Kaspersky has discovered new banking malware called Ghimob, that can spy and steal data from 153 Android apps including banking. The malware, using names like Google Docs, WhatsApp Updater, Google Defender, can be hidden inside malicious apps available on third-party app downloads or shared via email. Users in Brazil are the most targeted followed by India, China, US. It blocks the user from uninstalling it, restarting or shutting down the device.
A new variant of InterPlanetary Storm malware is targeting IoT devices – TVs, routers with ill configured SSH service etc – that run on Android, Mac, Linux and Windows OS in 84 countries, mainly southeast Asian such as China, HongKong, S Korea and Taiwan; Indian IoT devices haven’t been much on radar. The malware detects computer security mechanism, honeypots, auto-updates itself and tries to persist in the system by killing machine processes like debuggers.
All Good PDF Scanner; Mint Leaf Message-Your Private Message; Unique Keyboard – Fancy Fonts & Free Emoticons; Tangram App Lock; Direct Messenger; Private SMS; One Sentence Translator – Multifunctional Translator; Style Photo Collage; Meticulous Scanner; Desire Translate; Talent Photo Editor – Blur focus; Care Message; Part Message; Paper Doc Scanner; Blue Scanner; Hummingbird PDF Converter – Photo to PDF; All Good PDF Scanner.
Quick Heal Technologies said it had seen over 143M malware attacks in Q2 2020. Trickbot proved to be an active distributor for multiple malwares through phishing emails. Malware clocked 38% of the total Android detections in this quarter. Quick Heal found malicious apps that looked 100% authentic but infected consumers mobile phones; fake Aarogya Setu app took the lead in this section. June had the highest number of Windows malware detection.
Apple, according to a new report, accidentally approved common malware disguised as an update for Adobe Flash Player to run on macOS. Apple approved an app that contained code used by well-known malware called Shlayer – a trojan downloader that spreads through fake apps. It is the most common threat to Macs. The company, after learning about the malware, disabled the develop account associated with that app and revoked its certification.
BuzzFeed’s security service – Secure-D – found preinstalled malware in Tecno and Infinix smartphone brands offered by China-based Transsion Holding. The two malware – xHelper and Triada – automatically installed apps into users’ smartphones and also subscribed to paid services without users’ permission. Tecno and Infinix are quite popular in India and Africa. In response, Transsion did confirm the malware but blamed supply chain vendors for it.
System administrator A Nikoci said that hackers may trick Google Drive users into downloading malware into their systems. Google lets users change file versions without checking if it’s the same type, allowing hackers to replace an original file with a malicious one. To make it worse, Chrome implicitly trusts Drive downloads and ignores if other antivirus software raises warning against it. This can lead to spear-phishing attacks as Drive files are sharable.
The US govt. issued against a malware called ‘Taidoor’ used by the Chinese govt. The alert was intended to “enable network defence” to avoid data leakage to Chinese govt cyber-actors. Cybersecurity firms FireEye Inc. and CrowdStrike spotted Taidoor targeting Asians and Americans. It is distributed through spear-phishing method. In the past, the malware has targeted sectors like airlines, law, defence etc.
CERT-In issued an advisory, warning Android users about a new malware called ‘BlackRock’. It can steal credentials and credit card info from e-comm apps, social media apps, email accounts, banking apps etc. This malware can surpass antivirus’ security scans. It comes from unofficial download sources including APK files and third-party Android app stores. The main preying technique of this malware is by luring users into downloading updates from unknown sources.