Tag Archive for: trick

Ransomware gang’s new extortion trick? Calling the front desk

/in


When a hacker called the company that his gang claimed to breach, he felt the same way that most of us feel when calling the front desk: frustrated.

The phone call between the hacker, who claims to represent the ransomware gang DragonForce, and the victim company employee was posted by the ransomware gang on its dark web site in an apparent attempt to put pressure on the company to pay a ransom demand. In reality, the call recording just shows a somewhat hilarious and failed attempt to extort and intimidate a company’s rank-and-file employees.

The recording also shows how ransomware gangs are always looking for different ways to intimidate the companies they hack.

“It’s increasingly common for threat actors to make contact via telephone, and this should be factored into organizations’ response plans. Do we engage or not? Who should engage? You don’t want to be making these decisions while the threat actor is listening to your hold music,” said Brett Callow, a threat analyst at Emsisoft.

In the call, the hacker asks to speak with the “management team.” Instead, two different employees put him on hold until Beth, from HR, answers the call.

“Hi, Beth, how are you doing?” the hacker said.

After a minute in which the two have trouble hearing each other, Beth tells the hacker that she is not familiar with the data breach that the hacker claimed. When the hacker attempts to explain what’s going on, Beth interrupts him and asks: “Now, why would you attack us?”

“Is there a reason why you chose us?” Beth insists.

“No need to interrupt me, OK? I’m just trying to help you,” the hacker responds, growing increasingly frustrated.

The hacker then proceeds to explain to Beth that the company she works for only has eight hours to negotiate before the ransomware gang will release the company’s stolen data.

“It will be published for public access, and it will be used for fraudulent activities and for terrorism by criminals,” the hacker says.

“Oh, OK,” says Beth, apparently nonplussed, and not understanding where the data is going to be.

“So it will be on X?” Beth asks. “So is that Dragonforce.com?”

The hacker then threatens Beth, saying they will start calling the…

Source…

Beware of encrypted PDFs as the latest trick to deliver malware to you

/in


Russian-backed hackers are using malware disguised as a PDF encryption tool to steal your information. According to the Threat Analysis Group report, COLDRIVER will send victims encrypted PDFs. When the unsuspecting victim replies saying they can’t see the PDF, the group will send a download link that poses as an encryption tool. But it’s really malware.

According to Threat Analysis Group (TAG), which is a specialized team within Google that focuses on identifying and countering various security threats, COLDRIVER primarily deals with phishing attacks. So this new malware-based attack is relatively new territory for the group.

 

COLDRIVER’s backdoor malware attack

The attack itself is pretty simple. As previously mentioned, attackers will send an encrypted PDF and then a malware-loaded “encryption tool” once the victims respond. That “encryption tool” will even display a fake PDF document to really sell the ruse. However, it’s really backdooring a piece of malware called Spica into your device.

Spica will steal cookies from Google Chrome, FireFox, Edge and Opera in order to get your information. Google says it’s been in play since September 2023. However, there are instances of COLDRIVER dating back to 2022.

Google says it’s added all domains, websites and files involved in the attacks to its Safe Browsing service. The company has also notified targeted users that they were at risk of an attack.

MORE: HOW CRYPTO IMPOSTERS ARE USING CALENDLY TO INFECT MACS WITH MALWARE 

 

How to protect yourself

1) Don’t download bootleg software: It’s not worth the risk to download bootleg software. It exposes your device to potential security threats, such as viruses and spyware.  If someone emails you a link for a download, make sure it’s from a reputable source and scan it. Downloading software from reputable app stores is definitely the way to go to protect your devices.

2) Don’t click on suspicious links or files: If you encounter a link that looks suspicious, misspelled, or unfamiliar, avoid clicking on it. Instead, consider going directly to the company’s website by manually typing in the web address or searching for it in a trusted search engine….

Source…

Sinister AI ‘eavesdropping’ trick lets ‘anybody read private chats’ on your Android or iPhone, security experts reveal

/in


CYBERCRIMINALS can spy on users’ conversations with artificial intelligence-powered chatbots, experts have warned.

Ever since ChatGPT came out in November 2022, cybersecurity experts have been concerned with the technology.

Criminals can spy on users’ conversations with AI chatbotsCredit: Getty

ChatGPT is an advanced chatbot that can seamlessly complete tasks like writing essays and generating code in seconds.

Today, several chatbots function like ChatGPT, including Google’s Gemini and Microsoft’s Copilot within Bing.

The chatbots are easy to use, and many users quickly get captivated into conversations with the natural-language companions.

However, experts have expressed concerns over users sharing personal information with AI chatbots.

ChatGPT can collect highly sensitive details users share via prompts and responses.

It can then associate this information with a user’s email address and phone number, and store it.

That’s because to use the platform, users need to provide both an email address and mobile phone number.

Users cannot bypass this by using disposable or masked email addresses and phone numbers.

Most read in Phones & Gadgets

As a result, ChatGPT is firmly tied to your online identity as it records everything you input.

What’s more, this private data can also be obtained by cybercriminals if they are keen enough.

ChatGPT creator reveals more creepy videos after announcing major change & fans are shocked by ‘cyborg’ German Shepherd

“Currently, anybody can read private chats sent from ChatGPT and other services,” Yisroel Mirsky, the head of the Offensive AI Research Lab at Israel’s Ben-Gurion University, told Ars Technica in an email.

“This includes malicious actors on the same Wi-Fi or LAN as a client (e.g., same coffee shop), or even a malicious actor on the internet — anyone who can observe the traffic.”

This is known as a “side-channel attack,” and it can be very dangerous for victims.

“The attack is passive and can happen without OpenAI or their client’s knowledge,” Mirsky revealed.

“OpenAI encrypts their traffic to prevent these kinds of eavesdropping attacks, but our research shows that the way OpenAI is using encryption is flawed, and thus the content of the…

Source…

I’m a security expert – delete ‘invasive’ apps silently spying on your iPhone and Android using my settings trick

/in


CYBERSECURITY experts have warned about invasive apps that can infiltrate your phone and steal your data.

Malicious invasive apps can easily compromise both Android and iOS devices.

Cybersecurity experts have warned about invasive appsCredit: Getty

WHAT ARE INVASIVE APPS?

Invasive apps are software that use a phone’s permission settings to spy on its user by accessing the phone’s camera, microphone, and more.

What’s more, these apps look like legitimate apps, “yet they have an ulterior motive,” security software company McAfee said in a blog post.

They are similar to spyware, except that spyware is malware that enables a hacker to obtain information about another’s computer activities.

“Both invasive apps and mobile spyware snoop on you and your phone, yet invasive apps work differently than mobile spyware. Invasive apps use a phone’s built-in functionality to spy and gather information on you,” McAfee explained.

A telltale sign of an invasive app is when the app asks for permissions it doesn’t need.

For example, if a flashlight app wants access to your microphone, that’s probably a red flag.

“The tricky bit with invasive apps is that many people quickly click through the user agreements and permission screens when they get a new app,” McAfee said.

HOW TO STAY SAFE

There are a number of ways to protect your device from invasive apps.

For starters, check your mobile device’s permission settings and manage anything that looks fishy.

For iPhone, go to Settings > Privacy & Security, then tap Safety Check > sift through apps’ permissions.

On your Android device, open Settings > select apps > tap the app you want to change > tap Permissions.

You can also run an antivirus or antimalware software on your device to run a security check.

Along with enabling security software, keeping your phone’s operating system up to date can help keep it protected.

You should also avoid downloading any suspicious-looking apps – especially if they’re only available outside of your device’s official app store.

Source…