Security News
Google is officially buying cybersecurity company Mandiant in an all-cash deal approximately valued at $5.4 billion, the two technology firms announced Tuesday. Mandiant is expected to be folded into Google Cloud upon the closure of the acquisition, which is slated to happen later this year, adding to the latter's growing portfolio of security offerings such as BeyondCorp Enterprise, VirusTotal, and Chronicle.
The threat actor behind a nascent Android banking trojan named SharkBot has managed to evade Google Play Store security barriers by masquerading as an antivirus app. Where SharkBot stands apart is in its ability to carry out the unauthorized transactions via Automatic Transfer Systems, which stands in contrast to TeaBot, which requires a live operator to interact with the infected devices to conduct the malicious activities.
An Android banking trojan designed to steal credentials and SMS messages has been observed sneaking past Google Play Store protections to target users of more than 400 banking and financial apps from Russia, China, and the U.S. "TeaBot RAT capabilities are achieved via the device screen's live streaming plus the abuse of Accessibility Services for remote interaction and key-logging," Cleafy researchers said in a report. Also known by the name Anatsa, TeaBot first emerged in May 2021, camouflaging its malicious functions by posing as seemingly innocuous PDF document and QR code scanner apps that are distributed via the official Google Play Store instead of third-party apps stores or via fraudulent websites.
SharkBot banking malware has infiltrated the Google Play Store, the official Android app repository, posing as an antivirus with system cleaning capabilities. SharkBot was discovered in Google Play by researchers at the NCC Group, who today published a detailed technical analysis of the malware.
Roskomnadzor, Russia's telecommunications watchdog, asked Google to stop advertising campaigns spreading misinformation about Russia's invasion of Ukraine on YouTube videos. "Roskomnadzor sent a letter to Google LLC with a demand to immediately stop disseminating false information of a political nature about the special operation of the Russian Armed Forces in Ukraine on the territory of Russia," the internet watchdog explained.
The TeaBot banking trojan - also known as "Anatsa" - has been spotted on the Google Play store, researchers from Cleafy have discovered. Hank Schless, senior manager of security solutions at Lookout, explained via email that attackers "Usually stick to utility apps like QR code scanners, flashlights, photo filters, or PDF scanners because these are apps that people download out of necessity and likely won't put as much time into looking at reviews that might impact their decision to download.".
The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices. The trojanized apps include the promised functionality, so user reviews on the Play Store are positive.
A large-scale campaign involving over 200 phishing and scam sites has tricked users into giving their personal data to fake investments schemes impersonating genuine brands. The fraudulent operation relies upon the abuse of Google Ads and SEO to draw victims to hundreds of fake websites targeting the Indian audience.
Microsoft announced today that Microsoft Defender for Cloud now also comes with native protection for Google Cloud Platform environments, providing security recommendations and threat detection across clouds. Defender for Cloud is a security solution that monitors cloud services for threats, makes recommendations to harden security posture, and detects and warns of vulnerabilities in protected multi-cloud and hybrid environments.
Microsoft, Apple and Google top the list of the most spoofed brands in 2021. Microsoft, Apple and Google were the top three brands criminals attempted to mimic in 2021, according to IBM's newly released X-Force Threat Intelligence Index.