Money may not grow on trees, but apparently, it can grow in Amazon Web Services (AWS).
A report from the security intelligence group RedLock found at least two companies which had their AWS cloud services compromised by hackers who wanted nothing more than to use the computer power to mine the cryptocurrency bitcoin. The hackers ultimately got access to Amazon's cloud servers after discovering that their administration consoles weren't password protected. "Upon deeper analysis, the team discovered that hackers were executing a bitcoin mining command from one of the Kubernetes containers," reads the RedLock report.Read more
Hackers are intercepting legitimate email conversations between individuals and hijacking them to spread malware to corporate networks by using highly-customised phishing messages designed to look as if the victim is still communicating with the person they were originally messaging.
The target still believes they're in contact with the person they were originally messaging, but in fact they have fallen victim to a highly targeted cyber attack and may have infected their network via a malicious attachment. Attacks using this technique and have already infiltrated several networks.Read more
U.S. fast-food chain operator Sonic Corp said on Wednesday a malware attack at some of its drive-in outlets may have allowed hackers to access customers’ debit and credit card information, the latest in a string of data breaches.
Sonic’s shares fell 2 percent to $24.73 in afternoon trading. The drive-in chain, which operates across 45 U.S. states, did not disclose how many store payment systems have been affected. Cybersecurity blog KrebsOnSecurity first reported the news last week and added that the activity may have led to millions of stolen credit and debit card numbers being sold in underground exchanges.Read more
For years, cybercriminals have been extorting victims by locking their computers with malware. The hackers promise to give the victim their files back as long as they fork over the cryptocurrency—typically Bitcoin—within the stipulated time limit.
Now, someone has added a new, perverse twist to this tried and tested scheme: demanding naked photographs instead of Bitcoin. Researchers at MalwareHunterTeam, a research group focused on ransomware, spotted the software, called nRansomware on Thursday. The group posted a screenshot of the message that's displayed when a victim gets infected:Read more
It doesn't always happen, but you'll definitely notice the sharp spike in CPU usage when it kicks in. The site tells TorrentFreak that it was testing the feature for about 24 hours as a new way of generating revenue, and that it could eventually be enough to replace ads. In short, don't be surprised if this becomes a mainstay of the site going forward.Read more
Hackers have launched a new phishing campaign against LinkedIn members that uses compromised LinkedIn accounts to send messages with malicious links and downloads to potential victims in an attempt to steal credentials and personal information.
The campaign, first spotted by security researchers at cybersecurity firm Malwarebtyes, makes use of real LinkedIn accounts that have been compromised in order to make the phishing messages sent via LinkedIn’s messaging system appear legitimate. According to Malwarebytes researchers, the attackers have managed to hijack a number of LinkedIn member accounts.Read more
The Emotet trojan is back, this time spreading via Spam bots. Trend Micro researchers first spotted the banking malware using network sniffing to steal data back in 2014 and recently spotted an increase in activity in August 2017 coming from new variants that all had the potential to unleash different types of payloads.
The latest versions were spotted and each had the potential to drop different malicious payloads. Researchers attributed the malware's resurfacing to two main possible reasons first, the authors behind the attacks may be targeting new regions and because and second, because the new variants are using multiple ways to spread.Read more
Vendors relying on Mastercard’s Internet Gateway Service for processing online payments ought to double-check every transaction before they send out items to customers.
There is a critical flaw in the system’s validation protocol and it appears the company is completely ignoring it. Independent security researcher has stumbled upon a glaring flaw in the MIGS protocol that allows hackers to spoof the payment system and trick merchants into accepting invalid transactions as successful. “It can be said that this is a MIGS client bug, but the hashing method chosen by Mastercard allows this to happen,” the researcher explains.Read more
Security researchers have discovered a new targeted email campaign that uses fake Game of Thrones Season 7 spoilers and video clips to lure curious fans and spread malicious malware. Security firm Proofpoint first came across an email on 10 August with a subject line that reads: "Wanna see the Game of Thrones in advance?"
The email features some details of upcoming episodes along with a malware-laced Microsoft Word attachment titled "game of thrones preview.docx" that purportedly lists potential GoT spoilers. Once downloaded and run, the "preview" executes a malicious PowerShell script that installs a diskless "9002" remote access Trojan that has previously been used by Deputy Dog.Read more
A ransomware development kit that doesn't require any coding skills to use is being sold on underground forums. Now, all wannabe cybercriminals need to build their own file-locking malware is an Android phone.
Downloadable from hacking discussion boards for free, the Trojan Development Kit app comes with an easy to use interface that allows criminals to quickly create their own ransomware, according to the researchers. "The entire process of creating a ready-to-use piece of malware is done on a smartphone without any requirement to write a single line of code," said Dinesh Venkatesan, principal threat analysis engineer at Symantec.Read more