Hackers have launched a new phishing campaign against LinkedIn members that uses compromised LinkedIn accounts to send messages with malicious links and downloads to potential victims in an attempt to steal credentials and personal information.
The campaign, first spotted by security researchers at cybersecurity firm Malwarebtyes, makes use of real LinkedIn accounts that have been compromised in order to make the phishing messages sent via LinkedIn’s messaging system appear legitimate. According to Malwarebytes researchers, the attackers have managed to hijack a number of LinkedIn member accounts.Read more
Twice in five days, developers of Chrome browser extensions have lost control of their code after unidentified attackers compromised the Google Chrome Web Store accounts used to issue updates.
The most recent case happened Wednesday to Chris Pederick, creator of the Web Developer extension. Last Friday, developers of Copyfish, a browser extension that performs optical character recognition, also had their account hijacked. In both cases, the attackers used the unauthorized access to publish fraudulent updates that by default are automatically pushed to all Chrome users who have the extensions installed.Read more
The Gmail phishing attack that played out across Google's billion-user email platform Wednesday afternoon was "particularly insidious" and created by someone with considerable skill, say cybersecurity experts.
The scam involved sending users a malicious link from what looked like a familiar contact; when users clicked it and logged on, the hacker gained access to their Gmail credentials, thereby getting the keys to the kingdom for a user's entire online life — and enabling the virus to replicate itself. While Google says it has fixed the problem, it still remains a mystery who may have launched the worm that quickly made the rounds online.Read more
A Chinese infosec researcher has reported about an "almost impossible to detect" phishing attack that can be used to trick even the most careful users on the Internet.
He warned, hackers can use a known vulnerability in the Chrome, Firefox and Opera web browsers to display their fake domain names as the websites of legitimate services, like Apple, Google, or Amazon to steal login or financial credentials and other sensitive information from users. What is the best defence against phishing attack? Generally, checking the address bar after the page has loaded and if it is being served over a valid HTTPS connection. Right?Read more
At least two smishing campaigns have hit iOS users in the past week, with over 7,500 users clicking the malicious links and ending up on phishing pages designed to con them out of their Apple login credentials.
Intel McAfee security experts first discovered something was wrong, when their security products started picking up suspicious SMS messages from a US number. These messages had the format of an email. Researchers say that users who clicked on this link ended up on a hacked website, where a message was displayed, telling them they had to verify their account as soon as possible, or Apple would lock it.Read more
Scammers use stolen database of real Booking.com travel orders. Russian Booking.com customers received e-mails from fraudsters at the beginning of October. Scammers asked for prepayment in full for a previously booked room.
It should be mentioned that Booking.com never asks for payment up front. Customers got emails supposedly from Booking.com with real reservation number, dates and names of hotels. While studying customers’ correspondence, security researchers said the domain names used by scammers for sending letters were not sent by Booking.com or hotels.Read more
A hacker group that appears to be residing in China has been targeting India and Southeast Asian nations in a bid to extract information about ongoing border disputes and other diplomatic issues.
Describing the hackers as part of an APT group, cybersecurity vendor FireEye said the attack campaign had been ongoing since 2011 and targeted more than 100 victims. The group would send spearphishing e-mails attached with Microsoft Word documents containing a script, which would create backdoor on infected machines. FireEye also detected the attacks in April 2015, a month ahead of India's premier Narendra Modi's first state visit to China.Read more
In a new document leaked from Bitstamp, one of the more popular Bitcoin exchanges in the world, the company details how a phishing attack several months ago bereft the company of roughly $5 million at then-current prices.
Beginning around page nine of the leaked report, which is clearly marked confidential but is already floating around numerous mirror sites since its initial leak, the document details how the company discovered an "ominous" and large data movement of around 3.5 gigabytes from Bitstamp's server to an IP in Germany. The company determined that it was their wallet.dat file that had gone over the tubes from their servers to some unknown.Read more
A lot of Twitter users looking for a way to get their accounts verified have been duped by a single fake account promising to provide the service into visiting a phishing page.
How many of them actually went through the steps required is unknown, but according to Malwarebytes' Chris Boyd, this wasn't the only account of this kind to be suspended recently, and there are sure to be others popping up. The account in question successfully impersonated Twitter's official "Verified Account" account. The phishers used the same name and icon but, of course, couldn't get the blue badge with a check mark next to the username.Read more
The Chinese-language Naikon advanced persistent threat group is targeting military, government and civil organizations located in and around the South China Sea, which is an increasingly contentious hot-bed of territorial disputes between various Southeast Asian nations.
Naikon infects its victims with spear-phishing emails in which malicious executables masquerade as seemingly relevant document attachments. When a victim opens one of these malicious attachments, a decoy document appears as an executable file and quietly exploits an old Microsoft Office vulnerability, installing malware on the victim’s machine.Read more