Security News

The notorious Emotet malware has turned to deploy a new module designed to siphon credit card information stored in the Chrome web browser. The credit card stealer, which exclusively singles out Chrome, has the ability to exfiltrate the collected information to different remote command-and-control servers, according to enterprise security company Proofpoint, which observed the component on June 6.

Google has a fresh list of reasons why it opposes tech antitrust legislation making its way through Congress but, like others who've expressed discontent, the ad giant's complaints leave out mention of portions of the proposed law that address said gripes. Google VP of engineering for privacy, safety and security Royal Hansen penned Google's latest take on the bill, which he said undermines Google's ability to secure its platforms and protect users.

The Emotet botnet is now attempting to infect potential victims with a credit card stealer module designed to harvest credit card information stored in Google Chrome user profiles. After stealing the credit card info, the malware will send it to command-and-control servers different than the ones the Emotet card stealer module.

Another link discovered by Group-IB downloaded from Google Play, the official Android app store, a fake version of the 'Secure VPN' app, which is still present on Google Play at the time of writing and has just over 10 downloads. The researchers note that the description available for SideWinder's fake Secure VPN app has been copied from the legitimate NordVPN app.

Google has quietly banned deepfake projects on its Colaboratory service, putting an end to the large-scale utilization of the platform's resources for this purpose. Colab is an online computing resource that allows researchers to run Python code directly through the browser while using free computing resources, including GPUs, to power their projects.

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The flaw, which was identified in the Dev channel version of Chrome 101, was reported to Google by Weibo Wang, a security researcher at Singapore cybersecurity company Numen Cyber Labs and has since been quietly fixed by the company.

Two Russian internet service providers have received notices from Google that the global caching servers on their network have been disabled. A caching server is an ISP-bound node for fast serving Google content faster to internet subscribers and maintain high access reliability even during outages.

Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. Last year, Malwarebytes disclosed a campaign wherein malicious actors were observed delivering PHP-based web shells embedded within website favicons to load the skimmer code.

In these attacks, part of three campaigns that started between August and October 2021, the attackers used zero-day exploits targeting Chrome and the Android OS to install Predator spyware implants on fully up-to-date Android devices. The government-backed malicious actors who purchased and used these exploits to infect Android targets with spyware are from Egypt, Armenia, Greece, Madagascar, Côte d'Ivoire, Serbia, Spain, and Indonesia, according to Google's analysis.

“Google Maps Adds Shortcuts through Houses of People Google Knows Aren’t Home Right Now.” Excellent satire.