trojan horses – Page 2 – WindowsTechs.com

Rooting Hummer malware brings $500,000 per day to its creator

Posted on June 30, 2016 by Zeljka Zorz

Android malware with device rooting capabilities has been hitting Google Play for a while now, but for users third-party app stores the situation is even more dangerous. The Hummer malware family Hummer, an Android Trojan family that dates back to 2014, has managed to infect as much as 1.4 million devices daily in the first half of 2016, Cheetah Mobile researchers have found. As the recently spotted fake LevelDropper app in Google Play, various legitimate-looking … More → Continue reading Rooting Hummer malware brings $500,000 per day to its creator→

UK banking customers targeted with Retefe Trojan with MitM capabilities

Posted on June 28, 2016 by Zeljka Zorz

UK users are the latest targets of cyber crooks leveraging the Retefe banking Trojan and a rogue root certificate. The malware is out to steal online banking credentials of customers of several UK banks – Barclays, HSBC, NatWest, Santander, Ulster Bank, Tesco bank, etc. – but also other account login credentials for sites with “.com” and “.co.uk” domains: The attack starts with unsolicited emails carrying what looks like a regular document but contains an embedded … More → Continue reading UK banking customers targeted with Retefe Trojan with MitM capabilities→

Android banking malware may start using adware tricks

Posted on May 5, 2016 by Zeljka Zorz

Android banking and credential-stealing malware with screen overlay capabilities is on the rise, but for it to be effective, it must detect when banking, email, social media apps are opened, identify them, and show the appropriate pop up intended to harvest sensitive data. That’s not a problem when the malware is installed on Android versions before 5.0 (Lollipop) – according to Google’s numbers, that’s nearly 57 percent of all Android devices out there – because … More → Continue reading Android banking malware may start using adware tricks→

Malicious Chrome update actively targeting Android users

Posted on May 3, 2016 by Zeljka Zorz

A fake malicious Chrome update is being actively pushed onto Android users, saddling them with information-stealing malware that can be uninstalled only by restoring the device to factory settings – and losing data in the process. The malicious file – Update_chrome.apk – is hosted on a continually changing list of pages whose URLs sport variations on expressions like “Google”, “Google apps”, “Google market”, “Android update”. Once victims are tricked into downloading and installing the fake … More → Continue reading Malicious Chrome update actively targeting Android users→

Beware of emails with JavaScript attachments!

Posted on April 19, 2016 by Zeljka Zorz

Malware peddlers are always looking for the next trick to get users to infect their computers. According to Microsoft and other sources, the current latest trick is malicious JavaScript attachments. The spam campaigns delivering these attachments range from blank emails pretending to deliver a business cards and fake “order status” emails, to bank-related and resume-themed spam. The malicious attachment usually comes in the form of a ZIP or RAR archive file, and once unpacked, the … More → Continue reading Beware of emails with JavaScript attachments!→

AceDeceiver iOS malware exploits Apple design flaw to infect non-jailbroken devices

Posted on March 16, 2016 by Zeljka Zorz

Malware developers have found another hole in Apple’s iOS defenses, and this one, according to Palo Alto researchers, will be difficult to plug. The newly discovered malware family that has been successfully infecting non-jailbroken devices of Chinese users has been dubbed AceDeceiver. And, unlike previous instances of successful iOS malware, it can be installed on target devices without being signed with a valid enterprise certificate. FairPlay MITM “AceDeceiver is the first iOS malware we’ve seen … More → Continue reading AceDeceiver iOS malware exploits Apple design flaw to infect non-jailbroken devices→

How cybercriminals evade detection

Posted on March 10, 2016 by Help Net Security

A new report by Damballa highlights not only how cybercriminals can stay under the radar for long periods of time, but also the need for enterprises to reassess existing security tools. “Its’s no small feat to keep up with how cybercriminals operate. Attackers have an incredibly vibrant underground community where they can buy or rent anything from C&C infrastructure to sophisticated exploit kits to bare metal malware,” said Stephen Newman, CTO of Damballa. The transience … More → Continue reading How cybercriminals evade detection→

OnionDog APT targets the infrastructure industry

Posted on March 9, 2016 by Help Net Security

The Helios Team at 360 SkyEye Labs revealed that a group named OnionDog has been infiltrating and stealing information from the energy, transportation and other infrastructure industries of Korean-language countries through the Internet. OnionDog’s first activity can be traced back to October, 2013 and in the following two years it was only active between late July and early September. The self-set life cycle of a Trojan attack is 15 days on average and is distinctly … More → Continue reading OnionDog APT targets the infrastructure industry→