Tag Archive for: unleash

Russia-backed hackers unleash new USB-based malware on Ukraine’s military

/in


Russia-backed hackers unleash new USB-based malware on Ukraine’s military

Getty Images

Hackers working for Russia’s Federal Security Service have mounted multiple cyberattacks that used USB-based malware to steal large amounts of data from Ukrainian targets for use in its ongoing invasion of its smaller neighbor, researchers said.

“The sectors and nature of the organizations and machines targeted may have given the attackers access to significant amounts of sensitive information,” researchers from Symantec, now owned by Broadcom, wrote in a Thursday post. “There were indications in some organizations that the attackers were on the machines of the organizations’ human resources departments, indicating that information about individuals working at the various organizations was a priority for the attackers, among other things.”

The group, which Symantec tracks as Shuckworm and other researchers call Gamaredon and Armageddon, has been active since 2014 and has been linked to Russia’s FSB, the principal security service in that country. The group focuses solely on obtaining intelligence on Ukrainian targets. In 2020, researchers at security firm SentinelOne said the hacking group had “attacked over 5,000 individual entities across the Ukraine, with particular focus on areas where Ukrainian troops are deployed.”

In February, Shuckworm began deploying new malware and command-and-control infrastructure that has successfully penetrated the defenses of multiple Ukrainian organizations in the military, security services, and government of that country. Group members seem most interested in obtaining information related to sensitive military information that could be abused in Russia’s ongoing invasion.

This newer campaign debuted new malware in the form of a PowerShell script that spreads Pterodo, a Shuckworm-created backdoor. The script activates when infected USB drives are connected to targeted computers. The malicious script first copies itself onto the targeted machine to create a shortcut file with the extension rtf.lnk. The files have names such as video_porn.rtf.lnk, do_not_delete.rtf.lnk, and evidence.rtf.lnk. The names, which are mostly in the Ukrainian language, are an attempt to entice…

Source…

New Entrants to Ransomware Unleash Frankenstein Malware

/in


Fraud Management & Cybercrime
,
Ransomware

Opportunistic, Less Sophisticated Hackers Test Limits of the Concept of Code Reuse

Mathew J. Schwartz
(euroinfosec)


June 9, 2023    

New Entrants to Ransomware Unleash Frankenstein Malware
Image: maraisea/Pixabay

Ransomware hackers are stretching the concept of code reuse to the limit as they confront the specter of diminishing returns for extortionate malware.

See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm

Users are more reluctant to pay even as opportunistic entrants, perhaps less sophisticated than their predecessors, join the market and show less willingness to abide by the ransomware trade-off: money for system restoration.

At the beginning of the year, experts who work with victims and track the cybercrime ecosystem, including via cryptocurrency flows, reported seeing fewer ransoms being paid and less being paid on average when victims did pay.

Cyber insurer Corvus reported that the percentage of its policyholders who paid a ransom dropped from 33% in 2021 to 28% in 2022. Ransomware incident response firm Coveware reported that for victims it assisted, 41% shelled out in 2022 versus 79% in 2019.

That constricting market – the result of hardening attitudes toward mainly Russian extortion groups and cyber defender activity – isn’t deterring new actors from attempting to cash in on the shrinking bonanza. In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups, cobbling together ransomware rather than going through the trouble of coding bespoke crypto-locking software.

Call it Frankenstein ransomware, said Allan…

Source…

Concerns as cybercriminals unleash SMS-based Android malware — Nigeria — The Guardian Nigeria News – Nigeria and World News

/in


Data services push MTNN revenue to N1.7tr in 2021, as the firm pays N669.2b taxes

Nigerian Communications Commission (NCC) has alerted Nigerians on a new high-risk Short Messaging Service-based malware, TangleBot, infecting Android mobile devices.

TangleBot employs more or less similar tactics as the recently announced notorious FlutBot SMS Android malware that targets mobile devices. TangleBot equally gains control of the device but in a far more invasive manner than FlutBot.

The disclosure was made in a recent security advisory made available to NCC’s New Media and Information Security Department by the Nigerian Computer Emergency Response Team (ngCERT).

TangleBot is installed when an unsuspecting user clicks on a malicious link disguised as COVID-19 vaccination appointment-related information in an SMS message or information about fake local power outages that are due to occur.

NCC explained that the aim behind both or either of the messages (on COVID-19 or impending power outages) is to encourage potential victims to follow a link that supposedly offers detailed information. Once at the page, users are asked to update applications such as Adobe Flash Player to view the page’s content by going through nine dialogue boxes to give acceptance to different permissions that will allow the malware operators to initiate the malware configuration process.

According to the commission, the immediate consequence is that TangleBot gains access to several different permissions when installed on a device, allowing it to eavesdrop on user communications. The malware then steals sensitive data stored on the device and monitors almost every user activity, including camera use, audio conversations, and location, among others.

Furthermore, the malware takes complete control of the targeted device, including access to banking data, and can reach the deepest recesses of the Android operating system.

“The NCC, therefore, wishes to, once again, urge millions of telecom consumers to be wary of such wiles of cybercriminals, whose intent is to defraud unsuspecting Internet users.”

To ensure maximum protection for Internet users in the country, ngCERT has offered a number of preventive…

Source…

Google Home: Try these other mobile apps to unleash its full power

/in


google-home-nest-mini-1529

Google Home only requires one app, but several others can come in handy as well.


James Martin/CNET

If you dig around in the Google Home ecosystem for long enough, you’ll discover the Google Home app alone doesn’t handle everything you want to do with your smart speakers. Tons of great features require you to download even more Google apps, like Google Assistant and even Gmail, but there’s nothing in the Google Home app to let you know about those apps.

To make matters more confusing, there are some apps you might think you need but either you actually don’t or you do, just not for the reasons you think. Rest assured; I’m going to sort it all out for you.

I’ll show you which app you absolutely need, which ones aren’t critical but definitely worth having and, finally, which one you can leave on the app store shelf (unless, of course, you need it for a different reason than setting up your smart speakers).

img-2598

If you want to set up a morning routine, you’ll want to use the Google Home app to do it.


Dale Smith/CNET

The Google Home app does almost, but not quite, everything

Everyone needs to download the Google Home app to set up their Google-branded smart speakers, so it’s by far the most ubiquitous of these apps. The Google Home app is the one you’ll use the vast majority of the time when you need to accomplish something you can’t easily handle with voice commands. For example, you need the app to create custom commands or routinesorganize your smart home into rooms or create speaker groups for playing music across your whole house.

It’s also incredibly useful as a…

Source…