The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Search results for malicious

Cyber security scenario according to WebSense

Cyber security scenario according to WebSense

March 12, 2013Anonymous
It's time of stocktaking, principal security firm are proposing their analysis to synthesize actual situation on cyber security, 2012 is widely considered a year when the malware has increased significantly thanks to the contributions of various actors that we will analyze shortly. WebSense has published a new interesting study, 2013 Threat Report , that confirms an extraordinary growth of cyber threats, the data that most of all alert the security community is the increasing number of sophisticated attacks able to elude traditional defense mechanisms. The analysis revealed that technologies most exposed to cyber attacks continue to be mobile platforms and social media, internet is confirmed as primary channel for cyber menaces, let's consider in fact that number of malicious web sites grew nearly 600% and 85% are represented by legitimate web hosts. Another concerning phenomenon is the use of Email as vector for cyber menace, attackers consider this carrier as
Malicious Advertisements Found on Java.com, Other High-Profile Sites

Malicious Advertisements Found on Java.com, Other High-Profile Sites

August 29, 2014Swati Khandelwal
A New York-based online ad network company AppNexus, that provides a platform specializing in real-time online advertising, has again been spotted as the origin of a recent "malvertising" campaign that makes use of the Angler Exploit Kit to redirect visitors to malicious websites hosting the Asprox malware. AppNexus servers process 16 billion ad buys per day, making it the biggest reach on the open web after Google. Back in May, AppNexus was serving malicious ads targeting Microsoft's Silverlight platform. The world's largest Internet Video Subscription service Netflix runs on Silverlight, and because of its popularity, hackers have been loading exploit kits with Silverlight. As part of this campaign, users of several high-profile websites including Java.com, Deviantart.com, TMZ.com, Photobucket.com, IBTimes.com, eBay.ie, Kapaza.be and TVgids.nl , last week were redirected to websites serving malicious advertisements that infected visitors by installing botnet ma
7 Chrome Extensions Spreading Through Facebook Caught Stealing Passwords

7 Chrome Extensions Spreading Through Facebook Caught Stealing Passwords

May 11, 2018Swati Khandelwal
Luring users on social media to visit lookalike version of popular websites that pop-up a legitimate-looking Chrome extension installation window is one of the most common modus operandi of cybercriminals to spread malware. Security researchers are again warning users of a new malware campaign that has been active since at least March this year and has already infected more than 100,000 users worldwide. Dubbed Nigelthorn, the malware is rapidly spreading through socially engineered links on Facebook and infecting victims' systems with malicious browser extensions that steal their social media credentials, install cryptocurrency miners, and engage them in click fraud. The malware was pushed through at least seven different Chrome browser extensions—all were hosted on Google's official Chrome Web Store. These malicious Chrome browser extensions were first discovered by researchers at cybersecurity firm Radware, after a "well-protected network" of one of its custo
Beware of New Celebrity Sex Tape (Scam) Leaked on Facebook!

Beware of New Celebrity Sex Tape (Scam) Leaked on Facebook!

December 12, 2016Mohit Kumar
If you came across a celebrity sex video on Facebook featuring Jessica Alba or any other celebrity, just avoid clicking it. Another Facebook scam is circulating across the social networking website that attempts to trick Facebook users into clicking on a link for a celebrity sex tape that instead downloads malware onto their computers. Once installed, the malware would force web browsers to display aggressive advertising web pages which include sites with nudity and fake lotteries. The spam campaign was uncovered by researchers at Cyren, who noted that a malicious Google Chrome extension is spreading nude celebrity PDFs through private messages and posts on various Facebook groups. If opened, the PDF file takes victims to a web page with an image containing a play button, tricking users that the PDF may contain a video. Once clicked, the link redirects users of Internet Explorer, Firefox, or Safari to a web page with overly-aggressive popups and advertisements related to
Password Stealing Apps With Over A Million Downloads Found On Google Play Store

Password Stealing Apps With Over A Million Downloads Found On Google Play Store

December 13, 2017Swati Khandelwal
Even after so many efforts by Google like launching bug bounty program and preventing apps from using Android accessibility services , malicious applications somehow manage to get into Play Store and infect people with malicious software. The same happened once again when security researchers discovered at least 85 applications in Google Play Store that were designed to steal credentials from users of Russian-based social network VK.com and were successfully downloaded millions of times. The most popular of all masqueraded as a gaming app with more than a million downloads. When this app was initially submitted in March 2017, it was just a gaming app without any malicious code, according to a blog post published Tuesday by Kaspersky Lab. However, after waiting for more than seven months, the malicious actors behind the app updated it with information-stealing capabilities in October 2017. Besides this gaming app, the Kaspersky researchers found 84 such apps on Google Play
Warning: Over 100 Tor Nodes Found Designed to Spy On Deep Web Users

