Till now ransomware is known for encrypting data and forcing victim to pay ransom. But a new ransomware has been detected by security expert which is designed to steal PayPal credentials. However the ransomware is in development stage but according to report it is very effective. Where other ransomware provides ransom note to victims and want them to complete ransom by paying Bitcoins, this ransomware provide option to complete ransom via PayPal. Such attacks show how the cyber criminals are updating with the changing year. The main motive of this scam is to gain access of user’s login and password for PayPal account and then steal the credentials stored in it.
Hackers always find new illegitimate ways to generate money and recently they targeted Electrum bitcoin wallet to do that. As reported in a security report, hackers has made more than 250 Bitcoin which is equal to about one million dollar. They have earned such a huge amount after the phishing attack on the bitcoin wallet. However, Electrum is considered as a safest bitcoin wallet but it is also targeted by criminals which show how sophisticated they are. The vulnerability of this bitcoin wallet is still unpatched and according to expert the attackers can take up the attack again with the help of a new repository. The clever attack was initiated in such a way that most wallet user’s can’t detect the evil trick.
Facebook has always been on target by cyber criminals. Specially in the year 2018 this social media platform suffers from several security breaches. Recently a Polish security analyst has reported about Clickjacking bug which can affect the Facebook mobile version sharing dialog feature. However the vulnerability doesn’t affect desktop version of Facebook. According to the researcher’s report, using this vulnerability cyber criminals can develop a nasty Facebook worm. Report further state that the flaw has been abused by the group of hackers in real time attack which distributes spam. The hacker group behind this scam use to post a link on Facebook walls of targeted users. Researcher want that Facebook must take the problems seriously and should fix it immediately.
Cyber criminals are becoming sophisticated and CVE-2018-8611 exploit is a big example of it. A vulnerability in the Windows OS was detected in October 2018 and reported to the Microsoft. Taking action, the giant company fixed this vulnerability immediately but it is again exploited by threat actors. According to a recent security report, the flaw in ntoskrnl.exe is being used in some malicious campaign. Report also reveal that the vulnerability mostly target African and Middle east countries. To gain privileges of CVE-2018-8611 the cyber offenders first infect the targeted computer. Using this security flaw the cyber crooks can get complete remote access over their target and execute every malicious and illegitimate process which they want.
Cyber crime is on rise and Black Friday 2018 is one of the latest cyber offense. However Black Friday is considered as an opportunity user’s can grab deal but it also give a chance to cyber crooks to steal personal data. According to security report, there are numerous of Black Friday websites and apps are ready to steal collect personal data as well as credit card information of customers. These bogus website and apps attract customers by providing number of interesting deals like limited time offer, minimum price, prize on shopping and more. Many customer can’t ignore these attracting deals and falls victim of such fraud. As published by a security firm, lots of Black Friday apps and websites were found malicious.
The infamous Magecart Malware which is behind the British Airways and Ticketmaster breaches is now targeting e-retail sites. It is one of the most aggressive malware campaign detected by cyber security researcher which has infected thousands of Magento stores in September. As revealed by security reports, the malware comes as plug-in for websites. The plug-in is known as Shopper Approved which is used by numerous e-commerce sites. The infected plug-ins allow the cyber criminals behind this malware campaign to receive the bank card data which is entered in the web-pages. The malware was first spotted in 2015 and it has already involved in high-profile and sophisticated attack. According to expert the malware campaign is going to get worse if not controlled soon.
Recently, security experts has observed DanaBot Malware targeting bank located in US. The malware was first discovered at May 2018 and at that time it has been reported to target banks of Australia and Europe. According to a security report, this malware is a kind of modular Trojan which is written in Delphi. The one and only objective of cyber criminals behind this nasty malware is to make profit by gathering banking details of victim. Research also reveal that attackers behind this malware are spreading it continuously using different strategies. Social engineering technique and spam email campaign are the most used ways through which it is distributed. Expert suspect that this campaign is run by the same attacker who were behind the infamous Panda banking Trojan.
New form of malware continuously arise and the Xbash is one of them. Destructive capabilities of this latest threat has put cyber security analysts in worry. According to a report on malware, this threat is among those dangerous threat who arise their head in year 2018. the malware is written in Python language and it has various malicious capabilities. Crypto-mining threat and ransomware are considered as most devastating threat, but what if you come to know that this malware has inimical capabilities of both threat? Yes, it is true and this malware will make your PC part of its Botnet to execute malicious activities. Not only Windows, Xbash is also capable to target Linux server too.
Cyber security has always been on target of cyber criminals and according to a security report this time they have updated an old vulnerability. Denial of service (DoS) is a kind of vulnerability for the older versions of Windows operating system. As reported by cyber security analyst report, this vulnerability is known as FragmentSmack which is very similar to SegmentSmack, a vulnerability of Linux system. Recently Microsoft has published an advisory and alert user’s about a denial-of-service flaw which may attack multiple versions of Windows system and leave them unresponsive. According to the advisory the flaw has attacked almost all the version between Windows 7 to 10. This vulnerability is also known as CVE-2018-5391 and if you are a Windows user then it is not good news for you.
Recently, cyber security researchers has observed as new variant of Mirai Botnet targeting IoT (Internet of Things) devices. According to the security reports, the malware is running its campaign globally and it is capable to target individual PC users as well as IoT service devices. Because of its effectiveness it has been considered as one of the most successful and popular toll for cyber criminals. As published by a cyber security researcher, creating latest variant of Mirai malware is a profitable business for hackers because there are different kind of IoT device has some vulnerabilities which become easy target in such attack.