Antivirus | Breaking Cybersecurity News | The Hacker News

If you are dealing in cryptocurrency Bitcoin and have Microsoft's Security Essentials (MSE) installed on your system, then you could be infected by a virus called " DOS/STONED " from the Bitcoin BlockChain. With a number of high-profile cases of fraud, theft, and technical incompetence against the bitcoins, it seems like cyber criminals are looking to scam unsuspecting customers. Blockchain is Bitcoin's most popular bitcoin wallet and block explorer. It is a central part of the Bitcoin system that includes a log file in which all bitcoin transactions are recorded. It stores the wallet data in encrypted form and runs on privately owned dedicated hardware. In an discussion on the Microsoft discussion boards, a user go by the name ' edc678 ' claimed that  Microsoft's Security Essentials  is showing alerts of the signature of the STONED virus in the Bitcoin BlockChain, which could only allow an attacker to write small chunk of text to accomp

Although the number of malicious browser extensions has significantly increased in the past years, but recently a new extension of the Google Chrome is allegedly targeting Cryptocurrency users that is capable of stealing Bitcoins and other crypto coins silently. The malicious Chrome browser extension dubbed as ' Cryptsy Dogecoin (DOGE) Live Ticker ' which is available on Chrome Web store for free downloads and developed by " TheTrollBox " account. Reddit user noticed that the updated version of the extension has a malicious code, which is designed to hijack the crypto currency transactions. HOW CHROME EXTENSION STEALS CRYPTOCURRENCY It is very obvious that the kind of crypto related software extensions is downloaded only by the users who deal with the digital currency. So, once the user installed the malicious extension, the software within the extension starts monitoring users' web activity and looks for those users who go to Cryptocurrency exchange sites s

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture. MSPs and MSSPs looking to meet this growing vCISO demand are often faced with the same challenge. The demand for cybersecurity talent far exceeds the supply. This has led to a competitive market where the costs of hiring and retaining skilled professionals can be prohibitive for MSSPs/MSPs as well. The need to maintain expertise of both security and compliance further exacerbates this challenge. Cynomi, the first AI-driven vCISO platform , can help. Cynomi enables you - MSPs, MSSPs and consulting firms

About a week back we reported about a popular paid Antivirus application on the Google Play Store which was actually a scam, dubbed as ' Virus Shield '. This First paid fake app managed to become one of the most popular anti-virus app in less than a week, and apparently more than 10,000 Smartphones users purchased it in $3.99 from Google Play Store and hence scammed more than $40,000. The Virus Shield Android App claimed to protect users' personal information from harmful viruses, malware and spyware, but in actual app doesn't scan anything and was removed from the store once the fraud had been uncovered. If you were one that had downloaded the Virus Shield Antivirus app , then don't worry, just check your email inbox, because Google cares about you and reaching out all those affected android users who purchased the app, in order to refund their money in full. REFUND WITH $5 BONUS CREDIT According to Android Police , Google has decided to refund $3.99 back to us

ZeuS , or Zbot is one of the oldest families of financial malware , it is a Trojan horse capable to carry out various malicious and criminal tasks and is often used to steal banking information. It is distributed to a wide audience, primarily through infected web pages, spam campaigns and drive-by downloads. Earlier this month, Comodo AV labs identified a dangerous variant of ZeuS Banking Trojan which is signed by stolen Digital Certificate belonging to Microsoft Developer to avoid detection from Web browsers and anti-virus systems.  FREE! FREE! ZeuS BRINGS ROOTKIT UPDATE Recently, the security researcher, Kan Chen at Fortinet has found that P2P Zeus botnet is updating its bots/infected systems with updates version that has the capability to drop a rootkit into infected systems and hides the trojan to prevent the removal of malicious files and registry entries. The new variant also double check for the earlier installed version (0x38) of ZeuS trojan on the infecte

Well, we all are very conscious, when it comes to the security of our personal information, security of our financial data and security of everything related to us. In the world of Smart devices where our Smartphones knows more than we know ourselves. To keep our device protected from harmful viruses, malware or spyware, we totally depend on various security products such as antivirus, firewall and privacy guard apps, that we typically install from some trusted sources, Google Play Store. Most Antivirus apps are available to download for free, but some of them are paid with extra premium features like advance firewall protection, anti theft, App Locker or Cloud Backup etc. But do you believe that just because you're downloading an application from an official app store and also if its a premium paid version, you're safe from malicious software? Think twice. PAID, BUT FAKE ANTIVIRUS APP In Past, Mobile Security Researchers had spotted numerous fake mobile anti

A year back, Security Researchers from the Antivirus firm Kaspersky found a sophisticated piece of malware which they dubbed as ' MiniDuke ', designed specifically to collect and steal strategic insights and highly protected political information, which is a subject to states' security. Now, once again the MiniDuke virus is spreading in wild via an innocent looking but fake PDF documents related to Ukraine , while the researcher at F-Secure were browsing the set of extracted decoy documents from a large batch of potential MiniDuke Samples. " This is interesting considering the current crisis in the area ," Mikko Hypponen, the CTO of security research firm F-Secure, wrote on Tuesday. The Hacker News reported a year ago about the malicious malware that uses an exploit ( CVE-2013-0640 ) of the famous and actively used Adobe Reader . MiniDuke malware written in assembly language with its tiny file size (20KB), and uses hijacked Twitter accounts for Command &a

Again the sophisticated piece of malware, " njRAT " has come to picture targeting the government agencies and organizations in the Middle East, according to the research carried out by Symantec security researchers. The researchers analyzed 721 samples of malicious code ' njRAT ' and revealed that a large number of about 24,000 infected computers worldwide were targeted by the malware infections with 542 control-and-command (C&C) server domain names. njRAT is not a new piece of malware in the market, it is available since June 2013. Till now its three variants have been released and all of which can be propagated through infected USB keys or networked drives. njRAT is a Remote Access Trojan (RAT) intensive in its data-stealing capabilities. In addition to log keystrokes, the malware is capable to access the victim's camera, steal credentials stored in browsers, upload and download files, perform process and file manipulations, view the victim's desktop. Thi