Warning: Over 100 Tor Nodes Found Designed to Spy On Deep Web Users

July 26, 2016Swati Khandelwal
Researchers have discovered over 100 malicious nodes on the Tor anonymity network that are "misbehaving" and potentially spying on Dark Web sites that use Tor to mask the identities of their operators. Two researchers, Amirali Sanatinia and Guevara Noubir, from Northwestern University, carried out an experiment on the Tor Network for 72 days and discovered at least 110 malicious Tor Hidden Services Directories (HSDirs) on the network. The nodes, also known as the Tor hidden services directories ( HSDirs ) are servers that act as introductory points and are configured to receive traffic and direct users to hidden services (" .onion " addresses). In other words, the hidden services directory or HSDir is a crucial element needed to mask the true IP address of users on the Tor Network. But, here's the issue: HSDir can be set up by anyone. "Tor's security and anonymity is based on the assumption that the large majority of its relays are honest and
Malicious Chrome Extension Hijacks CryptoCurrencies and Wallets

Malicious Chrome Extension Hijacks CryptoCurrencies and Wallets

April 25, 2014Wang Wei
Although the number of malicious browser extensions has significantly increased in the past years, but recently a new extension of the Google Chrome is allegedly targeting Cryptocurrency users that is capable of stealing Bitcoins and other crypto coins silently. The malicious Chrome browser extension dubbed as ' Cryptsy Dogecoin (DOGE) Live Ticker ' which is available on Chrome Web store for free downloads and developed by " TheTrollBox " account. Reddit user noticed that the updated version of the extension has a malicious code, which is designed to hijack the crypto currency transactions. HOW CHROME EXTENSION STEALS CRYPTOCURRENCY It is very obvious that the kind of crypto related software extensions is downloaded only by the users who deal with the digital currency. So, once the user installed the malicious extension, the software within the extension starts monitoring users' web activity and looks for those users who go to Cryptocurrency exchange sites s
Dozens of Malicious Apps on Play Store can Root & Hack 90% of Android Devices

Dozens of Malicious Apps on Play Store can Root & Hack 90% of Android Devices

June 25, 2016Swati Khandelwal
It's not at all surprising that the Google Play Store is surrounded by a large number of malicious apps that has the ability to gain users' attention into falling victim for one, but this time, it is even worse than most people realize. Researchers at Trend Micro have detected a family of malicious apps, dubbed ' Godless ,' that has the capability of secretly rooting almost 90 percent of all Android phones. Well, that's slightly terrifying. The malicious apps are distributed via different methods and variety of app stores, including Google Play Store, which is usually considered as a safe option for downloading apps. Also Read:   Crazy hacker implants NFC Chip in his hand to hack Android phones . The malicious apps packed with Godless contain a collection of open-source or leaked Android rooting exploits that works on any device running Android 5.1 Lollipop or earlier. 90% Android Devices are Vulnerable to Godless Rooting Malware Since Android eco
A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service

A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service

August 05, 2021Ravie Lakshmanan
Multiple cybercriminal groups are leveraging a malware-as-a-service (MaaS) solution to carry out a wide range of malicious software distribution campaigns that result in the deployment of payloads such as Campo Loader, Hancitor,  IcedID ,  QBot ,  Buer Loader , and SocGholish against individuals in Belgium as well as government agencies, companies, and corporations in the U.S. Dubbed " Prometheus " and available for sale on underground platforms for $250 a month since August 2020, the service is a Traffic Direction System (TDS) that's designed to distribute malware-laced Word and Excel documents, and divert users to phishing and malicious sites, according to a Group-IB report shared with The Hacker News. More than 3,000 email addresses are said to have been singled out via malicious campaigns in which Prometheus TDS was used to send malicious emails, with banking and finance, retail, energy and mining, cybersecurity, healthcare, IT, and insurance emerging the prominen
Judy Android Malware Infects Over 36.5 Million Google Play Store Users

Judy Android Malware Infects Over 36.5 Million Google Play Store Users

May 29, 2017Mohit Kumar
Security researchers have claimed to have discovered possibly the largest malware campaign on Google Play Store that has already infected around 36.5 million Android devices with malicious ad-click software. The security firm Checkpoint on Thursday published a blog post revealing more than 41 Android applications from a Korean company on Google Play Store that make money for its creators by creating fake advertisement clicks from the infected devices. All the malicious apps, developed by Korea-based Kiniwini and published under the moniker ENISTUDIO Corp, contained an adware program, dubbed Judy, that is being used to generate fraudulent clicks to generate revenue from advertisements. Moreover, the researchers also uncovered a few more apps, published by other developers on Play Store, inexplicably containing the same the malware in them. The connection between the two campaigns remains unclear, though researchers believe it is possible that one developer borrowed code from
How to Hack a Computer Using Just An Image

