Tag Archive for: figure

Hackers figure out your computer’s location via malware Whiffy Recon

/in


Hackers can accurately determine your location with the new malware Whiffy Recon. The data can potentially be used as leverage to let victims fulfil the hacker’s wishes.

The new malware Whiffy Recon searches for a computer’s location. Researchers from Secureworks first encountered the malware in the Smoke Loader botnet.

Malware for botnets

The malware was developed for computers that are already infected. The set of devices infected by the same malware family is also called a botnet. As users, there is no way to find out if devices in your possession are related to such a botnet.

Authorities recently succeeded in destroying the largest global botnet ‘Qakbot’. This operation makes about 700,000 computers no longer vulnerable to the new malware Whiffy Recon.

So, through other botnets, the malware can still do damage, and it already appears to be doing that currently through Smoke Loader. In this malware, the initial infection happens through a phishing message containing a malicious zip file.

Google Geolocation API helps

The malware currently only targets Windows devices. The operating system possesses Wireless AutoConfig Service (WLANSVC) that hackers can abuse to connect to the nearest routers via Wi-Fi. WLANSVC is used to verify whether the infected device has a Wi-Fi connection. Once that is assured, the malware will scan for Wi-Fi routers every minute.

With the data obtained from the scan, the hackers can find out the exact location of the infected device. To do this, they upload the data to the Google Geolocation API. This service accurately determines the location through a combination of Wi-Fi access points and transmission towers.

Threat and entry search

In repeating the scan every minute, the malware is used as a tracker. Moving an infected work device from the office to home, for example, will give hackers your work and home address if the device connects to a Wi-Fi router in both places.

“Demonstrating access to geolocation information can be used to intimidate victims or pressure them to comply with demands,” the researchers state. A threat message from a hacker is indeed much more intimidating if it appears…

Source…

US sanctions Russian accused of being a ‘central figure’ in major ransomware attacks

/in


The U.S. government has indicted a Russian national for his alleged role in ransomware attacks against U.S. law enforcement and critical infrastructure.

U.S. authorities accuse Mikhail Matveev, also known online as “Wazawaka” and “Boriselcin,” of being a “central figure” in developing and deploying the Hive, LockBit and Babuk ransomware variants.

In 2021, Matveev claimed responsibility for a ransomware attack against the Metropolitan Police Department in Washington, D.C, according to the U.S. Justice Department. The cyberattack saw the Babuk ransomware gang, which Matveev was allegedly a member of since early 2020, infiltrate the police department’s systems to steal the personal details of police officers, along with sensitive information about gangs, suspects of crimes and witnesses.

Matveev and his co-conspirators also deployed LockBit ransomware against a law enforcement agency in New Jersey’s Passaic County in June 2020, according to prosecutors, and deployed Hive ransomware against a nonprofit behavioral healthcare organization headquartered in nearby Mercer County in May 2020.

These three ransomware gangs are believed to have targeted thousands of victims in the United States. According to the Justice Department, the LockBit ransomware gang has carried out over 1,400 attacks, issuing more than $100 million in ransom demands and receiving over $75 million in ransom payments. Babuk has executed over 65 attacks and has received $13 million in ransom payments, while Hive has targeted more than 1,500 victims around the world and received as much as $120 million in ransom payments.

Matveev is also believed to have links to the Russia-backed Conti ransomware gang. The Russian national is believed to have claimed responsibility for the ransomware attack on the government of Costa Rica, which saw Conti hackers demand $20 million in a ransom payment — along with the overthrow of the Costa Rican government.

According to the U.S. Treasury, which announced sanctions against the Russian national on Tuesday, Matveev has also been linked to other ransomware intrusions against numerous U.S. businesses, including a U.S. airline. The Treasury added that…

Source…

How to Figure Out If Your Phone Has Malware

/in


What is malware?

Abbreviation for ‘malicious software, malware is programming intended to make harm a PC, server, or organization. Malware is frequently alluded to as an infection or contamination and can come in many structures including the accompanying sorts:

  • Adware – intended to show successive promotions to a client as pop-ups, some of the time diverting you to pages or applications
  • Investor Malware – endeavors to take clients’ bank qualifications without their insight
Source: Sophos Home

Source: Sophos Home

  • Ransomware – requests cash from you in return for the records or the usefulness of the gadgets being ‘held prisoner’
  • Establishing – ‘roots’ the gadget, basically opening the working framework and acquiring heightened advantages
  • SMS Malware – controls gadgets to send and capture instant messages bringing about SMS charges without you knowing
  • Spyware – screens and records data about your activity on your gadget without your insight or authorization
  • Trojan Malware – conceals itself inside a piece of apparently guiltless programming

What are the indications?

How to Figure Out If Your Phone Has Malware, is a real question.  A couple of signs you have portable malware and your gadget has been compromised include:

  • Battery depleting quicker
  • Spring up promotions
  • Unexplained applications
  • A flood in information utilization
  • Unexplained charges
  • Diminished execution

What are the causes?

Cybercriminals hoping to have a more noteworthy return center their endeavors around associations and utilize an assortment of strategies to taint the greatest number of corporate gadgets. The following are a couple of ways portable malware can get to your gadget.

  • Tainted applications – Hackers contaminate known applications or make their own and are normally downloaded from outsider application stores
  • Malvertising – Online notices are tainted with malware, appropriated by advertisement organizations, and show up quietly on genuine destinations
  • Tricks – Rely on the client being diverted to a malevolent website page in the wake of tapping on vindictive email, instant message, or spring up screen
  • Direct to gadget – Requires direct admittance to the gadget to download or sideload…

Source…

Top 8 warning signs to help you figure out if iPhone and Android apps will scam you

/in


SMART phones have made it significantly easier to fall victim to online scams, but there are several things you can do to protect your phone and yourself.

Many of the apps people download to their phones can be used to spread malware or steal data or money, so it’s important to keep an eye out for the warning signs.

Many legitimate apps are exploited by fraudsters in order to steal users' information, data and even money

1

Many legitimate apps are exploited by fraudsters in order to steal users’ information, data and even money

Some of the the apps that spread malware or malicious code are copycats of other apps to trick users into downloading them. Others simply offer a good deal while disguising the costly, hard-to-cancel subscription that comes with it.

Even worse, many legitimate apps are exploited by fraudsters in order to steal users’ information, data and even money.

Facebook, LinkedIn and Instagram are examples of legitimate apps that can be used to scam users, as reported by AARP.

Before downloading an app, there are several things you can do to protect yourself.

First, you should check the app’s comments and reviews, and search specifically for negative ones, as users who have been scammed before can use that space to warn others.

Beware that a bunch of repetitive positive reviews can itself be a bad sign, as reviews can be faked.

It’s also important to check where the app comes from, and downloading them from websites is not the safest bet.

The safest place to download apps is from an official app store like Apple’s App Store for iOS, and the Google Play Store for Android, experts say.

And Apple’s app store is safer than the Google Play Store, because the company demands more requirements be filled before developers can get their product on the platform.

But even the Apple app store isn’t completely safe: a recent Washington Post analysis found that two percent of the 1,000 highest-grossing apps on the App Store are scams, and a estimated $48 million were stolen.

Another thing to watch out for when downloading apps that offer free services or products is hidden fees and subscriptions.

You should investigate what exactly it is the app is offering for free by carefully reading the terms and conditions and in-app purchase descriptions.

It’s also important to keep an…

Source…