Posted by News at 2016.07.29

Category: Advisories

At least two smishing (SMS phishing) campaigns have hit iOS users in the past week, with over 7,500 users clicking the malicious links and ending up on phishing pages designed to con them out of their Apple login credentials.

Intel McAfee security experts first discovered something was wrong on July 27, when their security products started picking up suspicious SMS messages from a US number.

These messages had the format of an email, containing fields such as FRM, SUBJ, MSG, but all contained Bit.ly short URLs.

Users redirected to hacked sites hosting phishing pages

Researchers say that users who clicked on this link ended up on a hacked website, where a message was displayed, telling them they had to verify their account as soon as possible, or Apple would lock it.

Curiously, this same message asked readers not to mark the message they re... (read more)

Posted by News at 2016.07.26

Category: Advisories

Legitimate emails sent from PayPal's official email address included links that redirected users to a website that distributed Chthonic, a newer variant of the infamous Zeus banking trojan.

At the source of this problem is a PayPal feature that allows users to request money from other users.

The requester can fill a form, enter another user's PayPal email address, the sum he wants to be transferred, and a custom message.

All emails looked legitimate. They are legitimate.

PayPal then takes all this data and sends it to the person from whom the money is requested. The problem here is that all these emails came from PayPal's official email address, and users would have had a hard time detecting anything wrong.

Crooks leveraged the latter custom field in the money request form to enter custom text that also included a Goo.gl short URL. This short link resolved to a website that automatically downloaded the paypalTransactionDetails.jpeg.js file on th... (read more)

Posted by News at 2016.07.26

Category: Advisories

Infosec experts have detected a flurry of online scams in the past few weeks, ranging in topics from the classic tech support trickery to innovative methods of defrauding Tinder users, and the opportunistic attempts to take advantage of political events such as the Turkey coup.

All events are part of a trend that has been slowly ramping up during the last few months, especially at the highest level, with scams targeting businesses executives being known as BEC.

In June, we wrote about how the FBI's Internet Crime Complaint Center (IC3) said that BECs (Business Email Scams) had defrauded companies around the world of over $3 billion since October 2013.

In a similar report released this month, Symantec also indicates that companies aroun... (read more)

Posted by News at 2016.07.24

Category: Uncategorized

This week in DistroWatch Weekly: Review: The saga continues with Slackware 14.2 News: OpenBSD disables usermount, KaOS releases significant updates, Fedora 22 reaches end of life Distribution Review: Point Linux 3.2 Torrent corner: Bluestar Linux, Korora Released last week: Ubuntu 16.04.1, Korora 24 Opinion poll: What was your first Linux distribution? Upcoming releases: Ubuntu 16.10 alpha 2 New additions: EasyNASNew distributions: Modern X Reader comments Read more in this week's issue of DistroWatch Weekly....

Posted by News at 2016.07.24

Category: Uncategorized

This week in DistroWatch Weekly: Review: The saga continues with Slackware 14.2 News: OpenBSD disables usermount, KaOS releases significant updates, Fedora 22 reaches end of life Distribution Review: Point Linux 3.2 Torrent corner: Bluestar Linux, Korora Released last week: Ubuntu 16.04.1, Korora 24 Opinion poll: What was your first Linux distribution? Upcoming releases: Ubuntu 16.10 alpha 2 New additions: EasyNASNew distributions: Modern X Reader comments Read more in this week's issue of DistroWatch Weekly....

Posted by News at 2016.07.19

Category: Advisories

Security experts from Sucuri have discovered a new scamming method that combines the hijacking of e-commerce checkout pages and phishing sites.

In the past, crooks were seen hijacking sites and injecting malicious code into the checkout page on e-commerce portals to log the user's credit card details and transmit the data to a third-party site.

Additionally, security researchers have often noted how crooks used phishing pages that imitated the login or checkout pages for PayPal, payment sites or e-commerce portals to acquire the user's login credentials or credit card details.

Crooks combined two techniques to create a new attack scenario

It appears that a clever crook has come up with a way to combine the two tactics mentioned above and has created a new method for stealing user credit card details that is much harder to detect, by both end users and Web security products alike.

In the scenario seen and described by Sucuri, crooks are using mal... (read more)

Posted by News at 2016.07.18

Category: Advisories

The website of the Ammyy Admin remote desktop management utility has been abused over and over again by malware distributors to spread six different malware families in the past year.

The first signs that something was wrong came to light last November, when ESET discovered that, in the months of October and November 2015, crooks had compromised the website and infected the Ammyy Admin installer with five different malware variants, not all at a time, but at different intervals.

They first distributed the Lurk malware dropper, then the CoreBot infostealer, the Buhtrap banking trojan, the Ranbyus banking trojan, and the NetWire RAT.

ESET informed the website's owners, who responded by saying they cleaned the website and removed the malicious versions of the Ammyy Admin installers that also contained malware.

read more)

Posted by News at 2016.07.17

Category: Uncategorized

This week in DistroWatch Weekly: Review: Linux Lite 3.0 News: Bodhi team plans for 4.0.0, pfSense changes license, interview with FreeDOS's founder, Linux Mint offers upgrade path, Ubuntu's forums breached Questions and answers: Getting software to work across distributions Torrent corner: IPFire, NAS4Free Released last week: IPfire 2.19 Core 100, Untangle NG Firewall 12.1 Opinion poll: Minimal vs full distributions New distributions: BILD, UbuntuQt Reader comments Read more in this week's issue of DistroWatch Weekly....

Posted by News at 2016.07.17

Category: Uncategorized

This week in DistroWatch Weekly: Review: Linux Lite 3.0 News: Bodhi team plans for 4.0.0, pfSense changes license, interview with FreeDOS's founder, Linux Mint offers upgrade path, Ubuntu's forums breached Questions and answers: Getting software to work across distributions Torrent corner: IPFire, NAS4Free Released last week: IPfire 2.19 Core 100, Untangle NG Firewall 12.1 Opinion poll: Minimal vs full distributions New distributions: BILD, UbuntuQt Reader comments Read more in this week's issue of DistroWatch Weekly....

Posted by News at 2016.07.15

Category: Advisories

We already know that crooks are using the Pokemon GO apps to spread remote access trojans via third-party app stores, but now, one of those malware-infected apps has made its way to the official Google Play Store.

Following a report from ESET, Google intervened and removed the app, along with two others that distributed scareware.

Pokemon-themed app distributed clickjacking malware

The malicious app's name was Pokemon GO Ultimate and promised users to allow them to play the game, even if not yet available in their country.

Because Pokemon GO is only available in the US, Australia, New Zealand, Germany and the UK, some users outside these countries installed the app seeking a way to play Nintendo's bestseller. ... (read more)
  • Log in/out

  • Categories