Android users need to be on the lookout yet again for a new type of malware targeting the mobile devices. The latest attack poses as an update to Flash and targets banking information and credit card details of its victims.
The attack, discovered by security researchers at SophosLabs, has been identified as Andr/Banker-GUA or Invisible Man —a variant of a well-known banking malware known as Svpeng that previously ran amok on Android devices. The modified version of the trojan originally developed by Russian hackers has an additional threat that was absent in the original: a keylogger that keeps track of everything a victim types on their infected devices.Read more
A new Android banking Trojan, which masquerades as a Flash Player app, targeting customers of at least 90 major banks across the US and Europe has been uncovered. The malware can be considered to be highly advanced and dangerous, especially given its ability to bypass SMS-based two-factor authentication.
Some of the banking apps targeted by the malware include Deutsche Bank, Santander, American Express, Coinbase, Credit Karma, Paypal and Wells Fargo, among others. This banking malware can steal login credentials from 94 different mobile banking apps. The banking Trojan also comes with the ability to target some of the more popular social media apps.Read more
Adobe’s Flash technology is on its way out of the Firefox internet browser. In August, Mozilla Corp., maker of the browser, will begin defaulting to HTML 5 instead of Flash for video, online animations, games and other rich media.
If users run into a website where there is no non-Flash option available, Firefox will still render that site in Flash. But next year, Firefox will ask for permission before it renders any sites in Flash or Microsoft Corp.’s Silverlight, a rich-media technology similar to Flash. Web browser plugins, such as Flash and Silverlight, “often introduce stability, performance, and security issues for browsers,” said Benjamin Smedberg, a manager of Firefox quality engineering, in a blog post.Read more
Attackers are exploiting a critical vulnerability in Adobe's widely used Flash Player, and Adobe says it won't have a patch ready until later this week.
The active zero-day exploit works against the most recent Flash version and was detected earlier this month by researchers from antivirus provider Kaspersky Lab. It's being carried out by "ScarCruft," the name Kaspersky has given to a relatively new hacking group engaged in "advanced persistent threat" campaigns that target companies and organizations for high-value information and data. ScarCruft is a relatively new APT group, victims have been observed in several countries.Read more
Exploits for the most recent Adobe Flash Player zero-day vulnerability have been integrated into the Angler, Neutrino and Magnitude exploit kits, and are leading compromised computers to different ransomware strains, banking malware, and a credential-stealing Trojan.
A French researcher who goes by the handle Kafeine told that Neutrino has embedded a working exploit for vulnerability while Magnitude has not fully implemented the exploit. Kafeine this morning also confirmed that the Angler Exploit Kit has now integrated the same Flash zero day exploit. The Angler exploits, however, are dropping the Dridex banking Trojan.Read more
The latest zero-day vulnerability in Adobe Systems' Flash player has been used over the past two weeks to distribute ransomware called Cerber, email security vendor Proofpoint said. The vulnerability affects all versions of Flash Player on Windows, Mac, Linux and Chrome OS.
Ryan Kalember, senior vice president of cybersecurity at Proofpoint, said his company detected an attack trying to exploit the flaw. One of Proofpoint's customers received an email with a document that contained a malicious macro that led victims through a series of redirects that eventually reached an exploit kit.Read more
A new Android trojan that's being detected is targeting users for the purpose of stealing their banking and Google account credentials. Security researchers say that the trojan is distributed via websites that advertise a Flash Player for Android devices.
Adobe officially stopped developing a Flash client for Android in 2012, so this is an obvious trick to fool users into installing a dangerous APK on their system. Once downloaded and the installation process started, the trojan will ask for admin rights. Giving it admin rights not only makes it much harder to remove later on but it also grants the trojan the access needed to carry out its attacks undisturbed.Read more
Adobe is finally ready to say goodbye to Flash. In an announcement last night, Adobe said that it will now "encourage content creators to build with new web standards," such as HTML5, rather than Flash.
It's also beginning to deprecate the Flash name by renaming its animation app to Animate CC, away from Flash Professional CC. Flash has been slowly dying over the past decade, in part due to an absence of support on smartphones and in part because it's kind of become a scourge of the internet. Though Flash initially had great success as a tool for creating web games and animations, it has a number of downsides that have stood out more and more each year.Read more
A day after releasing its monthly security update, Adobe confirmed it has discovered a new vulnerability in Flash Player that affects every version running on the Windows, Macintosh and Linux operating systems.
Adobe said that it will issue an out-of-cycle security update next week to address the software plug-in's vulnerability, which it warned could crash and potentially allow an attacker to take control of the affected system. The bug was discovered earlier this week by researchers at Trend Micro. The San Jose, California-based software maker did not immediately respond to a request for more information on the vulnerability.Read more
Researchers have found a new zero-day exploit in Adobe Flash used in malvertising attacks. The exploit affects the most recent version of Adobe Flash.
The initial analysis suggests that this might have been executed through the use of the Angler Exploit Kit, due to similarities in obfuscation techniques and infection chains. The infection happens automatically, since advertisements are designed to load once a user visits a site. Most of the users who accessed the malicious server related to the attack are from the USA. This post serves to warn end-users and enterprises of the severity of this threat.Read more