TweakTown NewsRefine News by Category:
The "Coinkrypt" malware is making its rounds, infecting Google Android devices, letting cybercriminals mine Litecoin, Casinocoin and Dogecoin courtesy of hijacked devices.
Most malware today is designed to either steal information or create some type of financial incentive for criminals - and Coinkrypt follows that same strategy, but with a rather unique twist.
Although it isn't prevalent at the moment, security researchers want users to be aware of the potential ramifications if they are infected - including potentially causing batteries to drain faster - or eventually leads to overheating.
"While mining as a strategy hasn't paid off for these malware authors, as these digital currencies continue to grow, we predict that the number of new malware families targeting them will also continue to grow as malware authors experiment with various different strategies in their desire to cash in," a blog by security firm Lookout indicates.
The legal woes for popular retailer Target continue to mount, with Green Bank NA and Trustmark National Bank filing a class-action lawsuit, accusing the company of not properly securing customer data. Also named in the suit was Trustwave Holdings, a company specializing in credit card security services, with other complaints likely in the immediate future.
Target outsourced data security operations to Trustwave, and "failed to live up to its promises or to meet industry standards," the suit claims.
Target already faces numerous class-action lawsuits from customers affected by the data breach, so this will only further rack up the legal fees. In addition, disclosures indicating Target may have known about a potential security breach - and ignored numerous security warnings from internal IT - will add fuel to the fire.
Target was the biggest breach, but other retailers have been hit with various types of malware, targeting point-of-sale registers, online stores, and company records.
The Bennington Area Chamber of Commerce recently suffered a major annoyance after needing to spend $5,000 to upgrade PCs, servers and HDDs that were crippled by the Cryptolocker ransomware.
The chamber wanted to pay the ransom but suffered a power failure, losing the connection with the Cryptolocker cybercriminals.
"We had to replace our entire computer system because of it," said Joann Erenhouse, Bennington Area Chamber of Commerce director, in a statement to local media. "Right now we are just about up and running."
Similar to other forms of malware, users are the first line of defense, but tend to be too fast to read emails and open attachments from unknown sources.
Cryptolocker is an especially tricky piece of ransomware, with infected users typically forced to pay the ransom - or restore from what hopefully was a recent backup. Almost 40 percent of affected companies choose to pay the ransom, which is typically pay $500-$750 - or face having files permanently encrypted.
In a double whammy, the Fareit Trojan targeting Microsoft Windows PCs also has been found to spread the Cribit ransomware, as security researchers transition to defend against sophisticated cyber threats.
There are two versions of Cribit in the wild - one version encrypts files on the infected PC and shows an English ransom, while the other version has messages also available in Chinese, French, Arabic and Spanish, researchers note.
"After all, cybercriminals are after one goal: to get a person's money," said Christopher Budd, Trend Micro threat communications manager, in a statement to SC Magazine. "Returning/decrypting a victim's files won't certainly be a priority or major concern for these people. Additionally, paying the ransom may encourage and help expand the operations of cybercriminals."
Cybercriminals are gladly enjoying the use of sophisticated malware to compromise devices, in an effort to steal information - and now to demand monetary payments for releasing a computer from malicious and disruptive software.
The Ethiopian national government is using foreign technology to compromise PCs and phones of political opponents, according to a recent study released by the Human Rights Watch (HWR). Not surprisingly, government officials disregarded the security report, saying it's just a smear campaign, with growing concern of government oppression.
The hardware used to carry out cyber surveillance originally stemmed from China, Italy, Germany, and the United Kingdom, the report states. To make matters worse, all phone and Internet access within the country's borders are provided through a single company, which is state-owned.
"Repressive measures aimed at restricting freedom of expression and association, as well as access to information, have increased since the controversial 2005 elections," the report states. "These measures include the harassment, arbitrary detention, and prosecution of opposition leaders, journalists, and activists."
The report also makes independent recommendations to the Ethiopian government, international companies operating in the African country, foreign national governments, and the World Bank.
