Tag: Fall | SpinSafe

Hackers are infecting Macs with malware using calendar invites and meeting links — don’t fall for this

February 29, 2024/in Computer Security

Getting an email with a calendar link for a meeting has become commonplace, but you may want to think twice before clicking on one. That’s because hackers have begun using calendar invites and meeting links to infect unsuspecting users with Mac malware.

As reported by Krebs On Security, cybercriminals are now abusing the popular scheduling tool Calendly in their scams. Like with other malware campaigns, this one uses social engineering to find potential targets but instead of draining their bank accounts, it goes after cryptocurrency.

Still, the hackers behind this campaign could pivot to go after other types of accounts by using a different Mac malware strain. Here’s everything you need to know about how this scam works as well as how to protect yourself and your Apple devices from Mac malware.

From meeting invite to malware infection

Krebs On Security got a first-hand look into this scam after one of the site’s readers explained how they were targeted and fell for it.

In this campaign, the hackers behind it are impersonating cryptocurrency investors who are asking to schedule a video call. However, this lure could easily be adapted to go after other groups of potential victims.

The attack itself began when the reader was approached via Telegram by a scammer that wanted to invest in their startup. Everything seemed above board though and they then shared their Calendly profile with the scammer.

When it was time for the meeting, the reader clicked on the meeting link and nothing happened. They then contacted the scammer who explained that there was an issue with the video platform. Fortunately though, their IT people had created a different meeting link.

While this is certainly the kind of thing that should raise suspicions, the reader didn’t think twice and clicked on the link. However, instead of opening a videoconferencing app, a message appeared on their Mac saying the video service was experiencing technical difficulties. The message also referenced a script that could be run as a temporary solution to fix these issues.

By running the script, the reader unknowingly infected their Mac with a dangerous trojan designed to siphon off personal and financial data from their…

Source…

Motilal Oswal falls prey to cyber-attack by ransomware group LockBit, shares fall 2%

February 18, 2024/in Internet Security

Story continues below Advertisement

Shares of Motilal Oswal Financial Services fall over two percent in early trade on February 19 after the domestic broking firm was targeted in a cyber-attack by ransomware group LockBit, according to TechCrunch.

The ransomware group added Motilal Oswal to its dark web leak site on Tuesday, in an attempt to blackmail the brokerage for ransom payments. On failure to meet their demands, LockBit threatened to make all the stolen data public.

Story continues below Advertisement

At 9.17 am, shares of the brokerage were quoting Rs 1,800 apiece on the NSE, down 2.1 percent.

The domestic brokerage has around six million clients, with total assets under management of around $53 billion.

A spokesperson for the company did not respond to Moneycontrol queries.

India’s Computer Emergency Response Team was in the process of taking all appropriate action, according to the TechCrunch report.

Last year, LockBit launched cyber attacks on Granules India and public sector enterprise National Aerospace Laboratories. The gang is one of the most prolific ransomware gangs of all time, who have previously attacked IT major Accenture, UK’s Royal Mail, Boeing, and the Industrial & Commercial Bank of China.

“This had a major effect on the operations of our business due to significant changes in our IT systems and the time needed for meeting the regulatory expectations, qualifications, recertifications, and fine-tuning of quality and production systems,” the company said.

Story continues below Advertisement

Follow our market blog to catch all the live action

Motilal Oswal Financial Services provides various diversified financial services in India. It offers a range of financial products and services, such as wealth management, retail broking and distribution, institutional broking, asset management, commodity broking, private equity, investment banking, and principal strategies.

Over the past one month, shares of Motilal Oswal Financial Services have gained more than 15 percent, with shares settling…

Source…

LockBit remains most dangerous ransomware despite fall in attacks

December 8, 2023/in Internet Security

Ransomware attacks by LockBit represent a shrinking proportion of global ransomware and digital extortion (R&DE) attacks in 2023, according to new research, but still represent the most significant threat to organizations in the UK.

Analysis shows that the group is still the primary R&DE threat to all industries globally regardless of location, according to ZeroFox.

But when compared to the total number of R&DE attacks recorded in 2023, LockBit’s share of global attacks is shown to be decreasing, which ZeroFox attributes to new threat collectives adopting alternative or homemade ransomware strains.

The research found LockBit attacks accounted for just under 30% of global RD&E attacks in the first quarter of 2023, and this fell to around 15% by Q3.

UK-specific data recorded by ZeroFox shows LockBit still poses a significant threat to organizations in the UK, but this is also expected to give way to alternative ransomware strains over the coming year.

Based on a quarterly average over the period from January 2022 to November 2023, LockBit accounted for approximately 20% of all attacks against UK-based organizations.

The most frequently targeted industries in the UK were manufacturing, retail, professional services, and legal & consulting.

The percentage of global LockBit-specific attacks that targeted UK businesses was below the proportion of all incidents targeting the UK, further highlighting the diverse array of cyber criminal groups targeting organizations across the country.

Despite this, the UK’s share of global LockBit attacks has been on the rise throughout 2023, from 3.5% in the first quarter to 7.9% in Q4 (using data as of November 30 2023).

Compared to the rest of Europe, the UK does appear to be receiving an inflated number of LockBit-based attacks, according to the report, suggesting the group is specifically targeting UK organizations.

“LockBit’s Europe-focused targeting has decreased, whereas its attacks against the UK have remained broadly consistent — meaning UK organizations represent an increasing proportion of LockBit’s Europe-focused targeting,” the report said.

“Diversification of the R&DE threat landscape is driving LockBit to account for an…

Source…