How to Hack a Computer Using Just An Image

June 01, 2015Swati Khandelwal
Next time when someone sends you a photo of a cute cat or a hot chick than be careful before you click on the image to view — it might hack your machine. Yes, the normal looking images could hack your computers — thanks to a technique discovered by security researcher Saumil Shah from India. Dubbed " Stegosploit ," the technique lets hackers hide malicious code inside the pixels of an image, hiding a malware exploit in plain sight to infect target victims. Just look at the image and you are HACKED! Shah demonstrated the technique during a talk titled , " Stegosploit: Hacking With Pictures, " he gave on Thursday at the Amsterdam hacking conference Hack In The Box. According to Shah, "a good exploit is one that is delivered in style." Keeping this in mind, Shah discovered a way to hide malicious code directly into an image, rather than hiding it in email attachments, PDFs or other types of files that are typically used to deliver
StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users

StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users

November 08, 2018Mohit Kumar
Late last week an unknown hacker or a group of hackers successfully targeted a cryptocurrency exchange with an aim to steal Bitcoins by compromising the web analytics service it was using. ESET malware researcher Matthieu Faou this weekend spotted malicious JavaScript code on up to 700,000 websites that were bundled with the traffic tracking code from the leading web analytics platform StatCounter . However, after analyzing the code, the researchers found that hackers managed to compromise StatCounter and successfully replaced its tracking script with malicious JavaScript code primarily designed to target customers of the Gate.io cryptocurrency exchange. Like Google Analytics, StatCounter is also an old, but popular real-time web analytics platform reportedly being used by more than two million websites and generates stats on over 10 billion page views per month. Here's How Hackers Tried to Steal Bitcoins from Crypto Exchange Though the malicious code was also inject
New Android Malware 'HijackRAT' Attacks Mobile Banking Users

New Android Malware 'HijackRAT' Attacks Mobile Banking Users

July 03, 2014Mohit Kumar
Cybercriminals have rolled out a new malicious Android application that wraps different varieties of banking fraud trick into a single piece of advanced mobile malware . GOOGLE SERVICE FRAMEWORK - APPLICATION OR MALWARE? Security researchers at the security firm FireEye have came across a malicious Android application that binds together the latest and older hijacking techniques. The malicious Android app combines private data theft, banking credential theft and spoofing, and remote access into a single unit, where traditional malware has had only one such capability included in it. Researchers dubbed the malware as HijackRAT , a banking trojan that comes loaded with a malicious Android application which disguises itself as "Google Service Framework," first and the most advanced Android malware sample of its kind ever discovered, combining all the three malicious activities together. MALWARE FEATURES By giving the remote control of the infected device to hackers,
Deadly Simple Exploit Bypasses Apple Gatekeeper Security to Install Malicious Apps

Deadly Simple Exploit Bypasses Apple Gatekeeper Security to Install Malicious Apps

October 01, 2015Swati Khandelwal
Apple Mac Computers are considered to be invulnerable to malware, but the new Exploit discovered by security researchers proves it indeed quite false. Patrick Wardle , director of research at security firm Synack , has found a deadly simple way that completely bypass one of the core security features in Mac OS X i.e.  Gatekeeper . Introduced in July of 2012, Gatekeeper is Apple's anti-malware feature designed to keep untrusted and malicious applications from wreaking havoc on Macs. However, Wardle has found a quick and simple way to trick Gatekeeper into letting malicious apps through on Mac OS X machines, even if the protection is set to open apps downloaded only from the Mac App Store. According to the researcher, before allowing any apps to execute on an OS X machine, Gatekeeper performs a number of checks, such as: Checking the initial digital certificate of a downloaded app Ensuring the app has been signed with an Apple-recognized developer certificat
Microsoft Windows Malicious Software Removal Tool - Download !

Microsoft Windows Malicious Software Removal Tool - Download !

April 28, 2011Mohit Kumar
Microsoft Windows Malicious Software Removal Tool - Download ! The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. To download the x64 version of Malicious Software Removal Tool, click here . This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on
First Android-Rooting Trojan With Code Injection Ability Found On Google Play Store

First Android-Rooting Trojan With Code Injection Ability Found On Google Play Store

June 08, 2017Mohit Kumar
A new Android-rooting malware with an ability to disable device' security settings in an effort to perform malicious tasks in the background has been detected on the official Play Store. What's interesting? The app was smart enough to fool Google security mechanism by first pretending itself to be a clean app and then temporarily replacing it with a malicious version. Security researchers at Kaspersky Lab discovered a new piece of Android rooting malware that was being distributed as gaming apps on the Google Play Store, hiding behind puzzle game " colourblock ," which was being downloaded at least 50,000 times prior to its removal. Dubbed Dvmap , the Android rooting malware disables device's security settings to install another malicious app from a third-party source and also injects malicious code into the device system runtime libraries to gain root access and stay persistent. "To bypass Google Play Store security checks, the malware creators used
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.