Security News – Malware Board

Jan 17

List of most secure browsers

Internet plays main role in making the idea of the Globalization where the whole world belong to a family. This platform offers products, services, entertainment, and information. It has major role in making the communication much faster than that before. But at the same time, it gives birth of scammers, hackers, and identity thieves. Their never ending growth of cybercrime, data breaches, and inappropriate data tracking cases are the most serious concern to the online security. Since Web Browser is a main tool that you use doing several online activities, so our discussion will be focused on different browsers. Let’s do a detail comparative discussion and come to the conclusion which one will be the secure browser for the year 2019. Less popular browser s claim them to enhance web experience Nowadays, many choices available for users to choose whether the popular browsers or the less popular but promising better Read more

Jan 12

MongoDB database exposed online CV of 202 million Chinese job seekers

“MongoDB, a NoSQL cross-platform database that keeps documents is hosted by America server was exposed online and contained CVs of over 202 million Chinese job seekers”, revealed by Bob Diachenko from HackenProof. Once can guess what the CV contains, highly sensitive information including names, date of birth, phone, number, emails, home address, driver license, working experience, skill, hobby etc. The database contained 202,730,434 records having size of around 854.8 GB. The worst part is that, the exposed CVs was unprotected and therefore, anyone can easily view reached to it easily on Internet. Currently, the data has been secured. Cybersecurity researchers founded 12 IP accessed to the before removing the database. It is not exactly known who the attackers were. What causes the huge data gathering? Cybersecurity researchers at the time when noticed IP addresses of remote server, they tried to contact their author but they were not succeed in connecting Read more

Jan 10

ETC blockchain recoghnizaion attack cause $1.1M loss in double spends

Coinbase, a cryptocurrency exchange announced at the beginning of this month that the apparent ETC blockchain recognization attack has been accompanied by around half a million dollars in double spends. From the post: On 1/5/2019, Coinbase detected a deep chain reorganization of the Ethereum Classic blockchain that included a double spend. In order to protect customer funds, we immediately paused movements of these funds on the ETC blockchain. At the time of writing, it had been identified at least 9 reorganizations containing double spends, that means, these double spends total sum up to 88,500 ETC or $460,000 at current prices. And it is not a one- time event, so the attacks are apparently going on. Post from the Firm: We observed repeated deep reorganizations of the Ethereum Classic blockchain, most of which contained double spends. The total value of the double spends that we have observed thus far is 88,500 Read more

Jan 08

GandCrab Operators use Vidar Infostealer to steal personal details

Cyber criminals behind GranCrab revive a latest version of the ransomware (GranCrab 5.04 ransomware) by adding Vidar Infostealer (a huge-risk Trojan virus) in the process for distributing the ransomware piece. The vidar Infostealer helps the cyber criminals in increase their benefits by stealing sensitive data before encrypting the computer files. Deep analysis Cybersercurity researchers found that Fallout Exploit Kit was used to spread the Infostealer called Vidar. According to them, bad actors use a rogue advertising domain. Visitors of this domain are redirected to the exploit Kit (EK). The Fallout pushed Vidar that work as a malware dropper and in this case the malware was GranCrab ransomware, said the Jerume Segura of Malwarebytes. Vidar is a commercial threat available for $700. It helps in stealing passwords and forms from web browsers. It collects specific information like payment card numbers, or credentials stored in various application. It can infiltrate malware and Read more

Jan 05

Paypal phishing campaign; malicious actors discloses banking details

Bad actors get activate on Christmas Eve, so it is nothing a new news however another incident of scam. This time, an unknown actors used an account named @PaypalChristm which pretended to be an official paypal account tweeted on the famous ‘twitter’ that there is chance of to win prizes just via confirm paypal account. For your information, PayPal is a multi billion company that has 244 million users. It has asset of worth more than $40 Billion. And, the Twitter is one of the most popular social networks with 335 million users worldwide. Malicious actors used the industry giant’s name to infect computers with malware or to collect confidential data by using scam campaign. Details about the paypal phishing scam campaign During the Christmas period, an elaborate tweet was reported on the famous social site the Twitter from an account named @PaypalChristm which camouflaged to be an official PayPal Read more

