The Internet is awash with covert crypto currency miners that bog down computers and even smartphones with computationally intensive math problems called by hacked or ethically questionable sites.

The latest examples came on Monday with the revelation from antivirus provider Trend Micro that at least two Android apps with as many as 50,000 downloads from Google Play were recently caught putting crypto miners inside a hidden browser window. The miners caused phones running the apps to run JavaScript hosted on Coinhive.com, a site that harnesses the CPUs of millions of PCs to mine the Monero crypto currency.

An unknown hacker appears to have breached a dark web marketplace called Basetools and leaked samples of its database online.

The hacker has threatened to leak the dark web market operator's identity as well as Basetools' data to US authorities, including the FBI, DHS, DoJ and others, unless a ransom of $50,000 (£38,112) is paid. Basetools is an underground marketplace often advertised in Russian-speaking cybercrime forums and markets, which allows dark web vendors to sell spamming tools, credit card data, hacked customer accounts, among other things. 

If you get a message from a Facebook Friend telling you they urgently need your help accessing their account — pause, because someone’s trying to use Facebook security against you.

Experts yesterday revealed details of the phishing scam that has apparently claimed a few victims recently. It’s basically an attempt to con you into handing over your account codes to someone you think you can trust. The attack is initiated by someone who has already taken over the account of a friend. They send you an urgent message claiming to need help getting back into their account, and to check your email for a recovery code.

One of iOS' rougher edges are the popups it produces on a regular but seemingly random basis. These popups require users to enter their Apple ID before they can install or update an app or complete some other mundane task.

The prompts have grown so common most people don't think twice about them. Mobile app developer Felix Krause makes a compelling case that these popups represent a potential security hole through which attackers can steal user credentials. In a blog post published Tuesday, he showed side-by-side comparisons, pictured above, of an official popup produced by iOS and a proof-of-concept phishing popup.

Money may not grow on trees, but apparently, it can grow in Amazon Web Services (AWS).

A report from the security intelligence group RedLock found at least two companies which had their AWS cloud services compromised by hackers who wanted nothing more than to use the computer power to mine the cryptocurrency bitcoin. The hackers ultimately got access to Amazon's cloud servers after discovering that their administration consoles weren't password protected. "Upon deeper analysis, the team discovered that hackers were executing a bitcoin mining command from one of the Kubernetes containers," reads the RedLock report. 

U.S. fast-food chain operator Sonic Corp said on Wednesday a malware attack at some of its drive-in outlets may have allowed hackers to access customers’ debit and credit card information, the latest in a string of data breaches.

Sonic’s shares fell 2 percent to $24.73 in afternoon trading. The drive-in chain, which operates across 45 U.S. states, did not disclose how many store payment systems have been affected. Cybersecurity blog KrebsOnSecurity first reported the news last week and added that the activity may have led to millions of stolen credit and debit card numbers being sold in underground exchanges. 

For years, cybercriminals have been extorting victims by locking their computers with malware. The hackers promise to give the victim their files back as long as they fork over the cryptocurrency—typically Bitcoin—within the stipulated time limit.

Now, someone has added a new, perverse twist to this tried and tested scheme: demanding naked photographs instead of Bitcoin. Researchers at MalwareHunterTeam, a research group focused on ransomware, spotted the software, called nRansomware on Thursday. The group posted a screenshot of the message that's displayed when a victim gets infected:

Hackers have launched a new phishing campaign against LinkedIn members that uses compromised LinkedIn accounts to send messages with malicious links and downloads to potential victims in an attempt to steal credentials and personal information.

The campaign, first spotted by security researchers at cybersecurity firm Malwarebtyes, makes use of real LinkedIn accounts that have been compromised in order to make the phishing messages sent via LinkedIn’s messaging system appear legitimate. According to Malwarebytes researchers, the attackers have managed to hijack a number of LinkedIn member accounts.

The Emotet trojan is back, this time spreading via Spam bots. Trend Micro researchers first spotted the banking malware using network sniffing to steal data back in 2014 and recently spotted an increase in activity in August 2017 coming from new variants that all had the potential to unleash different types of payloads.

The latest versions were spotted and each had the potential to drop different malicious payloads. Researchers attributed the malware's resurfacing to two main possible reasons first, the authors behind the attacks may be targeting new regions and because and second, because the new variants are using multiple ways to spread. 

Vendors relying on Mastercard’s Internet Gateway Service for processing online payments ought to double-check every transaction before they send out items to customers.

There is a critical flaw in the system’s validation protocol and it appears the company is completely ignoring it. Independent security researcher has stumbled upon a glaring flaw in the MIGS protocol that allows hackers to spoof the payment system and trick merchants into accepting invalid transactions as successful. “It can be said that this is a MIGS client bug, but the hashing method chosen by Mastercard allows this to happen,” the researcher explains.