#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

Malwarebytes | Breaking Cybersecurity News | The Hacker News

These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites

These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites

Nov 02, 2022
A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign. The apps, published by a developer named  Mobile apps Group  and currently available on the Play Store, have been collectively downloaded over one million times. According to  Malwarebytes , the websites are designed to generate revenues through pay-per-click ads, and worse, prompt users to install cleaner apps on their phones with the goal of deploying additional malware. The list of apps is as follows - Bluetooth App Sender (com.bluetooth.share.app) - 50,000+ downloads Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices) - 1,000,000+ downloads Driver: Bluetooth, Wi-Fi, USB (com.driver.finder.bluetooth.wifi.usb) - 10,000+ downloads Mobile transfer: smart switch (com.mobile.faster.transfer.smart.switch) - 1,000+ downloads It's no surprise that malicious apps have  devised new ways  to ge
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

Sep 28, 2022
WhatsApp has released  security updates  to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns  CVE-2022-36934  (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call. The issue impacts the WhatsApp and WhatsApp Business for Android and iOS prior to versions 2.22.16.12. Also patched by the Meta-owned messaging platform is an integer underflow bug, which refers to an opposite category of errors that occur when the result of an operation is too small for storing the value within the allocated memory space. The high-severity issue, given the CVE identifier  CVE-2022-27492  (CVSS score: 7.8), affects WhatsApp for Android prior to versions 2.22.16.2 and WhatsApp for iOS version 2.22.15.9, and could be triggered upon receiving a specially crafted video file. Exploiting  integer overflows  and 
Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

May 24, 2022
Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. "It's a shift from earlier tactics where attackers conspicuously injected malicious scripts into e-commerce platforms and content management systems (CMSs) via vulnerability exploitation, making this threat highly evasive to traditional security solutions," Microsoft 365 Defender Research Team  said  in a new report. Skimming attacks, such as those by Magecart, are carried out with the goal of harvesting and exporting users' payment information, such as credit card details, that are entered into online payment forms in e-commerce platforms, typically during the checkout process. This is achieved by taking advantage of security vulnerabilities in third-party plugins and other tools to inject rogue JavaScript code into the online portals without the owners' knowledge. As skimming attacks h
SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

Jan 20, 2021
Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after  FireEye ,  Microsoft , and  CrowdStrike . The company said its intrusion was not the result of a SolarWinds compromise, but rather due to a separate initial access vector that works by "abusing applications with privileged access to Microsoft Office 365 and Azure environments." The discovery was made after Microsoft notified Malwarebytes of suspicious activity from a dormant email protection app within its  Office 365 tenant  on December 15, following which it performed a detailed investigation into the incident. "While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor," the company's CEO Marcin Kleczynski  said  in a post. "We found no evidence of unauthorized access or compromise in any of o
More Resources