Tag Archive for: stealing

Delete this malicious extension and stop hackers from stealing your Gmail messages

/in


A cybercriminal threat group from North Korea is using a malicious Chrome extension to steal Gmail emails, according to a report released by Bleeping Computer. Let’s dive into how they’re doing this and the steps you should take right now to protect yourself. 

The group, which uses the name Kimsuky, has been known to use spear phishing for cyber-espionage in attacks targeting people with high-profile jobs, such as diplomats, journalists, government agencies, politicians and university professors. According to the Director of National Intelligence, “spear phishing is a type of phishing campaign that targets a specific person or group and will often include information known to be of interest to the target, such as current events or financial documents.” 

CLICK TO GET KURT’S CYBERGUY NEWSLETTER WITH QUICK TIPS, TECH REVIEWS, SECURITY ALERTS AND EASY HOW-TO’S TO MAKE YOU SMARTER 

The attack starts with a phishing email that urges potential victims to install a Chrome extension known as AF, which can also be installed in Microsoft Edge, Brave and other Chromium-based browsers.  Once installed, AF immediately begins stealing the contents of emails from your Gmail account. 

Here's what to know about keeping your Gmail messages safe from hackers.

Here’s what to know about keeping your Gmail messages safe from hackers. (CyberGuy.com)

BEWARE OF NEW MACSTEALER MALWARE THAT CAN STEAL YOUR ICLOUD KEYCHAIN DATA AND PASSWORDS 

Once your Gmail account is taken over by AF, Kimsuky uses Google Play’s web-to-phone synchronization feature for installing apps from your computer onto your smartphone to infect victims’ phones with Android malware. This allows hackers to drop, create, delete or steal files as well as retrieve your contacts, make calls, send text messages, turn on your camera and more. 

Beware, because in addition to this AF malware, Kimsuky has a variety of Android malware on the market, including other programs called FastViewer, Fastfire or Fastspy DEX.  These programs are disguised as plug-ins for security as well as for viewing documents. 

What can I do to prevent this from happening to me? 

1) The first thing to remember is to never click on a suspicious email. If you open a phishing email by accident, do not click on any links embedded…

Source…

How to check if someone is stealing your Wi-Fi and what to do about it

/in


Have you noticed your Wi-Fi is slowing down? Or are you worried at all about neighbors or a potential hacker getting into your network to steal your Internet? 

Even if your neighbor is just “borrowing” your Wi-Fi, having anyone on your network could be potentially dangerous to you and your privacy. Read on to see how to find out if someone is stealing your Wi-Fi and what to do about it. 

Is someone stealing your Wi-Fi? 

What are the dangers of someone stealing your internet connection? 

Kurt Knutsson 

Kurt Knutsson 
(CyberGuy.com)

No matter how benign it may seem for someone else to be on your Wi-Fi network, it’s not good. 

HOW TO KEEP YOUR SMART TV SAFE

Your connection slows down for every device added. If someone gets into your Wi-Fi network and uses it for streaming, gaming or anything else that uses a lot of data, your connection is sure to slow even more. 

They also may have access to files saved on your devices that are connected to that Wi-Fi, plus more experienced hackers can end up getting into the devices that are on the network. That means the information you input is no longer secure or private. 

You are also losing out on the Wi-Fi connection you pay good money for if someone else is stealing that connection. 

How to check if someone is on your Wi-Fi 

To avoid all of the issues above, be sure to check if someone is on your network. 

HOW FLORIDA COLLEGE STUDENTS TRACKED ELON MUSK’S JET

This first step works out if you don’t have too many devices connected to your Wi-Fi router. If you have five or fewer devices on your Wi-Fi, this is a good method. You can do it with more devices, but after following these steps, you may have to log back into the Wi-Fi network afterward so the more devices you have connected the longer that might take.   

Having anyone on your network could be potentially dangerous to you and your privacy.

Having anyone on your network could be potentially dangerous to you and your privacy.
(CyberGuy.com)

1) Unplug your devices and check the router 

First, you can unplug all of the devices you have connected to the Wi-Fi (like an Alexa). 

Then turn off Wi-Fi on any others so that you don’t connect to the internet with a plug, like your phone, tablet and computer. 

Then, check your router to see if there’s any activity…

Source…

The Rise of Info Stealing Malware

/in


Cybercrime
,
Cybercrime as-a-service
,
Cyberwarfare / Nation-State Attacks

Also: Holiday Cybercrime Defense; Palo Alto’s New Acquisition

Anna Delaney (annamadeline) •
November 25, 2022    

Clockwise, from top left: Anna Delaney, Mathew Schwartz, Michael Novinson and Tom Field

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity and privacy issues, including advice for security leaders and their teams on strengthening off-hours defenses during the holiday season, emerging cybercrime trends in 2022, and Palo Alto’s first big M&A since early 2021.

See Also: Live Webinar | How To Meet Your Zero Trust Goals Through Advanced Endpoint Strategies



The panelists – Anna Delaney, director, productions; Mathew Schwartz, executive editor of DataBreachToday and Europe; Michael Novinson, managing editor of business; and Tom Field, senior vice president, editorial – discuss:


  • Highlights from an interview with Sam Curry of Cybereason who shares recommendations to security leaders to bolster off-hours defenses as we enter the holiday season;


  • Two emerging cybercrime trends of 2022; a surge in data stealing malware and cryptocurrency-targeting attacks;

  • How Palo Alto Networks will make its first major acquisition in nearly two years, scooping up application security startup Cider Security for $250 million.

The ISMG Editors’ Panel runs weekly. Don’t miss our previous installments, including…

Source…

New parasitic malware found to be stealing digital assets from scammers

/in


Analysts at Trend Micro have uncovered malware that latches onto scam websites belonging to digital asset fraudsters. Called Water Labbu, the malware has been identified to have affected over 45 scam websites, stealing $316,000 in what was described as a thief stealing from thieves.

The modus operandi of the malware is parasitic, as it poses as a decentralized application (DApp) to gain access to digital assets. The report notes that it does this by “injecting malicious JavaScript code” and sending a request after identifying that a wallet has a sizable amount of digital assets.

“The request is disguised to look like it was being sent from a compromised website and asks for permission (token allowance) to transfer a nearly-unlimited amount of USD Tether (USDT),” read the report.

The scammers are misled to believe that a DApp issued the request, often failing to read through the details. In reality, the granted permission belongs to an address controlled by Water Labbu, which is used to drain the funds from the victim’s wallet.

Water Labbu’s method of pilfering digital assets differs from the usual method used by scammers. Scammers are known to use social engineering tactics like building trust over several months to fleece victims of their virtual currencies.

However, the bad actors behind Water Labbu do not have to build fraudulent investment websites. Instead, they inject malicious Javascript code into websites belonging to other scammers.

Malware is the bane of digital assets industry

A Chainalysis report submitted that malware was the sole culprit for 75% of hacks in the industry since 2017, with even low-level cybercriminals employing them in their schemes. Cyble Research Labs drew attention to malware spreading through YouTube known as Pennywise, which was embedded in a free block mining software as part of a free BTC mining tutorial.

The malware was reported to attack wallets holding Zcash (ZEC) and Ethereum (ETH), even targeting cold digital asset wallets. At the start of the year, a pirated copy of “Spider-Man: No Way Home” was revealed to be the primary source of a Monero mining malware responsible for latching onto the personal computers of…

Source…