HackDig : Dig high-quality web security articles for hacker

IT threat evolution Q2 2019

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added a backdoor to the utility and then distributed it to users thr
Publish At:2019-09-19 18:20 | Read:121 | Comments:0 | Tags:Featured Malware reports APT Cyber espionage Data leaks Fina

An advertising dropper in Google Play

Recently, the popular CamScanner – Phone PDF creator app caught our attention. According to Google Play, it has been installed more than 100 million times. The developers position it as a solution for scanning and managing digitized documents, but negative user reviews that have been left over the past month have indicated the presence of unwanted features.
Publish At:2019-09-19 18:20 | Read:56 | Comments:0 | Tags:Featured Incidents Adware Google Android Mobile Malware Troj

Fully equipped Spying Android RAT from Brazil: BRATA

“BRATA” is a new Android remote access tool malware family. We used this code name based on its description – “Brazilian RAT Android”. It exclusively targets victims in Brazil: however, theoretically it could also be used to attack any other Android user if the cybercriminals behind it want to. It has been widespread since Janua
Publish At:2019-09-19 18:20 | Read:52 | Comments:0 | Tags:Research Brazil Google Android Malware Descriptions Mobile M

What exactly is a mobile ______ attack?

Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing traditional endpoints, very little has been invested to protect mobile device endpoints. Attackers work on the same model as any other business: where do they get the greatest return on their investment of
Publish At:2019-09-19 14:33 | Read:91 | Comments:0 | Tags:Android App Security iOS Mobile Malware Mobile Security Mobi

New iOS Jailbreak Tools put Organizations at Risk

According to iDownloadBlog.com (iDB), “in an unforeseen turn of events, hacker Pwn20wnd released v3.5.0 of the unc0ver jailbreak tool to the general public Sunday morning with official support for iOS 12.4, the latest available firmware release from Apple with support for Apple Card.”  While users wanting to bypass existing Apple operating system precaution
Publish At:2019-09-19 14:33 | Read:80 | Comments:0 | Tags:Mobile Malware advanced mobile threat defense iOS malware mo

The Clicking Bot Applications

Cyber crime, like any crime, has its motives; each malware has its own malicious profit. Spyware spies on you. Ransomware demands a ransom to decrypt your private digital data. Phishing Malware phishes for your username, password or account numbers. Installation-fraud achieves fake software installations. Ad fraud fraudulently represents online advertisement
Publish At:2017-11-07 10:45 | Read:39793 | Comments:2 | Tags:Analysts Android App Security Mobile Malware Threat Research

Gaza Cybergang – updated activity in 2017:

1. Summary information The Gaza cybergang is an Arabic-language, politically-motivated cybercriminal group, operating since 2012 and actively targeting the MENA (Middle East North Africa) region. The Gaza cybergang’s attacks have never slowed down and its typical targets include government entities/embassies, oil and gas, media/press, activists, politi
Publish At:2017-10-30 15:55 | Read:3975 | Comments:0 | Tags:APT reports APT Arabic Malware Macros Mobile Malware Targete

Validating Machine Learning Detection of Mobile Malware

Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has been “Cogito”, so this res
Publish At:2017-10-21 13:50 | Read:4879 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

Detecting DoubleLocker Ransomware

What is DoubleLocker? Security researchers at ESET discovered a new ransomware infecting Android phones called DoubleLocker. DoubleLocker is an exploit that encrypts data on the infected device and then changes the device PIN to a random number. Victims remain locked out of their device unless they pay a ransom to the hackers. DoubleLocker spreads in the ver
Publish At:2017-10-21 13:50 | Read:3956 | Comments:0 | Tags:Mobile Malware Threat Research DoubleLocker mobile malware

ZNIU: First Android Malware to Exploit Dirty COW Vulnerability

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,
Publish At:2017-09-25 23:15 | Read:4778 | Comments:0 | Tags:Bad Sites Malware Mobile Vulnerabilities android Dirty COW L

WAP-billing Trojan-Clickers on rise

During the preparation of the “IT threat evolution Q2 2017” report I found several common Trojans in the “Top 20 mobile malware programs” list that were stealing money from users using WAP-billing – a form of mobile payment that charges costs directly to the user’s mobile phone bill so they don’t need to register a c
Publish At:2017-08-24 05:50 | Read:2681 | Comments:0 | Tags:Mobile Mobile Malware Trojan-clicker WAP

Booking a Taxi for Faketoken

The Trojan-Banker.AndroidOS.Faketoken malware has been known about for already more than a year. Throughout the time of its existence, it has worked its way up from a primitive Trojan intercepting mTAN codes to an encrypter. The authors of its newer modifications continue to upgrade the malware, while its geographical spread is growing. Some of these modifi
Publish At:2017-08-17 05:05 | Read:3954 | Comments:0 | Tags:Mobile Google Android Malware Descriptions Mobile Malware Tr

IT threat evolution Q2 2017. Statistics

Q2 figures According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world. 33, 006, 783 unique URLs were recognized as malicious by web antivirus components. Attempted infections by malware that aims to steal money via online access to bank accounts were r
Publish At:2017-08-15 11:25 | Read:4392 | Comments:0 | Tags:Featured Quarterly Malware Reports Financial malware Interne

IT threat evolution Q2 2017

Targeted attacks and malware campaigns Back to the future:  looking for a link between old and new APTs This year’s Security Analyst Summit (SAS) included interesting research findings on several targeted attack campaigns.  For example, researchers from Kaspersky Lab and King’s College London presented their findings on a possible link between Mo
Publish At:2017-08-15 11:25 | Read:5031 | Comments:0 | Tags:Featured Quarterly Malware Reports APT Cyber espionage Finan

Fake Snapchat in Google Play Store

Introduction   Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for “Snapchat”. The fake version of Snapchat app is using “Snap Inc .” as Company Name, with a  ” .” appended to original name. Fake
Publish At:2017-08-11 02:50 | Read:4281 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud