Connect with us

Security

Hackers are targeting other hackers by infecting their tools with malware

Published

on

A newly discovered malware campaign suggests that hackers have themselves become the targets of other hackers, who are infecting and repackaging popular hacking tools with malware.

Cybereason’s  Amit Serper found that the attackers in this years-long campaign are taking existing hacking tools — some of which are designed to exfiltrate data from a database through to cracks and product key generators that unlock full versions of trial software — and injecting a powerful remote-access trojan. When the tools are opened, the hackers gain full access to the target’s computer.

Serper said the attackers are “baiting” other hackers by posting the repackaged tools on hacking forums.

But it’s not just a case of hackers targeting other hackers, Serper told TechCrunch. These maliciously repackaged tools are not only opening a backdoor to the hacker’s systems, but also any system that the hacker has already breached.

“If hackers are targeting you or your business and they are using these trojanized tools it means that whoever is hacking the hackers will have access to your assets as well,” Serper said.

That includes offensive security researchers working on red team engagements, he said.

Serper found that these as-yet-unknown attackers are injecting and repackaging the hacking tools with njRat, a powerful trojan, which gives the attacker full access to the target’s desktop, including files, passwords, and even access to their webcam and microphone. The trojan dates back to at least 2013 when it was used frequently against targets in the Middle East. njRat often spreads through phishing emails and infected flash drives, but more recently hackers have injected the malware on dormant or insecure websites in an effort to evade detection. In 2017, hackers used this same tactic to host malware on the website for the so-called Islamic State’s propaganda unit.

Serper found the attackers were using that same website-hacking technique to host njRat in this most recent campaign.

According to his findings, the attackers compromised several websites — unbeknownst to their owners — to host hundreds of njRat malware samples, as well as the infrastructure used by the attackers to command and control the malware. Serper said that the process of injecting the njRat trojan into the hacking tools occurs almost daily and may be automated, suggesting that the attacks are run largely without direct human interaction.

It’s unclear for what reason this campaign exists or who is behind it.

Source: https://techcrunch.com/2020/03/09/hacking-the-hackers/

Continue Reading
Advertisement
1 Comment

1 Comment

  1. online zarada

    March 11, 2020 at 11:38 am

    What’s up tߋ every single օne, it’s actually a nice for
    me to goo tο sеe this ԝeb sіte, іt contains preciouѕ Information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Be vigilant about performing ‘security hygiene’ during coronavirus threat

Published

on

By

Consumers should seek out information based on science and not just personal testimonies.

Many of the news stories discussing the global outbreak of the COVID-19 virus rightly stress the importance of practicing protective measures such as vigorous hand washing and avoiding crowded events. Authorities roundly agree that proper hygiene and adherence to your national health authorities such as the CDC is critical to containing the spread of the deadly virus.

Meanwhile, the coronavirus scare is posing other risks – some directly, others indirectly related to COVID-19. Consumers hell-bent on gathering the latest information about virus-protection techniques are being warned about phishing scams that prey on their fears. Workers holed up in home offices face ongoing threats from hackers looking to poke holes in the patchwork of home and workplace security defenses.

“It’s always important to keep our guards up, to protect ourselves against security threats,” said Martin Hron, senior researcher at Avast. “Just like we need to pay attention to our own hygiene during times like these, we should maintain a high level of security hygiene to ensure we’re keeping our risk levels low.”

Virus-related scams are on the rise. State attorneys general have put out notices to watch for illegitimate investment schemes and websites advertising coronavirus “miracle products” or vaccines. Consumers should seek out information based on science and not just personal testimonies.

Earlier this month, the World Health Organization (WHO) issued a warning about phishing emails being sent by hackers posing as WHO representatives. The agency is getting regular reports of coronavirus-related phishing attempts.

The Secret Service recently issued a warning about phishing scam from people purporting to be from a medical organization offering information regarding the virus. Clicking on a link could infect your computer. The agency called the coronavirus outbreak “a prime opportunity for enterprising  criminals because it plays on the basic human conditions … fear.”

As more regions declare states of emergency in response to the coronavirus, workers that haven’t spent time working remotely suddenly have to reacquaint themselves with VPNs and document-sharing tools. Corporate remote-work rules can – and should – be stringent. Workers should review key practices with IT before embarking on long, and perhaps open-ended, remote periods.