Jan 03

Increasing number of Data breaches, hacks struck the cyber community

“Cyber security problems” is a serious topic that should be discussed to mark the reasons that caused major data breaches in the year 2018. Cybersecurity experts do their best to keep save huge companies, businesses or even governments from cyber attacks. However, they get walloped by seeing the huge increasing in data breaches, hacks in that year as well. Major attacks in 2018 2018 became the witnesses of have various institutions, different industries or businesses data breaches. Cyber criminals often attack people in their worst conditions like Tsunamis or hurricane. Some of the major attacks that happened in year 2018 are: 87M users Facebook users’ data breach Cambridge Analytica firstly exposed about this. It was an issue where the unknown malicious actors targeted the famous social site the Facebook and collected information about millions of social platform users. It came in the social media officials on 25th of September according Read more

Dec 31

Hackers managed to earn almost $1M by using fake version of Electrum Wallet

Since 21st of December, a hacker or group of hackers managed to earn 250 BTC (about $937, 000) by the attack launching against the Electrum bitcoin wallet. The hackers successfully steal such a big amount of money through creating a fake version of Electrum users’ device that urge users into download the updated version by fool them into providing password information. Electrum also confirmed that and said that the attack happened due to a fake version of Wallet used by the hackers behind this. “Our official website is https://electrum.org[.] Do not download Electrum from any other source,” the tweet continued.” Attack initiated with fake version of the Wallet According to a Reddit useru/normal_rc, the hacker/ group of hackers setup up a whole bunch of malicious servers. “If someone’s Electrum Wallet connected to one of those servers, and tried to send a BTC transaction, they would see an official-looking message telling Read more

Dec 28

New York Investigation; Facebook gave users’ data to 60 companies giants including Apple, Amazon

New York Time investigation putted an allegation on the Facebook that the company had a partnership with various technology companies or online services. The technology giant like Spotify, Netflix, Microsoft, Apple, The Royal Bank of Canada and companies were given the access to read and write private messages, view users’ name, calendar entries and similar data without users’ approval. Recently, the company had admitted that that was happened but without their consent. As the New York Times has reported, different companies’ giant had different access to users’ data and private information. Facebook allows Microsoft search engine to see users’ friend names and other personal information. The company permitted Apple to view Facebook users’ contact and calendar entries no matter the data sharing feature is on or off. Netflix, the Royal Bank of Canada were given the access to write and read users’ private Facebook messages. Facebook gave Amazon users’ name Read more

Dec 25

Another Data breach incident; Click2Gov’s 300 000 users get affected

Click2Gov was found to be dealing with yet another data breach. This time, cybersecurity experts’ team called Gemini revealed this as a result of the headlines that payment system got hacked in various U.S cities. Around 46 cities felt the consequences of this attack. Among them, the widely affected cities are: Texas; Saint Petersburg; Florida; California; Laredo; Topeco Vulnerabilities in the Click2Gov payment software caused the data theft Click2Gov is a widely used payment technology that offers up-to-date, online views of customer utility accounts, and provides several convenient payment options. Around 294,929 users’ payment records get stolen by this attack. According to the report, the cyber criminals behind this attack have been selling the records on the Dark Web for $10 each. At present, they managed to earn a surprising amount of around $1.7 million. The cyber criminals gained the debit and credit card credentials, usernames, surnames and passwords. The Read more

Dec 17

Operation Sharpshooter- a new scam campaign hits global infrastructure

A new malware campaign whose distributers claims them to be a recruit person has impacted multiple organizations including nuclear energy, defense, finance, telecommunications, health care and other sectors. The McAfee Advanced Threat Research team and McAfee Labs Malware Operation Group have discovered this and named it as “Operation Sharpshooter”. The Operation Sharpshooter- deep analysis Operation Sharpshooter is a global email scam campaign targeting various industries masquerading as a job recruitment activity. McAfee security team was the first who revealed this global email scam campaign that targets nuclear, defense, energy and other financial companies. The Operation sharpshooter actors send these emails. These emails have attached Word document with weaponized macros. Recipients are coercing into believing that the emails are coming from genuine source (legitimate senders’ address). However, once clicked on the Word document for downloading, automatically a shell code starts running that inject Sharpshooter downloader into the memory of word. The Read more