As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world's 3 million ATM machines are run on it.  Microsoft's decision to withdraw support for Windows XP  poses critical security threat to the economic infrastructure worldwide. MORE REASONS TO UPGRADE Security researchers at Antivirus firm Symantec claimed that hackers can exploit a weakness in Windows XP based ATMs, that allow them to withdraw cash simply by sending an SMS to compromised ATMs. " What was interesting about this variant of  Ploutus  was that it allowed  cybercriminals  to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible, but this technique is being used in a number of places across the world at this time. " researchers said. HARDWIRED Malware for ATMs According to researchers - In 2013, they detected a malware named Backdoor . Ploutus,  installed on ATMs in Mexico, wh

In late 2013, Security Researchers identified thousands of Linux systems around the world infected with the OpenSSH b ackdoor trojan and  credential stealer  named Linux/Ebury ,  that allows  unauthorized access of an affected computer to the remote attackers. Antivirus Firm ESET's Reseacher team has been tracking and  investigating the operation behind Linux/Ebury and today team  uncovers the details [ Report PDF ] of a massive,  sophisticated and organized  malware campaign called ' Operation Windigo ', infected more than 500,000 computers and 25,000 dedicated servers. ' We discovered an infrastructure used for malicious activities that is all hosted on compromised servers. We were also able to find a link between different malware components such as Linux/Cdorked, Perl/Calfbot and Win32/Glupteba.M and realized they are all operated by the same group. '  ESET reported. Malware used in Operation Windigo: Linux/Ebury –  an OpenSSH backdoor use

The Continuous Growth of spyware, their existence, and the criminals who produce & spread them are increasing tremendously. It's difficult to recognize spyware as it is becoming more complex and sophisticated with time, so is spreading most rapidly as an Internet threat. Recently, The security researchers have unearthed a very complex and sophisticated piece of malware that was designed to steal confidential data and has ability able to capture network traffic. The Researchers at the German security company G Data Software , refer the malware as Uroburos , named after an ancient symbol depicting a serpent or dragon eating its own tail, and in correspondence with a string ( Ur0bUr()sGotyOu# ) lurking deep in the malware's code.  The researchers claimed that the malware may have been active for as long as three years before being discovered and appears to have been created by Russian developers. Uroburos is a rootkit designed to steal data from secure facilit

Do you know, A Computer viruses could go Airborne over WiFi networks? Security researchers at the University of Liverpool  in Britain have demonstrated a WiFi virus that can spread between computer networks just like the ' common cold ' spreads between Humans. They have created a proof-of-concept which can infect the entire wireless network instead of a single computer at a time,  that replaces the firmware of the vulnerable Access Point (AP) with a virus-loaded version, and then propagates itself to the next victim on the WiFi network . The  WiFi  based virus named as ' Chameleon ', that can self-propagate over WiFi networks from access point to access point,  but  doesn't affect the working of the Wireless Access Point. This Virus is able to identify WiFi access points that are not protected by encryption and passwords, according to the research paper . It can badly hit less-protected open access WiFi networks available in coffee shops or airp

We use our Smartphone devices to do almost everything, from Internet Banking to Sharing private files and at the same pace, the mobile malware sector is also growing. The number of variants of malicious software aimed at mobile devices has reportedly risen about 185% in less than a year.  Security researchers have observed a growth in the numbers of computer malware families starting to use TOR-based communications, but recently the Security Researchers at anti-virus firm Kaspersky Lab have spotted  the world's first Tor-Based Malware for Android Operating system. The Android Malware dubbed as ' Backdoor. AndroidOS .Torec.a ', using Tor hidden service protocol for stealth communication with Command-and-Control servers. Researchers detected that the Trojan is running from .Onion Tor domain and working on the functionality of an open source Tor client for Android mobile devices, called ' Orbot ', thus eliminating the threat of the botnet being de

Zeus , a financially aimed Banking Trojan that comes in many different forms and flavors, is capable to steal users' online-banking credentials once installed. This time, an infamous  Zeus Trojan has turned out to be a more sophisticated piece of malware that uses web-crawling action . Instead of going after Banking credentials and performing malicious keystroke logging, a new variant of Zeus Trojan focuses on Software-as-a-service (SaaS) applications for the purpose of obtaining access to proprietary data or code. The SaaS Security firm vendor Adallom , detected a targeted malware attack campaign against a Salesforce.com customer, which began as an attack on an employee's home computer. Adallom found that the new variant had web crawling capabilities that were used to grab sensitive business data from that customer's CRM instance. The Security firm noticed the attack when they saw about 2GB of data been downloaded to the victim's computer in less than 10

A Sophisticated cyber spying operation, ' The Mask ', that has been under the mask for about 7 years targeting approximately 31 countries, has now been 'unmasked' by researchers at Kaspersky Labs . The Researchers believe that the program has been operational since 2007 and is seems to be sophisticated nation-state spying tool that targeted government agencies and diplomatic offices and embassies before it was disclosed last month. In the unveiling document published by Kaspersky , they found more than 380 unique victims, including Government institutions, diplomatic offices/embassies, private companies, research institutions, activists etc. The name " Mask " comes from the Spanish slang word "Careto" (" Ugly Face " or " Mask ") which the authors included in some of the malware modules. Developers of the ' Mask ' aka ' Careto ' used complex tool-set which includes highly developed malware , bootkit, rootkit etc. that has the ability t