Tag Archive for: Steal

Android malware posing as Google Chrome could steal your photos, contacts, and more — how to spot the fake

/in


An updated version of the XLoader malware for Android devices doesn’t require any user interaction to launch once installed, according to researchers at McAfee (via BleepingComputer). Of course, you still need to click the malicious link in an SMS message to download and install the malware, but this XLoader variant doesn’t require users to manually launch the malware anymore.

Right now, the malware is being distributed through SMS texts on Android devices. If you’re targeted, the SMS text will include a shortened URL that, if clicked on, will direct you to a website to download an Android APK installation file for a mobile app.  McAfee says that, “While the app is installed, their malicious activity starts automatically.”

Source…

A Malware Found on Android Apps Can Steal and Monitor All User Activities

/in


A malware named VajraSpy has been found in more than 12 mobile applications. It is known as Remote Access Trojan (RAT) and about 6 applications from Google Play have been affected by it. Google has immediately removed those apps from Play Store but they are still available as third party apps on the internet, as reported by WeLiveSecurity and ESET. Most of these applications are related to messaging and news. When these apps affected by RAT are installed, your device immediately gets malware and the apps can easily steal your personal information, private data and can even record your phone calls. It can also automatically turn on your front camera and monitor you. It can automatically obtain all the permissions on your mobile phone and can then do surveillance and monitoring of the user, from their notifications to messages and images.

Researchers from ESET were the first ones to report this virus and the PatchWork APT group is behind this and they have been targeting people in Pakistan since 2015. In 2022, this group accidentally unveiled their own malware campaign and they were using Ragnatela RAT for spreading the virus. ESET researchers also found the applications that had the same VajraSpy Code. These applications included Rafaqat, which is a news app. The other applications were related to messaging namely, Privee Talk, MeetMe, Let’s Chat, Quick Chat and ChitChat. The apps that are affected by VajraSpy but are available outside of Google Play are Hello Chat, Yahoo Talk, TikTalk, Nidus, GlowChat and Wave Chat. All of these apps are messaging apps.

As third-party websites do not mention the number of people who have downloaded apps from them, we cannot say anything about how many people have been affected by that virus. ESET has said that most of the victims are from India and Pakistan and they have been tricked into installing these applications. Google Play is introducing a new policy that will make it hard for apps with malware to be on the platform. Till then, people shouldn’t download apps recommended by people they don’t know.

VajraSpy malware infiltrates 12+ mobile apps, including Google Play, posing severe privacy threats.

Photo: Digital Information World – AIgen

Read next: Google Has Removed the Cache Link From its Search Engine Results, Cache Operator will…

Source…

Data Breach: Hackers Steal Information from Carnegie Mellon University |

/in


The US-based Carnegie Mellon University (CMU), which is known for its top tech and computer science programs, recently announced being hit by a cyberattack. The university, located in Pittsburgh revealed that in August 2023, hackers stole data from the educational institution. In a statement to KDKA-TV (spotted by CBS News), a CMU spokesperson said that this breach at the university’s computer systems has compromised the personal information of more than 7,300 people.
The report also notes that a third party accessed files of the university which included personal information.The people possibly impacted are current or former students, employees, applicants and contractors, the report added. As per the report, those who were impacted have been notified and the university is offering them credit monitoring services through Experian.

Read what CMU has to say

“On August 25, 2023, the Information Security Office at Carnegie Mellon University detected suspicious activity on a university computer system. A third party briefly accessed files which included some personal information of current or former students, employees, applicants or contractors. Our information security office secured the system within hours of detection and quickly engaged law enforcement. The university recently concluded its full investigation of the breach and sent notification to anyone whose information may have been compromised. There is no evidence of fraud or inappropriate use of the information from those files. Out of an abundance of caution, CMU is offering credit monitoring and other services through Experian for anyone who may be impacted. A total of 7,343 people received notifications.”Cyberattacks targeting colleges and universities around the world have increased with time. In 2023, several educational institutions across the world were attacked by cyber criminals.
According to the data by market research company KonBriefing, cyberattackers targeted institutions in four different countries in December itself. This includes universities from Canada, Austria, Lithuania and Australia.
The Times of India Gadgets Now awards: Cast your vote now and pick the best phones, laptops and other gadgets of…

Source…

Courts service “PWNED” in Australia, as hackers steal sensitive recordings of hearings

/in


Hackers are believed to have successfully accessed several weeks’ worth of sensitive video and audio recordings of court hearings, including one made at a children’s court where the identities of minors are supposed to be particularly critical to protect.

The ransomware attack happened on the computer systems of Victoria’s Court Service in Australia, and is believed to have extended from 1 November 2023 until the network compromise was detected nearly two months later on 21 December.

The first that staff knew about the issue was when they were locked out of the PCs in the run-up to Christmas, with messages reading “YOU HAVE BEEN PWNED” appearing on their computer screens.

Media reports describe how staff were directed to instructions that pointed them to the dark web in order to make ransom payments if they did not want stolen data to be published.

Court Services Victoria (CSV) declared to share details of who might be responsible for the cybersecurity breach, but commentators have pointed the finger of suspicion at the Qilin (also known as Agenda) ransomware-as-a-service group.

However, at the time of writing, the latest claimed victim announced on Qilin’s extortion blog is Serbian energy company EPS – reportedly hit by a ransomware attack before Christmas.

In an FAQ published on its website, CSV shared some limited details of its “cyber incident” which saw unauthorized access to its audio-visual in-court technology network, and admitted that it was possible that some hearings before 1 November are also affected – including the children’s court case which was held in October 2023.

Amongst those hit were the the Supreme Court, with recordings from the Court of Appeal, the Criminal Division, the Practice Court, and two regional hearings in November potentially accessed.

“Maintaining security for court users is our highest priority.  Our current efforts are focused on ensuring our systems are safe and making sure we notify people in hearings where recordings may have been accessed,” said CSV CEO Louise Anderson. “We understand this will be unsettling for those who have been part of a hearing.  We recognise and apologise for the distress that this may cause people.”

No other court systems…

Source…