Tag: targeting | Page 26

Sophos research: Hackers targeting Discord platform

August 4, 2021/in Computer Security

Cybercriminals are increasingly using the popular chat platform Discord to distribute and control malware targeting users of the service, new research by next-generation cybersecurity company Sophos has found.

According to researchers from the company, malware is increasingly targeting the Discord chat platform, and the misuse of Discord has grown substantially over the last year. The cyberthreats uncovered by the researchers include information-stealing malware, spyware, backdoors, and ransomware resurrected as “mischiefware”.

The findings are based on an analysis by Sophos researchers of more than 1,800 malicious files detected on Discord’s content management network (CDN). Among other things, the research reveals how the number of URLs hosting malware on the network during the second quarter of 2021 increased by 140% compared to the same period in 2020.

Sean Gallagher, senior threat researcher at Sophos said “Discord provides a persistent, highly-available, global distribution network for malware operators, as well as a messaging system that these operators can adapt into command-and-control channels for their malware – in much the same way attackers have used Internet Relay Chat and Telegram. Discord’s vast user base also provides an ideal environment for stealing personal information and credentials through social engineering.”

“We found one malware that can steal private images from the camera on an infected device, as well as ransomware from 2006 that the attackers have resurrected to use as ‘mischiefware’. The mischiefware denies victims access to their data, but there’s no ransom demand and no decryption key,” said Gallagher.

“Further, adversaries have caught on that companies increasingly use the Discord platform for internal or community chat in the same way they might use a channel like Slack. This provides attackers with a new and potentially lucrative target audience, especially when security teams can’t always inspect the Transport Layer Security-encrypted traffic to and from Discord to see what’s going on and raise the alarm if needed.”

The investigation into malicious content linked to Discord found the following:

1. The malware is often…

Source…

42 million malicious programs detected targeting China in 2020, mostly from US and India: report

July 22, 2021/in Computer Security

Cyber theft Photo: Xinhua

China has captured more than 42 million malicious program samples in 2020, with an average daily spread of more than 4.82 million times. The overseas sources of these malicious program samples were mainly the US and India, according to the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) on Wednesday.

This report comes as the US and its allies ramp up efforts to turn cyberspace into a new battlefield by groundlessly accusing China of conducting cyberattacks worldwide. Such groundless accusations will not change the fact that the US remains the world’s top spying empire with widespread malfeasance in cyberspace, observers said.

About 55.41 million IP addresses in China were attacked by malicious programs, accounting for 14.2 percent of the total number of IP addresses in the country. These attacked IP addresses are mainly based in East China’s Shandong, Jiangsu, Zhejiang and South China’s Guangdong, the report said.

Over the years China has been a major victim of cyberattacks. According to the annual report by CNCERT/CC, in 2020 about 5.31 million hosts on the Chinese mainland were controlled by a total of about 52,000 overseas malicious program command and control servers. The top three origins of these overseas servers in terms of the number of compromised Chinese hosts are all from NATO member states, according to a statement from the Chinese Mission to the European Union (EU) in response to the accusations.

The Global Times learned from Chinese tech giant 360 Security Technology last year of a series of attacks against China’s aerospace, scientific research institutions, petroleum industry and large-scale internet companies by a hacking organization affiliated with the CIA. The company found proof that the hacking group, APT-C-39, belongs to the CIA, and the hack was traced back to 2008, mainly targeting organizations in Beijing, South China’s Guangdong and East China’s Zhejiang provinces.

Global Times

Source…

McAfee sees surge in mobile malware targeting COVID-19 vaccines | 2021-07-01

July 1, 2021/in Mobile Security

McAfee sees surge in mobile malware targeting COVID-19 vaccines | 2021-07-01 | Security Magazine

Source…

A Year of Lockdown Sees a Surge in Mobile Malware Targeting Banking, Billing and COVID-19 Vaccines

June 28, 2021/in Computer Security

SAN JOSE, Calif.–(BUSINESS WIRE)–Today, McAfee’s Advanced Threats Research team released its Mobile Threat Report 2021, which found hackers are using fake apps, Trojans and fraudulent messages to target consumers. Last year, McAfee revealed that hidden apps were the most active mobile threat facing consumers. But following a year of lockdowns and a surge in time spent online and on devices, fraudsters are capitalising on this with more approaches. With most of the world still anxious about COVID-19 and demand for vaccines high, McAfee’s research sheds light on how hackers are targeting these fears with bogus apps, text messages, and social media invitations.

“The pandemic changed the way consumers live, meaning hackers have adapted to switch up the various methods they use to target consumers. With more people connected online than ever before, we want to make sure we are doing everything possible to help refocus consumer’s digital mindsets to protect what matters to them and their friends and family – their personal data,” Judith Bitterli, Senior Vice President, Consumer Business Group at McAfee. “Mobile threats remain prevalent in our world and as fraudsters use more advanced methods, this will only continue. We aim to support consumers in safeguarding their personal devices and more importantly, personal data.”

Over the past year, the vaccine rollout has advanced at different rates across the globe, providing plenty of opportunities for hackers. McAfee Advanced Threat researchers found that hackers are hiding malware and malicious links inside fakes vaccination appointments and registration display ads. These have the potential to download malware onto a person’s device that displays unwanted ads, as well as activating accessibility features to give the hacker full device control, with the goal of stealing banking details and credentials. According to the research, some of these campaigns worryingly started as early as November last year, before any vaccines had officially been approved, while others continue to appear as countries roll out their vaccination programmes in the fight against COVID-19.

“We’ve seen how the pandemic not only led…

Source…

Tag Archive for: targeting