Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims’ bank accounts.
Unlike other variants of banking malware that bank of overlay attacks to capture sensitive data without the knowledge of the victim, the malicious applications uncovered by Check Point Research are designed to trick the targets into handing over their credit card information by sending them a legitimate-looking SMS message that contains a link, which, when clicked, downloads a malicious app on to their devices.
The European Cybercrime Centre has again acted against credit card fraud and is poised to reveal success on a similar scale to its 2020 campaign that prevented €40 million of losses.
Jorge Rosal Cosano, a team leader at the European Cybercrime Centre (EC3), today told CyberCrimeCon 21 – an event convened by threat-hunting and security software company Group-IB – that 2021 has seen an increase in denial-of-service attacks accompanied by ransom demands. Another very 2021 attack is phishing that fakes messages from parcel delivery firms.
Credit card fraud has also persisted, with crims conducting ongoing campaigns to acquire card numbers and use them to make unauthorised purchases. Cosano related how EC3 resolved to reduce the impact of carding by trying to find card numbers before they’re used so the Centre can inform banks and victims as soon as possible.
Organizations across industries are increasingly concerned about their cybersecurity posture and overall ransomware preparedness – and rightfully so – with the 64% increase in attacks from 2019 to 2020 (304 million attacks worldwide in 2020). We have also seen a 2x increase in demand for ransomware preparedness assessments and exercises.
However, one of the biggest hurdles for cybersecurity practitioners to respond to ransomware is creating a response plan for the full life cycle of a ransomware attack. This should include the identity, protection, detection, response and recovery stages.
Security practitioners should work with the organization’s C-level executives to answer questions and develop a ransomware protection plan. Consider how ransomware is prevented and detected in addition to how your organization would respond.
FindInfoQuickly is a potentially unwanted application that is typically installed as a browser extension on Google Chrome, MS Edge, or Mozilla Firefox web browser. Due to its ability to manipulate the browser, it has been assigned to the browser hijacker category, which is a type of PUP.
In most cases, users do not install the app intentionally but are instead are tricked into doing so. There are plenty of ways how this can happen, although the most prominent distribution method is software bundling, which is commonly used by applications of this type. Third-party websites are especially interested in promoting programs that sometimes might not be very trustworthy, so it is important to pay attention to the installation process of freeware thoroughly.
A sixth member associated with an international hacking group known as The Community has been sentenced in connection with a multimillion-dollar SIM swapping conspiracy, the U.S. Department of Justice (DoJ) said.
Garrett Endicott, 22, from the U.S. state of Missouri, who pleaded guilty to charges of wire fraud and aggravated identity theft following an indictment in 2019, was sentenced to 10 months in prison and ordered to pay an amount totaling $121,549.37 in restitution.
A state-sponsored hacking group, WIRTE has been active since at least 2019 that targets high-profile public and private entities in the Middle East using weaponized MS Excel 4.0 macros as droppers.
The cyber security researchers at Kaspersky have closely investigated the following things to know the motives of WIRTE:-
But, after analyzing the above things they have concluded that the motives of WIRTE are still not clear, but, it has been reported that with the Gaza Cybergang threat actors WIRTE group has some links.