | Page 2

Over 5 lakh malware infections detected in local telco users

June 10, 2022/in Computer Security

A staggering 5,25,820 counts of malware infections have been identified amongst the users of the four telecom operators in the country, according to the Horizon Scanning Report for Bangladesh Telecom Operators prepared by the cyber threat intelligence researchers of Bangladesh e-Government CIRT (Computer Incident Response Team). These counts of malware infections have been accounted for during the first quarter of this year, i.e. from January 2022 to April 2022.

All four telecom operators in Bangladesh have a significant infection rate of numerous malware for network communications. The total malware infections amongst the users have been accounted for during the first quarter of this year, i.e. from January 2022 to April 2022 in the Horizon Scanning Report for Bangladesh Telecom Operators.

For all latest news, follow The Daily Star’s Google News channel.

Grameenphone, having the highest subscriber base with 83.02 million users, leads the way with 294,657 total malware counts and 47 unique counts of malware infections. The virus called ‘android.hummer’ has the highest infection rate of 24.4%.

Coming in second place is Robi Axiata, with 104,578 total malware counts, having 40 unique counts of malware infections. The ‘avalanche-andromeda’ virus has a 12.85% infection rate and leads the malware chart for the second-largest telecom operator in the country.

Meanwhile, Banglalink, having the third-highest subscriber base with 37.41 million users, has a total malware count of 98,423 with 31 unique cases of software infections. The infection rate is highest for the ‘android.hummer’ virus, as it has an infection rate of 21.64%.

Teletalk, the government-based telecom operator, has a total malware count of 28,162 with 31 unique malware infections. The ‘avalanche-andromeda’ virus has the highest count having an infection rate of 11.39%.

Unsurprisingly, all the operators have the highest number of infections in Dhaka, the capital city of Bangladesh.

According to a globally accessible knowledge base of hacking techniques based on real-world observations, developing and refining the necessary analytics is vital as it can aid in detecting evidence which can confirm the presence of…

Source…

ALERT: Software that steals users’ banking credentials from phones detected

February 27, 2022/in Computer Security

The Nigerian Communications Commission’s Computer Security Incident Response Team (CSIRT) has discovered a newly-hatched malicious software that steals users’ banking app login credentials on Android devices.

According to a security advisory from the Commission’s CSIRT, the software identified as Xenomorph targeted 56 financial institutions from Europe. It is said to have a high impact and vulnerability rate.

In a statement, Dr. Ikechukwu Adinde, the Commission’s Director, Public Affairs, explained that Xenomorph is propagated by an application that was slipped into Google Play store and masquerading as a legitimate application called ‘Fast Cleaner’.

He said it is ostensibly meant to clear junk, increase device speed and optimize battery.

In reality, the app, according to the statement, is only a means by which the Xenomorph Trojan could be propagated easily and efficiently.

He emphasised that the main intent of the malware is to steal credentials, combined with the use of SMS and Notification interception to log-in and use potential two-factor authentication tokens.

Once up and running on a victim’s device, Xenomorph according to the team, can harvest device information and Short Messaging Service (SMS), intercept notifications and new SMS messages, perform overlay attacks, and prevent users from uninstalling it. The threat also asks for Accessibility Services privileges, which allow it to grant itself further permissions.

“To avoid early detection or being denied access to the PlayStore, ‘Fast Cleaner’ was disseminated before the malware was placed on the remote server, making it hard for Google to determine that such an app is being used for malicious actions.”

The team further noted that the malware also steals victims’ banking credentials by overlaying fake login pages on top of legitimate ones.

“Considering that it can also intercept messages and notifications, it allows its operators to bypass SMS-based two-factor authentication and log into the victims’ accounts without alerting them.

“Xenomorph has been found to target 56 internet banking apps, 28 from Spain, 12 from Italy, nine from Belgium, and seven from Portugal, as well as…

Source…

42 million malicious programs detected targeting China in 2020, mostly from US and India: report

July 22, 2021/in Computer Security

Cyber theft Photo: Xinhua

China has captured more than 42 million malicious program samples in 2020, with an average daily spread of more than 4.82 million times. The overseas sources of these malicious program samples were mainly the US and India, according to the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) on Wednesday.

This report comes as the US and its allies ramp up efforts to turn cyberspace into a new battlefield by groundlessly accusing China of conducting cyberattacks worldwide. Such groundless accusations will not change the fact that the US remains the world’s top spying empire with widespread malfeasance in cyberspace, observers said.

About 55.41 million IP addresses in China were attacked by malicious programs, accounting for 14.2 percent of the total number of IP addresses in the country. These attacked IP addresses are mainly based in East China’s Shandong, Jiangsu, Zhejiang and South China’s Guangdong, the report said.

Over the years China has been a major victim of cyberattacks. According to the annual report by CNCERT/CC, in 2020 about 5.31 million hosts on the Chinese mainland were controlled by a total of about 52,000 overseas malicious program command and control servers. The top three origins of these overseas servers in terms of the number of compromised Chinese hosts are all from NATO member states, according to a statement from the Chinese Mission to the European Union (EU) in response to the accusations.

The Global Times learned from Chinese tech giant 360 Security Technology last year of a series of attacks against China’s aerospace, scientific research institutions, petroleum industry and large-scale internet companies by a hacking organization affiliated with the CIA. The company found proof that the hacking group, APT-C-39, belongs to the CIA, and the hack was traced back to 2008, mainly targeting organizations in Beijing, South China’s Guangdong and East China’s Zhejiang provinces.

Global Times

Source…

More Mac malware was detected last year than ever before

March 21, 2021/in Computer Security

There has been a significant increase in the amount of malware targeting macOS devices over the past 12 months, new research has claimed.

A report from Atlas VPN found that the development of macOS malware surged by 1,092% in 2020 as hackers increasingly targeting Apple’s computing devices, including the all-new M1 Macs.

Overall, 674,273 new malware samples were detected in 2020 – a huge rise from the previous year, when there were only 56,556 samples detected.

TechRadar needs you!

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Mac vs Windows

The numbers show that 2020 was unfortuately a bumper year for macOS malware, with the number of new strains taking off like never before. Atlas VPN noted that if all the new malware detected since it began tracking in 2012 until 2019 was combined, this would result in 219,257 samples – far below the number seen in 2020.

From 2012 until 2019, the highest number of new malware strains ever detected was 92,570 samples in 2018, showing what a bumper year 2020 was for wannabe hackers.

“Contributing to this record surge in threats is the fact that new malicious software is now easier to engineer than ever before,” noted Rachel Welch, COO of Atlas VPN.

“Nowadays, hackers don’t even need advanced programming skills since they can purchase a ready-made malware code, tailor it to their needs with a little bit of coding, and establish a completely new threat.”

Alarms were raised earlier this year when the first malware native to M1-powered MacBooks was discovered in the wild, just months after the arrival of the first Apple Silicon devices.

GoSearch22.app, an M1-native version of the longstanding Pirrit virus, generates revenue by spamming users with pop-ups and adverts.

Despite the rise in macOS malware, Atlas VPN highlighted that the number of attacks targeting Windows users remained much higher. The company found a record-high of 91.05 million new Windows malware samples were discovered in 2020 – an average of 249,452 threats per day, meaning that there were over 135…

Source…

Tag Archive for: detected

For all latest news, follow The Daily Star’s Google News channel.