Other corporate security measures could include the following:

  • Arm employees with a list of phone numbers, so they can reach out to a human from their IT team or other responsible person in case they have any IT issues.
  • Inform employees of the hardware, software, and services they can utilize that are not company issued, but could help to connect and share files with colleagues during the special circumstances.
  • Lay ground rules for employees when it comes to using personal hardware while working from home, such as printers.
  • Enforce two-factor authentication wherever possible to add an extra layer of protection to accounts.
  • Make sure employees have limited access rights and can only connect to the services they need for their specific tasks, rather than giving employees access to the entire corporate network.

Other potential risks tie back to actual hygiene itself. Workers operating remotely in regions affected by the coronavirus have been trained to scrub their hands and cover their mouths to stop the spread of disease. But are they paying the same attention to their technology devices themselves? Phones, laptops, tablets and IT remotes can transmit viruses if they’re not properly wiped down.

“We have to be vigilant, to be sure we’re protecting ourselves in every facet of our lives,” Hron said.

Source: https://blog.avast.com/security-hygiene-during-coronavirus-threat-avast

Continue Reading

Security

IOS 13 PRIVACY VIOLATION: APPS READ YOUR COPY-PASTE DATA

Published

on

By

It seems that dozens of hugely popular iOS apps have a bad habit: they read the copy-paste data without your consent, even if you only use them in other applications. It seems little stuff but it is not: the copy-paste in fact could include credit card numbers, passwords and other sensitive data.

A recent security research reveals an unhealthy habit of some pretty popular apps. TikTok, Reuters, The Wall Street Journal, Fruit Ninja, Viber, Hotels.com, Plants vs. Zombies Heroes and many others are reading the contents of the copy-paste (also called “clipboard”) every time they are opened, and even if the content is not intended for them. Indeed, some would not even provide the functionality of paste, but they grab it anyway.

This is a possibility provided by the operating system which allows you to switch information from one app to another; but it would be good to access this information only when the user gives a precise command, otherwise it is a clear violation. It’s as if a secretary secretly reads the notes in his employer’s desk drawer. Technically nothing prevents him, given that he has full access to the office, but still remains a betrayal of mutual trust.

Finally, to underline that, if you have Universal Clipboard activated, these apps can also automatically read the data you copy and paste on your Mac.

Here is the complete list of apps that snoop on the pasteboard every time the app is opened. The apps are listed alphabetically

News

  • ABC News — com.abcnews.ABCNews
  • Al Jazeera English — ajenglishiphone
  • CBC News — ca.cbc.CBCNews
  • CBS News — com.H443NM7F8H.CBSNews
  • CNBC — com.nbcuni.cnbc.cnbcrtipad
  • Fox News — com.foxnews.foxnews
  • News Break — com.particlenews.newsbreak
  • New York Times — com.nytimes.NYTimes
  • NPR — org.npr.nprnews
  • ntv Nachrichten — de.n-tv.n-tvmobil
  • Reuters — com.thomsonreuters.Reuters
  • Russia Today — com.rt.RTNewsEnglish
  • Stern Nachrichten — de.grunerundjahr.sternneu
  • The Economist — com.economist.lamarr
  • The Huffington Post — com.huffingtonpost.HuffingtonPost
  • The Wall Street Journal — com.dowjones.WSJ.ipad
  • Vice News — com.vice.news.VICE-News

Games

  • 8 Ball Pool™ — com.miniclip.8ballpoolmult
  • AMAZE!!! — com.amaze.game
  • Bejeweled — com.ea.ios.bejeweledskies
  • Block Puzzle — Game.BlockPuzzle
  • Classic Bejeweled  com.popcap.ios.Bej3
  • Classic Bejeweled HD — com.popcap.ios.Bej3HD
  • FlipTheGun — com.playgendary.flipgun
  • Fruit Ninja — com.halfbrick.FruitNinjaLite
  • Golfmasters — com.playgendary.sportmasterstwo
  • Letter Soup — com.candywriter.apollo7
  • Love Nikki — com.elex.nikki
  • My Emma — com.crazylabs.myemma
  • Plants vs. Zombies™ Heroes — com.ea.ios.pvzheroes
  • Pooking – Billiards City — com.pool.club.billiards.city
  • PUBG Mobile — com.tencent.ig
  • Tomb of the Mask — com.happymagenta.fromcore
  • Tomb of the Mask: Color — com.happymagenta.totm2
  • Total Party Kill — com.adventureislands.totalpartykill
  • Watermarbling — com.hydro.dipping

Social Networking

  • TikTok — com.zhiliaoapp.musically
  • ToTalk — totalk.gofeiyu.com
  • Tok — com.SimpleDate.Tok
  • Truecaller — com.truesoftware.TrueCallerOther
  • Viber — com.viber
  • Weibo — com.sina.weibo
  • Zoosk — com.zoosk.Zoosk

