Security News
Several adware apps promoted aggressively on Facebook as system cleaners and optimizers for Android devices are counting millions of installations on Google Play store. To evade deletion, the apps hide on the victim's device by constantly changing icons and names, masquerading as Settings or the Play Store itself.
A malicious browser extension with 350 variants is masquerading as a Google Translate add-on as part of an adware campaign targeting Russian users of Google Chrome, Opera, and Mozilla Firefox browsers. Mobile security firm Zimperium dubbed the malware family ABCsoup, stating the "Extensions are installed onto a victim's machine via a Windows-based executable, bypassing most endpoint security solutions, along with the security controls found in the official extension stores."
Threat actors have launched a new marketplace called Industrial Spy that sells stolen data from breached companies, as well as offering free stolen data to its members. While stolen data marketplaces are not new, instead of extorting companies and scaring them with GDPR fines, Industrial Spy promotes itself as a marketplace where businesses can purchase their competitors' data to gain access to trade secrets, manufacturing diagrams, accounting reports, and client databases.
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021. "The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
UK-headquartered Kape Technologies announced on Monday it has acquired ExpressVPN in a $936m cash and stocks deal, a move it claims will double its customer base to at least six million. In a canned statement, Kape said combining the two companies would "Create a premium consumer privacy and security player," and that the acquisition "Further positions Kape to define the next generation of privacy and security protection tools and services to return greater control over the digital sphere to consumers."
Their most recent socially engineered messages try to convince users to download their fake version of TikTok by saying the app, which is banned in India, is now available, the report found. Threat actors blast out an SMS or WhatsApp message to numbers on the Jio network with the phishing lure message and a link to take advantage of the fraudulent offer, the report showed.
In its' Mobile Malware Evolution 2020, Kaspersky documents the current mobile threat landscape and identifies 2021 mobile security trends. "We saw a decrease in the number of attacks in the first half of the year, which can be attributed to the confusion of the first months of the pandemic," wrote Victor Chebyshev, a mobile security researcher at Kaspersky and author of the report.
Apple has inadvertently given the thumbs up to six new malware variants, according to researchers at Mac security solutions provider Intego. Application developers have the possibility to submit their software to Apple for scanning purposes and have it automatically notarized if deemed malware-free.
A recently identified adware campaign targeting macOS users is leveraging malicious code that has received Apple's approval. The approval, or notarization, as Apple calls it, is an automated process through which software is scanned before reaching macOS users, to ensure that it does not include malicious code.
Apple accidentally approved one of the most popular Mac malware threats - OSX.Shlayer - as part of its security notarization process. Security researchers Peter Dantini and Patrick Wardle recently discovered that Apple inadvertently notarized malicious payloads that were utilized in a recent adware campaign.