Tag Archive for: Steal

Attention Android users: A malware posing as McAfee security app can steal your sensitive data

/in


New Delhi,UPDATED: Apr 4, 2024 19:00 IST

Security researchers have found that a trojan malware has been posing as the McAfee security app. The malware only affects Android users, and aims to steal personal data like passwords, credit card details, photos, videos, and other sensitive information. This was first reported by Bleeping Computer.

The trojan malware is reportedly a more powerful version of the Vultur malware. Vultur was among the earliest Android banking malware to incorporate screen recording abilities and include functions like keylogging and interacting with a victim’s device screen. Its primary focus was to target banking apps for keylogging and remote control. The discovery of Vultur was initially made by ThreatFabric in late March 2021.

The malware is being circulated via Google Play Store. Apparently, the malware was first distributed on the Android app store in 2022 and has since been active on the platform.

How does the malware work?

The malware pretty much looks like a promotion message for the MacAfee security app, and it is quite easy to fall for. Usually, an Android user will receive an SMS that will claim to have found an unauthorised transaction in your bank account, urging them to call a provided number for assistance.

When you call that number, users will get connected to the scammers, who will send a follow-up SMS with a link to download a malicious version of the McAfee Security app containing the Brunhilda malware dropper.

By installing this fake app, it will gain access to your device’s ‘Accessibility Services’, which will eventually connect it to the malware’s main server. And once that happens, the attackers can access any information on your device remotely.

How to stay safe from such malware?

To ensure you are safe from such malware, never download any app from random links sent to you. Don’t even download apps off browsers. Only download official apps through the Google Play Store. It is also good to always check reviews and ratings of an app before you download it, which can give you a good sense of the authenticity of the app. Also, always pay attention to the developer details of every app before you download it.

Published By:

Nandini…

Source…

Hackers steal database of Russian convicts to avenge Navalny’s death – media

/in


After Russian opposition leader Alexei Navalny died in prison, a group of anti-Kremlin hackers gained access to the computer network run by the Federal Penitentiary Service (FSVP of Russia) and claimed they had snatched data on hundreds of thousands of prisoners.

This was reported by CNN, Ukrinform reports.

According to hackers, they got hold of the agency’s database, which contains information on approximately 800,000 Russian prisoners, their families and contacts, including data on prisoners held in the colony where Navalny died on February 16.

Hackers posted a photo of the politician alongside his wife Yulia at a political rally on the penitentiary service’s website.

Read also: Canada expanding Russia sanctions over Navalny’s death

The hackers, who claim to be of various ethnic backgrounds, including Russian expatriates and Ukrainians, are sharing the data “in the hope that somebody can contact them and help understand what happened to Navalny,” a hacker claiming to be involved in the breach told CNN.

An analysis by CNN found several duplicate entries in the database, but it still contains information on hundreds of thousands of people. CNN was able to match several names seen in the snapshots shared by hackers with people currently in a Russian prison as per public records.

The group also gained access to the prison’s online store, where families of convicts can purchase food for them, and changed the prices of some goods to just one ruble. This is evidenced by screenshots and videos published by hackers.

Read also: Defense Ministry developing legislative definition for term ‘cyberwarfare’

The group also posted Navalny’s photo on the store’s website. They sent a warning to the administrators of the prison’s online store not to remove the image and went on to destroy one of the servers when the admins failed to heed to the warning.

The hackers “clearly had full blown access to get it all,” says Tom Hegel, who is principal threat researcher at U.S. cybersecurity company SentinelOne. “The amount of images captured and data provided is quite thorough.”

Read also: Ukraine’s counterintelligence exposes 1,700 attempts at…

Source…

I’m a tech expert still in shock at these ways hackers steal your password

/in


Join Fox News for access to this content

Plus special access to select articles and other premium content with your account – free of charge.

Please enter a valid email address.

You’ve probably heard it a million times, right? Keep your passwords strong, unique and under wraps. Don’t go clicking on shady links, and change your passwords like you change your socks. Oh, and let’s not forget about tucking them away in a cozy, encrypted password manager. The advice list is never-ending.

But here’s a kicker. What if you tick all those boxes and your password still ends up in the wrong hands? I know it sounds like we’re going overboard, but it’s a legitimate worry. How can you keep yourself safe from all the password-stealing scams out there and the damage that can potentially come with that?

The truth is, you can never keep yourself 100% safe from anything. But you can try your best. It starts by taking a step back and understanding the ways that your password, emails and usernames could be potentially compromised.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

passwords 1

Illustration of locking up your devices (Kurt “CyberGuy” Knutsson)

The many ways hackers try to steal your password

Theoretically, there are many ways that hackers can go about stealing your password and other login information, especially when it comes to tricking you into giving it to them. But, all the methods go back to the basics. Here are some of the methods hackers employ to steal passwords from innocent people like you and me.

Password spraying: This isn’t always successful, but attackers may attempt to log in to your accounts by trying random common passwords and seeing if anything hits.

Credential stuffing: Hackers test databases or lists of stolen credentials against multiple accounts to see if there’s a match. If you use the same password across different sites,…

Source…

Beware of this ‘dangerous’ Chrome app that can automatically steal your passwords and photos

/in


A team of researchers have found malware that, once installed on any Android device, can automatically steal users’ data like photos, passwords and chats. It is a new variant of MoqHao (also referred to as Wroba and XLoader), which is a well-known Android malware family. Recently, the McAfee Mobile Research Team found that MoqHao has begun distributing this ‘new dangerous’ variant via SMS links.

What makes this malware dangerousAccording to the report, the hackers send a link to download the malicious app via SMS. While a typical MoqHao malware requires users to install and launch the app, this variant requires little execution from the users’ side. When the app is installed, hackers’ malicious activity starts automatically.

The malware disguises itself as ‘Chrome’ that can fool Android users into downloading the app. Once downloaded, the malware requests users to set itself as the default SMS app with prompts in various languages like Hindi, English, French, Japanese and German.

“Also, the different languages used in the text associated with this behaviour suggests that, in addition to Japan, they are also targeting South Korea, France, Germany, and India,” McAfee said.

How this malware worksThe hackers use social engineering techniques to convince users to set this malicious app as the default app. They show messages just like the way a legitimate app would flash. This message is fake and is used to make users believe that they have downloaded a legitimate app.

How to spot the malware-laden Chrome app
This app has an italic ‘r’ and asks users to let the app always run in the background. Google Chrome doesn’t ask for such permission. Furthermore, any link that comes via an SMS is a red flag and must not be clicked.

McAfee said that the company has already reported this technique to Google and the company is “already working on the implementation of mitigations to prevent this type of auto-execution in a future Android version.”

Expand


The Google Chrome app is available to download from Google Play Store and it is advised that users download all apps from the official store. Android users are protected by Google Play Protect, which is on by default on Android devices with…

Source…