Tag Archive for: list

Messaging, News Apps Stuffed With Data Stealing Malware Listed On Google Play Store; Check List Here


VajraSpy Malware: Instances of malicious apps appearing on Google Play Store have been on the rise in recent times. Continuing this series, ESET researchers identified 12 Android apps with malicious code, six of which were listed on the Play Store. Most of these apps were messaging apps with one being from the news category. The apps execute VajraSpy, a remote access trojan (RAT) code of the Patchwork APT group on the affected device.

Depending on the permissions granted to these apps, they can steal call logs, contacts, messages and files from an affected device. Plus, it can extract messages from WhatsApp and Signal, record calls, click photos using the camera, intercept notifications and search files on the compromised handset. Among the most affected regions with this campaign were Pakistan and India. According to ESET Research, the apps on Play Store absorbed over 1,400 installs.

Also Read: Clean Malware From Android And Windows Devices With These Govt-Approved Free Tools

The cybersecurity firm managed to geolocate 148 devices compromised with the VajraSpy due to its weak security protocol. The blog of WeLiveSecurity stated that these bad actors used a “honey-trap romance scam” to lure victims to install the malware. Here is the list of apps that were available on the Play Store:

 Privee Talk

 MeetMe

 Let’s Chat

 Quick Chat

 Rafaqat (News)

 Chit Chat

The above-stated apps have now been removed from Google Play Store. (Image:Unsplash)

While the apps have been removed from the Play Store, here are the other apps that were available in the wild

YohooTalk

 TikTalk

 Hello Chat

 Nidus

 GlowChat

 Wave Chat

Also Read: Operation Triangulation To Xamalicious To Chameleon Trojan, Latest Threats Targeting iOS, Android Users; How To Be Safe

ESET researcher Lukas Stefanko noted that the impact of VajraSpy due to third-party app markets remains unknown due to the lack of download figures. As a precautionary measure, users must not download chat apps from links received from unknown people and monitor the permissions of apps on their devices.

Google shared a statement to BleepingComputer: “We take security and privacy claims against apps seriously, and if we…

Source…

Ransomware and Darknet Markets Top List For Most Prominent Crypto Crimes


Rachel Wolfson

Last updated:

| 5 min read

Hacker with computer and golden coins on dark background. Cybercrime concept, hacker without a face is trying to steal cryptocurrency using a computer, AI Generated

A new report from blockchain analysis firm Chainalysis found that crypto related crimes decreased in 2023. While notable, findings also show that ransomware and darknet market activity involving cryptocurrency increased considerably.

Eric Jardine, cybercrime research lead for Chainalysis, told Cryptonews that both ransomware wallets and darknet market wallets saw more inflows during 2023 than 2022 measured in terms of dollars. Jardine further explained that these two categories of illicit activity involve different underlying patterns of behavior. He said:

“In the case of ransomware, for example, increased inflows mean that individuals, companies, critical infrastructure providers, and governments are paying more or larger ransoms after being the victim of a cyberattack by a malicious actor in 2023 than they did in 2022.  In the case of darknet markets, inflows often represent various forms of illegal activity, most notably the purchase of illicit drugs such as fentanyl, heroin, or cocaine.”

Why ransomware and darknet market activities are increasing


Unfortunately, Jardine believes that 2023 marked the recovery of the illicit darknet ecosystem. He mentioned that the closure of Hydra Marketplace in 2022 – one of the largest darknet marketplaces – reduced the aggregate inflows to darknet markets that year. However, this also resulted in an influx in darknet market activity during 2023.

Source: Chainalysis

A

Source…

Over 400 million Android users at risk as dangerous malware found in 101 apps: Check full list and delete now


By Divya Bhati: Researchers have flagged a new highly dangerous malware that has infected more than 100 apps on Google Play Store. Security researchers at Dr. Web, with BleepingComputer have discovered a new spyware called ‘SpinOK’ which has infected over 100 android applications available for download. What makes the situation more concerning is that these apps have been downloaded 421,290,300 times and this puts a significant number of Android users at risk of cyber threat.

While Google has been informed about the issues and reportedly removed the apps, researchers have advised users to delete these apps, take precautions, and refrain from downloading any similar apps in the future.

What is SpinOK malware

Revealing more about ‘SpinOK’, the study cites that this trojan malware disguises itself as an advertisement SDK and appears to be legitimate by offering mini-games with daily rewards to attract users. However, once downloaded, the malware steals private data stored on users’ devices and sends it to a remote server. The report further reveals that the infected apps had varying levels of malicious content, with some still containing harmful software, while others had specific versions or were completely removed from the store.

“On the surface, the SpinOk module is designed to maintain users’ interest in apps with the help of mini-games, a system of tasks, and alleged prizes and reward drawings,” the report by Doctor Web reveals.

Delete these Android apps

Here is the list of top 10 apps which are infected with malware:

  1. Noizz- video editor with music (at least 100,000,000 downloads).
  2. Zapya – File Transfer, Share (at least 100,000,000 downloads ; the trojan module was present in version 6.3.3 to version 6.4 and is no longer present in current version 6.4.1).
  3. VFly: video editor&video maker (at least 50,000,000 downloads).
  4. MVBit – MV video status maker (at least 50,000,000 downloads).
  5. Biugo – video maker&video editor (at least 50,000,000 downloads).
  6. Crazy Drop (at least 10,000,000 downloads).
  7. Cashzine – Earn money reward (at least 10,000,000 downloads).
  8. Fizzo Novel – Reading Offline (at least 10,000,000 downloads).
  9. CashEM: Get Rewards (at least 5,000,000 downloads).
  10. Tick: watch to earn…

Source…

List of Malicious Chrome Extensions


Shortcuts aren’t just for keyboards. Digital browsers use various online shortcuts regularly — like web extensions — which can help them surf the web quickly.

Unfortunately, not all shortcuts are safe and secure. Our list of malicious Chrome extensions reveals the dangers lurking behind unlisted, poorly scanned and third-party downloads freely available across the web. 

Premium protective services from Panda Security can help keep your browsers and devices safe — even from malicious extensions. Pairing these protections with knowledge about dangerous add-ons, how to detect them and ways to remove them can help online users navigate the web without compromising privacy and security.

What Is a Browser Extension?

A browser extension is software that does exactly as the name suggests: it extends your browser — or specific browser tools — to other webpages. These extensions can analyze information, modify or edit user actions and provide additional functionality across various browsing sites.

Some of the most common browser extensions are Grammarly, AdBlock, LastPass, Google Calendar and Scribe. While most browser extensions are harmless and can be incredibly useful, users are still able to unknowingly download malicious software that can access personal information or cause damage to devices.

Popular Malicious Chrome Extensions

Google’s Chrome is the most popular web browser across the globe, supporting more than 130,000 unique browser extensions. Most of these unique extensions are safe and supported by Chrome itself, but a few popular extensions have been identified as malicious. 

These malicious Chrome extensions can contain malware, insert affiliate links into webpages and internally damage systems. This list includes some of the most notorious extensions Chrome users should be aware of.

Netflix Party

Designed to allow synchronized media viewing, the Netflix Party extension was actually used for affiliate links. This add-on would track a user’s digital footprint and inject affiliate links into appropriate pages. The owners of this extension can then make a profit based on the user’s browsing history.

Netflix Party 2

Netflix Party 2 was similar to its…

Source…