Other

  • 10% Happier: Meditation —com.changecollective.tenpercenthappier
  • 5-0 Radio Police Scanner — com.smartestapple.50radiofree
  • Accuweather — com.yourcompany.TestWithCustomTabs
  • AliExpress Shopping App — com.alibaba.iAliexpress
  • Bed Bath & Beyond — com.digby.bedbathbeyond
  • Dazn — com.dazn.theApp
  • Hotels.com — com.hotels.HotelsNearMe
  • Hotel Tonight — com.hoteltonight.prod
  • Overstock — com.overstock.app
  • Pigment – Adult Coloring Book — com.pixite.pigment
  • Recolor Coloring Book to Color — com.sumoing.ReColor
  • Sky Ticket — de.sky.skyonline
  • The Weather Network — com.theweathernetwork.weathereyeiphone

Source: https://www.gizchina.com/2020/03/16/ios-13-privacy-violation-apps-read-your-copy-paste-data/

Continue Reading

Security

5 Methods Hackers Use To Hack Your Bank Accounts

Published

on

By

Nothing is really safe in this digital world. Every other day, we read about hacking attempts and security threats. Since our whole life is becoming online, the number of black-hat hackers are also increasing. Hackers are not using different techniques to break into your banking accounts.

There are multiple ways a hacker could hack your banking accounts. So, if you use internet banking services, then you need to follow some security steps to safeguard your banking accounts.Contentsshow

5 Methods Hackers Use To Hack Your Bank Accounts

In this article, we are going to share a few popular methods hackers use to hack your bank accounts. By knowing the techniques, you will be in a better situation to understand how your accounts can get hacked. So, let’s check out the methods hackers use to break into your bank account.

1. Banking Trojans (Smartphones)

Banking Trojans
Banking Trojans

Hackers can use malicious apps to break into their banking accounts. In this method, hackers create a duplicate copy of a legitimate banking app and upload it to third-party app stores. Once downloaded, the app sents the username and password to the creator.

2. App Hijacking

App Hijacking
App Hijacking

In this method, a hacker creates a fake trojan filled banking app. When installed, it sits silently on the background and scans your phone for a banking app. When it detects a banking app, it shows a fake window that looks identical to the legitimate banking app and drives you to the login page.

The process is done so smoothly that a regular user won’t even notice the swap and will end up entering the details on the fake login page.

3. Smishing

Smishing
Smishing

Smishing is an SMS version of Phishing. It’s a scam in which hackers uses SMS instead of email templates to lure recipients into providing credential via text message reply.

Smishing scams might show itself as a request from the bank, a note from the company, lottery prize, etc. Every template will ask you to make a payment by entering the credit/debit card details.

3. Keyloggers

Keyloggers
Keyloggers

Keyloggers are another popular hacking technique used by hackers. Keyloggers are of two types – hardware and software. The software versions need installation. Once installed, it silently records your keystrokes and sends the information back to the hacker.

The hardware keyloggers need to be fitted into the line from a keyboard to a device. Hardware keyloggers need to be installed physically on the device. Once established, it serves as a software keylogger.

4. SIM Swapping

SIM Swapping
SIM Swapping

SIM swapping is one of the rare techniques that hackers can use to break into your bank account. In this method, the hacker contacts your mobile network provider, claiming to be you. They convince network providers to assign the registered phone number to a new card.

If they are successful in doing so, all incoming calls and SMS will be routed to the new SIM card. It might look harmless and unachievable at first glance, but if done correctly, it can cause lots of harm. It can hack almost every accounts linked with the phone number.

5. Man-in-the-middle attack

Man-in-the-middle attack
Man-in-the-middle attack

The man-in-the-middle attack is one of the most dangerous hacking techniques used by hackers. In a Man-in-the-middle attack, the hacker inserts him/herself into a conversation between two parties. In the banking section, the two parties will be the user and the banking application.

However, it’s an advanced technique that requires monitoring an insecure server and analyzing the data that it passes through. The ultimate goal of this attack is to steal sensitive information like banking credentials, credit card details, etc.

So, these are the five methods hackers use to break into your bank account. I hope this article helped you! Share it with your friends also.

Source: https://techviral.net/methods-hackers-use-to-hack-bank-accounts/

Continue Reading
Advertisement

Trending

Copyright © 2020 Inventrium Magazine

%d bloggers like this: