Security News

TeaBot Trojan Targets Banks via Hijacked Android Handsets
2021-05-12 12:41

Researchers have discovered an Android trojan that can steal victims' SMS messages and credentials and completely take over devices. Once installed on a victim's device, attackers can use the trojan to obtain a live streaming of the device screen on demand and also interact with it via Accessibility Services, according to a report posted online by online fraud-management firm Cleafy about the trojan, which is also tracked by the name "Anatsa."

Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs
2021-04-26 00:33

Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a supply chain attack. "Manual Upgrades of Passwordstate are not compromised. Affected customers password records may have been harvested."

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report
2021-02-22 21:07

New research has found evidence that a Chinese-affiliated threat group has hijacked a hacking tool previously used by the Equation Group. "Although we don't show any conclusive evidence that there is there any connection between China and the ShadowBrokers, we do show conclusive evidence that this Chinese group had in their possession a tool that was made by Equation Group, and not only that they had this tool, but they also repurposed it and used it, probably to attack many targets, including American targets," Yaniv Balmas, head of cyber research with Check Point Software, said.

Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign
2021-02-17 21:39

Cryptocurrency-mining malware, called WatchDog, has been running under the radar for more than two years - in what researchers call one of the largest and longest-lasting Monero cryptojacking attacks to date. Thus far, attackers have hijacked at least 476 Windows and Linux devices, in order to abuse their system resources for mining Monero cryptocurrency.

Hijacked Perl.com Domain Hosted on IP Address Linked to Malicious Activity
2021-02-01 09:50

The Perl.com domain, which since 1997 had been serving articles about Perl programming, was hijacked last week. The Perl Foundation announced last week that the domain was hijacked, warning users to steer clear of Perl.com, due to possible connections to sites associated with malware distribution.

FBI Warn Hackers are Using Hijacked Home Security Devices for ‘Swatting’
2020-12-30 21:42

By accessing a targeted home security device an attacker can initiate a call for help to authorities and watch remotely as the swat occurs. The FBI points out that by initiating a call for help from the actual security device lends authenticity and anonymity to the hacker.

No, the creator of cURL didn't morph into Elon Musk and give away Bitcoins. But his hijacked Twitter page tried to
2020-11-18 06:26

The creator of cURL reassured The Reg on Tuesday that he's not a billionaire rocket man giving away Bitcoins, no matter what his Twitter account claimed. Daniel Stenberg, who maintains the widely used Swiss army-knife of network data transfer tools, had his verified Twitter account hijacked by person or persons unknown, its name and avatar was changed to that of Elon Musk's, and it was used to peddle a Bitcoin scam.

Imagine running a dating app and being told accounts could be easily hijacked. How did that feel, Grindr?
2020-10-03 09:08

LGBTQ dating site Grindr has squashed a security bug in its website that could have been trivially exploited to hijack anyone's profile using just the victim's email address. French bug-finder Wassime Bouimadaghene spotted that when you go to the app's website and attempt to reset an account's password using its email address, the site responds with a page that tells you to check your inbox for a link to reset your login details - and, crucially, that response contained a hidden token.

Accounts of Reddit Moderators Hijacked in Pro-Trump Hack
2020-08-10 10:48

Multiple Reddit moderator accounts have been compromised and abused to post pro-Trump messages on a variety of subreddits. The hackers appear to have targeted moderator accounts that did not have two-factor authentication enabled, and leveraged their rights to modify subreddits or even remove moderator accounts that had fewer rights.

Week in review: Counterfeit Cisco switches, hijacked Twitter accounts, vulnerable SAP applications
2020-07-19 09:00

Critical flaw gives attackers control of vulnerable SAP business applicationsSAP has issued patches to fix a critical vulnerability that can lead to total compromise of vulnerable SAP installations by a remote, unauthenticated attacker. Investigation highlights the dangers of using counterfeit Cisco switchesAn investigation, which concluded that counterfeit network switches were designed to bypass processes that authenticate system components, illustrates the security challenges posed by counterfeit hardware.