Malware

SpinOk malware has been found in multiple Android apps that have been downloaded more than 30 million times. The malware-riddled apps were found on the Google Play store, following an investigation by cyber security company CloudSEK. Following their investigation, the research team found that 193 apps on the Google Play store were infected with malware, 43 of which were active within the last week. SpinOk malware was first discovered by cyber security software company Dr Web in May 2023. Distributed as an advertisement software development kit (SDK), the Trojan malware actually acts as spyware. Dr Web found in May that…

Google has suspended Chinese agricultural e-commerce app Pinduoduo from Google Play after versions of the app found outside the Google store were flagged as having malware issues. A Google spokesperson told Reuters that the app had been suspended over “security concerns”, adding that “Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect”, in other words, software that prevents the installation of malicious or harmful apps by scanning Android devices with Google Play Services. A Pinoduoduo spokesperson told Reuters that Google had not shared details on why the app was…

Malware is a fast-growing, ever-evolving threat to cyber security. In the first six months of 2022, over 2.8 billion malware attacks were reported worldwide. Beyond risks to their network, malware like ransomware can have real, monetary costs for businesses. In 2021, damages of ransomware alone cost US$20bn. This was a 6054 percent increase on the global cost of ransomware in 2015, which was $325mn. This is only predicted to increase, with the damages of ransomware forecasted to reach US$250bn by 2031. The term ‘malware’ is an abbreviation of ‘malicious software’ and, according to the UK National Cyber Security Center (NCSC),…

The US Marshals Service (USMS), a federal law enforcement agency within the US Department of Justice (DoJ) has announced that it was the victim of a ransomware attack that compromised confidential information held by the agency.  The attack, which took place on February 17, saw “a ransomware and data exfiltration” attack launched against a “stand-alone USMS system”.  The system compromised in the attack held a number of sensitive documents, including “returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees”.   Chief of the USMS public affairs office,…

Several weeks ago, I received a phone call from my friend who is a business owner and works in the cargo industry. He informed me that US$24,000 had vanished from his bank account during the previous night. The bank customer care team could not assist and suggested that my friend file a report with the police. The funds were transferred using a mobile app. The transaction was verified via a text message and appeared to be completely legitimate. My entrepreneur friend asked me to help since I have a cybersecurity background. However, it was too late to do anything. The…

Cyber security researcher Check Point has warned Android users in a blog on July 10, 2019, that as many as 25 million Android mobile devices have been hit with a malware now being called ‘Agent Smith.’ The malware hides within installed apps like WhatsApp, taking advantage of the vulnerabilities within the Android operating system. See Related: “Securing The Enterprise From Mobile Malware” According to Check Point, this new breed of malware was able to copy popular apps on the phone, but inject its own malicious code – replacing the original app with the weaponized version. The hijacked apps on the…

Apple's iPhones enjoy a reputation for being ultra-secure and hard to hack, so most cybercriminals don't bother trying. However, you shouldn't think of your iPhone as a device that's totally safe from hackers. In February, a team of researchers at Google alerted Apple to vulnerabilities that persisted for two years and allowed hackers to embed malware on iPhones after people visited particular websites. What Happened? Even though researchers at Google found these issues months ago and reported them to Apple at that time, the team only recently went public with the discoveries. They revealed five so-called exploit chains that link…

The headlines have been screaming about Zoom bombing lately, and it was just a matter of time before hackers took advantage of a remote workforce to infiltrate video conference calls. There has also been a rise in COVID-19-related phishing attempts. So how do you protect a remote workforce? Before the pandemic spiked in March, “we all knew telecommuting was an option but whose boss is going to allow that to be the preferred method for attending a meeting?” says Timothy C. Summers, Ph.D., CEO, of cyber security consultancy Summers & Company. Then came the massive shift to moving employees to…

Ransomware is industry-agnostic. The motivations for cyber-criminals to pursue organizations and ransom their data is typically for the money. The days of spies physically infiltrating an organization to steal trade secrets are likely gone. Insider threats and cyber-attacks are more viable paths to complete nefarious deeds. In mid-January, electronics manufacturer Communications & Power Industries (CPI) was victimized by having its data encrypted and held ransom. Founded in 1995, CPI is a global manufacturer of electronic components and subsystems focused primarily on communications and defense markets. The 2,000-person company formed out of Varian Associates and claims to be the largest U.S.…

An increase in enterprise phishing threats and malware delivery has boosted demand for malware analysis. Malware analysis is the process by which the purpose and functionality of malware samples are analyzed and determined. The information gathered from the malware analysis provides insights into developing an effective detection technique for the malicious code. In addition, it is an essential element for developing the efficient removal tools that can ultimately eliminate malware from an infected system. Mobile Devices Change The Malware Dynamics The penetration of mobile devices is witnessing rapid growth due to increase in acceptance of BYOD among organizations. The variety…