Security company Avast Software today launched its GrimeFighter PC cleanup tool, designed to help boost PC performance.
GrimeFighter boots into Linux to better detect and remove problems that aren't as easily noticeable with Microsoft Windows running. The software is a standalone product available now, with the Avast website offering a free scan.
"Most PC-cleanup utilities don't really improve performance - some actually slow down PCs," said Vince Steckler, Avast CEO, in a press statement. "Since they run in Windows, they are unlikely to find problems with files and registry entries that are locked, protected, or otherwise hidden. Ironically those are the ones most often robbing users of performance and stability. With avast! GrimeFighter, we didn't want to introduce another me-too product - we wanted to eliminate the problem of slow PCs."
There are a handful of legitimate and free PC optimization tools - but AVAST is a well-known, reputable company - and GrimeFighter's ability to build a cloud-based threat intelligence database further improves dependability.
In a growing effort to defend against cyberattacks, global alliances between nations with same political influences are carving out curious battle lines.
"It is true that allies need to share military intelligence to counter threats posed by North Korea in light of its nuclear test and missile launches,"said Kim Min-seok, South Korea defense ministry spokesperson, during a preference conference. "Although working-level officials had considered the memorandum of understanding as one idea, the move is currently not under way as the situation is not yet ripe for that."
North Korea also has a blossoming cyberattack program, focusing mostly on targeting South Korea and Japan.
Both South Korea and Japan face growing political tensions from China and North Korea - and while most of the attention is rightfully on physical military force - all four countries must defend against cyberattacks from foreign sources.
The recent Google Android bug discovered by security researcher Ibrahim Balic reveals a common technique could compromise the popular OS due to memory corruption - resulting in the device crashing.
In extreme cases, it appears memory code corruption vulnerability could be boosted and lead to arbitrary code execution, with users at risk of operating a rooted device.
"Although it's true that this vulnerability is capable of crashing Android mobile devices, it's important to point out that at this time there are no known instances or infections of this particular vulnerability 'in the wild,'" said Ryan Smith, Mojave Networks Lead Threat Engineer, in a statement. "Mobile malware distributors are typically motivated by money and information, and are therefore unlikely to use their established distribution channels to disseminate malware an app that simply crashes the device and doesn't gain them anything."
Even so, it's frightening the large amount of malware targeted towards Android devices - and security experts recommend using anti-malware and anti-virus software at the very least.
The leader of the Appbucket group, which was responsible for trafficking pirated Google Android apps, has pleaded guilty to one count of conspiring to commit criminal copyright infringement.
Nicholas Anthony Narbone from Florida pleaded guilty, while co-conspirator Thomas Allen Dye from Florida pleaded guilty earlier this month. Both Narbone and Dye will be sentenced in July, while two others have court dates scheduled for April.
"These men trampled on the intellectual property rights of others when they and other members of the Appbucket Group distributed more than one million copies of pirated apps," said David O'Neil, Justice Department attorney general, in a statement. "These mark the first convictions secured by the Justice Department against those who illegally distribute counterfeit mobile apps."
The group shared more than 1 million copies of pirated apps worth more than $700,000 before being shut down.
The steady popularity of smartphones and tablets has led to a rush to steal apps - and either distribute them freely - or offer them for sale.
Companies need to be aware of so-called "password fatigue" and create easier-to-use password-protected system access, as employees are in a rush to get work done, according to a study released by the National Institute of Standards and Technology (NIST).
Employees are more inclined to remember a single password, even if it's longer and more complex, as opposed to needing multiple passwords for each account. This behavior could lead to potential security issues, so password managers or some other type of authentication could be utilized instead.
"'Password fatigue' is, in fact, a very common problem," the study states. Expecting users to simply adapt to an excessive authentication workload is not realistic. But from the user's perspective, what is excessive? In any case, if our participants' coping and avoidance strategies are any indication, the ways in which users adapt may not be desirable from an organizational perspective. Rather than trying to force users to adapt to authentication, organizations, security experts, developers, and engineers must find ways to make authentication adapt to users - in other words, to make it more usable."