Enlarge (credit: KeremYucel / iStock ) Andrew Schober was almost all-in on cryptocurrency. In 2018, 95 percent of his net wealth was invested in the digital tokens, which he hoped he could sell later to buy a home and support his family. But then disaster struck. Schober had downloaded an app called “Electrum Atom” after […]
Enlarge (credit: Getty Images) Scammers have been caught using a clever sleight of hand to impersonate the website for the Brave browser and using it in Google ads to push malware that takes control of browsers and steals sensitive data. The attack worked by registering the domain xn--brav-yva[.]com, an encoded string that uses what’s known […]
Enlarge / This photo has a job application for Boston University hidden within it. The technique introduced by Wang, Liu, and Cui could hide data inside an image classifier rather than just an image. (credit: Keith McDuffy CC-BY 2.0) Researchers Zhi Wang, Chaoge Liu, and Xiang Cui published a paper last Monday demonstrating a new technique […]
Enlarge (credit: Suebsiri Srithanyarat / EyeEm / Getty Images) As many as 1,500 businesses around the world have been infected by highly destructive malware that first struck software maker Kaseya. In one of the worst ransom attacks ever, the malware, in turn, used that access to fell Kaseya’s customers. The attack struck on Friday afternoon […]
Enlarge (credit: Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images) Google has given the boot to nine Android apps downloaded more than 5.8 million times from the company’s Play marketplace after researchers said these apps used a sneaky way to steal users’ Facebook login credentials. In a bid to win users’ trust and lower their guard, the apps […]
Enlarge (credit: Getty Images) Microsoft gave its digital imprimatur to a rootkit that decrypted encrypted communications and sent them to attacker-controlled servers, the company and outside researchers said. The blunder allowed the malware to be installed on Windows machines without users receiving a security warning or having to take additional steps. For the past 13 […]
Enlarge (credit: Getty Images) Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found. The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked those of legitimate and often widely used packages […]
Enlarge (credit: Getty Images) A researcher has uncovered one of the more unusual finds in the annals of malware: boobytrapped files available on sites frequented by software pirates that rat out downloaders and try to prevent unauthorized downloading in the future. Vigilante, as SophosLabs Principal Researcher Andrew Brandt is calling the malware, gets installed when […]
Enlarge (credit: Getty Images) Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified. In all, researchers from NordLocker said on Wednesday, the database contained 26 million login credentials, 1.1 million unique […]
Enlarge (credit: CHUYN / Getty Images) Malicious hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permission from victims first. The zeroday was exploited by XCSSET, a piece of malware discovered by security firm Trend Micro last August. XCSSET […]