A popular wallet system for storing the Ethereum Classic cryptocurrency has been hacked, and users are urged to refrain from using the service for now. At about 11pm BST on Thursday 29 June, Classic Ether Wallet was hijacked by a hacker who used social engineering to trick the wallet service's web host into giving them access.
The hacker called German web host 1and1's customer support, pretending to be the owner of the domain. The hacker convinced 1and1 to give them gain access to the site's domain registration, then changed the domain's settings to point the domain at their own hostile server. This means that if the wallet is used to make any transactions, the hacker can steal the coins.
Read moreNo US nuclear power plant has been penetrated in a cyber attack, an industry spokesman said on Saturday, when asked to comment on a US government warning last week about a hacking campaign targeting the sector.
The U.S. Department of Homeland Security and Federal Bureau of Investigation said that nuclear sector was among those targeted in a hacking campaign data back to at least May. Hackers used "phishing" emails to obtain credentials to gain access to networks of their targets. “None of America’s 99 operating nuclear plants have been penetrated by a cyber attack," said a spokesman for industry trade group Nuclear Energy Institute.
Read moreIn May, the WannaCry ransomware virus quickly spread around the world infecting hundreds of thousands of computers and locking their owners out of files. Now, another piece of malware is infecting machines at scale.
A new strain of malicious code dubbed Petya was first spotted encrypting computers in Ukraine before reportedly infecting systems in Spain, Germany, Israel, the UK, Netherlands and the US. It has impacted a number of industries, with governments, shipping firms, a petroleum giant and even the Chernobyl nuclear reactor all reporting instances of Petya. "It's massive," Christiaan Beek, a lead scientist and principal engineer at McAfee, told about the situation in Ukraine.
Read moreHonda Motor Company was forced to halt vehicle production this week after finding WannaCry ransomware in its plant computer network. Its Sayama Plant in northwest Tokyo has a daily output of roughly 1,000 vehicles, ranging from Accord to Odyssey models, but was closed down on Monday after the ransomware was discovered on Sunday 18 June.
While production has today continued, the data breach continues to prove the lasting effects of WannaCry. A spokesperson told the virus had affected networks across Japan, North America, Europe, China and other regions, despite efforts to secure its systems in mid-May when the virus caused widespread.
Read moreThe new-age cyber criminal doesn't need your bank cards or account details to get a cash machine to spit out money. Using malware, they can hack into an Automated Teller Machine and empty it within minutes.
Security agencies have cautioned the banking sector with cases of this new 'ATM breach' - which does not require cloned cards or physically breaking into the hardware - now coming to light in various parts of the country. According to investigators, a Chinese software - Rufus - is being used by criminals to access cash dispensers and loot money. Instances have been reported in Odisha, West Bengal, Bihar and Gujarat.
Read moreResearchers at PhishLabs recently spotted a trend emerging in malicious websites presented to customers: mobile-focused phishing attacks that attempt to conceal the true domain they were served from by padding the subdomain address with enough hyphens to push the actual source of the page outside the address box on mobile browsers.
"The tactic we're seeing is a tactic for phishing specifically mobile devices," said Crane Hassold, a senior security threat researcher at PhishLabs’ Research. Hassold called the tactic "URL padding," the front-loading of the Web address of a malicious webpage with the address of a legitimate website.
Read moreCybercriminals once again upped the ante with what is advertised as the "most sophisticated Mac spyware ever” to show users no one is safe with the latest malware targeting Mac OS systems. Dubbed, MacSpy, AlienVault researchers spotted one of the first seen malware-as-a-service designed for the OSX platform, according to a June 9 blog post.
At the low price of free, the malware packs quite a bang for the buck with a list of features that claim to offer no digital trace of the threat actor, screen capture, key logging, iCloud syncing, be invisible to the victim, continuous voice recording, pasteboard, and browser data retrieval services.
Read moreSometimes, it's not external hackers that pose a threat to your privacy -- it's people in the supply chain hoping to make some cash on the side. Police in China's Zhejiang province have arrested 22 (apparently third-party) Apple distributors for allegedly selling iPhone user data.
Officials say the workers searched an internal Apple database for sensitive info, such as Apple IDs and phone numbers, and peddled it on the black market for between $1.50 to $26. All told, the distributors reportedly raked in about $7.36 million, before authorities stepped in. It's not clear how many people are affected by the bootleg sales, or how many of the victims live outside of China.
Read moreA lot of ads on the Internet promote easy ways to earn money. They tend to lead to fishy places — say, a post from an alleged mother of three who stays at home, earning several thousand dollars a day, and says you can do the same.
But there are other ways to earn some easy money, too, that may seem much more plausible. For example, some services offer to pay you for installing apps. The money amounts to pocket change, but the work is pretty effortless. This kind of scheme is especially popular among children — install 50 apps and get a $2.50 to buy some gear for your favorite character in an online game.
Read moreA newly discovered malware infection is masquerading in the form of a Microsoft PowerPoint file which downloads the infection as soon as users hover over a link. The file is sent as an attachment through email to victims.
The attachment may sometimes even contain zip files, which when extracted show the PowerPoint files. While PowerPoint files are written as PPTX, this file that comes attached in the mail reads as PPSX. The file format is identical to PowerPoint files but they enter the PowerPoint presentation view directly when opened. On opening a blank page, there is a message written in bright blue font saying, "Loading Please Wait" which is the malicious link.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland