All software and hardware in the German parliamentary network might need to be replaced. More than four weeks after a cyberattack, the government hasn’t managed to erase spyware from the system.
Trojans introduced to the Bundestag network are still working and are still sending data from the internal network to an unknown destination, several anonymous parliament sources told. In May, parliament IT specialists discovered hackers were trying to infiltrate the network. So far, they have been unable to mitigate the attack. People in parliament are already talking about a possible replacement of the whole system.Read more
Personal computers in Japan and abroad have been infected with an aggressive online banking Trojan virus called ‘Vawtrak’ responsible for stealing millions of dollars, according to Tokyo police.
The virus steals private information such as passwords while conducting online banking transactions. The money is then remitted to third-party accounts. Vawtrak was originally spotted in August 2013, that version stole details from several Windows email clients, the more recent have expanded their capabilities to include a wider range of theft. Among these capabilities are stealing banking credentials and credit card information.Read more
IBM Security has identified an active campaign using a variant of Dyre malware that has successfully stolen more than $1 million from targeted enterprise organizations. The campaign shows a brazen twist from the once-simple Dyre malware by adding sophisticated social engineering tactics likely to circumvent two-factor authentication.
In recent incidents, organizations have lost millions to attackers. While many popular banking Trojans have targeted individuals, Dyre has always been used to target organizations. Dyre has evolved to become simultaneously sophisticated and easy to use.Read more
Millions of flawed BIOSes can be infected using simple two-minute attacks that don't require technical skills and require only access to a PC to execute. BIOS have been the target of much hacking research in recent years since low-level p0wnage can grant attackers the highest privileges, persistence and stealth.
Because almost no one patches their BIOSes, almost every BIOS is affected by at least one vulnerability, and can be infected. The high amount of code reuse across UEFI BIOSes means that BIOS infection can be automatic and reliable. The point is more how the vendors' fixes are going un-applied by users, corporations, and governments.Read more
A new Android Trojan uses some clever techniques to silently subscribe victims to premium services. The threat is still under development, but it’s already capable of carrying out a wide range of tasks.
Cybercrooks can use the malware to send SMS messages, set a filter on incoming messages and calls, display ads, delete messages and call records, upload the HTML source code of specified webpages to a remote server, perform DDoS attacks, make outgoing calls, subscribe the victim to paid content, delete security apps, and export incoming messages based on instructions received from the command and control server.Read more
Security experts warned about a new attack on users of WhatsApp messenger. Under the guise of the web version of messenger is distributed Trojan. Attackers send out e-mail letters of invitation to download the desktop application WhatsApp Web, issued by the manufacturer at the end of January 2015.
Referring to users, scammers use social engineering techniques. Messages contain a link, supposedly leading to the official website of WhatsApp. Actually clicking the user goes to another site where download the executable file WhatsAppInstall.exe. Under this name hides a Trojan Downloader.Read more
A new Android Trojan that specializes in stealing banking information by intercepting SMS messages has been making the rounds. Trojan appears to be targeting Chinese Android users as many types of malware that came before it, at least for the moment.
The Trojan’s forte is sniffing out message having to do with banking and emailing those captured SMS messages to itself. In both cases the Trojan sends the information to a hardcoded Chinese email service and a hardcoded Chinese phone number. The Trojan’s SMS communication works both ways, because it can receive commands from the command and control server via SMS.Read more
If you are a Facebook user, be aware of a new malware! Do not click any porn links on Facebook. The reason is that you have thousands of good porn sites out there, but there's an extra good reason right now.
A security researcher warned that rogue pornography links on the world’s most popular social network had reportedly infected a lot of Facebook users with a Trojan in two days and it is still on the rise. The Facebook malware disguised as a Flash Player update and spreads itself by posting links to a pornographic video from the Facebook accounts of previously infected users. The malware generally tags as many as 20 friends of the infected user.Read more
Banking trojans remain one of the most prevalent kinds of malware. Among them, trojans based on Zeus have long been the most prevalent, but in recent months a relatively new trojan has been challenging the reign of Zeus: Vawtrak.
Also known as Neverquest or Snifula, Vawtrak initially targeted users of Japanese banking systems, but it has since broadened its scope. Earlier Sophos researcher looked at the malware's infection vector, as well how it targets banks and other financial institutions. Like a Russian Matryoshka doll, it consists of multiple layers, with each layer containing the next one until the final layer contains a malicious DLL.Read more
German Chancellor Angela Merkel has fallen victim to hacking after a sophisticated computer virus was discovered on the USB drive of one of her aides. The Reign virus, which is believed to have been developed by US and British spying agencies, was detected after one of Mrs Merkel's employees plugged her personal drive into a work laptop.
The woman, who works in close contact with Mrs Merkel, had loaded a speech she was editing on to the drive, took it home to continue working on it, before returning to the office. As she went to plug the drive back into her work computer she was sent a firewall alert saying a virus had been detected.Read more