14 matches found
LofyLife: malicious npm packages steal Discord tokens and bank card data
On July 26, using the internal automated system for monitoring open-source repositories, we identified four suspicious packages in the Node Package Manager npm repository. All these packages contained highly obfuscated malicious Python and JavaScript code. We dubbed this malicious campaign...
Ukrainian Authorities Arrested Phishing Gang That Stole 100 Million UAH
The Cyber Police of Ukraine last week disclosed that it apprehended nine members of a criminal gang that embezzled 100 million hryvnias via hundreds of phishing sites that claimed to offer financial assistance to Ukrainian citizens as part of a campaign aimed at capitalizing on the ongoing...
Memory Corruption Vulnerability in CloudPulse Card Recognition Software
Xiamen Cloud Pulse Technology Co., Ltd. was founded in June 2002, Cloud Pulse Technology is in the leading position in cell phone photo text recognition, document recognition, bank card recognition, business card recognition, cell phone information network/PC synchronization and management...
Dixons Carphone Data Breach Affects 10 Million Customers
Dixons Carphone's 2017 data breach was worse than initially anticipated. In an announcement on Monday, Dixons Carphone, one of the largest consumer electronics and telecommunication retailers in Europe, admitted that the breach affected around 10 million customers, up from an initial estimate of...
Revamped Nukebot Malware Changes Targets, Adds Functions
A revamped version of the Nukebot banking trojan dubbed Jimmy Nukebot has shifted focus from stealing bankcard data and now acts as a conduit for quietly downloading malicious payloads for web-injects, cryptocurrency mining, and taking screenshots of targeted systems. The code is a modification o...
Booking a Taxi for Faketoken
The Trojan-Banker.AndroidOS.Faketoken malware has been known about for already more than a year. Throughout the time of its existence, it has worked its way up from a primitive Trojan intercepting mTAN codes to an encrypter. The authors of its newer modifications continue to upgrade the malware,...
Network transmission PayPal is the exposure of"acquaintances can tamper with the password"deadly vulnerability-vulnerability warning-the black bar safety net
! This morning, the security client to the user feedback, the account is a friends login, and show the Bank card and the free password to pay functions can be normal use, very with devices, IP, environmental, geographical location, the truth in the end how? We know almost found on the relevant...
Mobile payment software is now vulnerabilities hackers use Siri to steal your money-vulnerability warning-the black bar safety net
! Venmo's security holes is by the Salesforce security engineer Martin Vigo found, and this vulnerability using the“medium”is very special, Siri in this process is very unfortunately become a hackers attack our tools. The hackers have to do things very simple, he just need to ask Siri to send a...
PayPal Deposit major vulnerability, 1 0 seconds no need to verify stolen brush Bank card within the amount-vulnerability warning-the black bar safety net
! Usually online often see Alipay stolen brush cases, but from their very far, did not expect this thing but in this day are happening in my body. The genuineness, without warning. Only 1 0 seconds, I did not receive any input the verification code or Payment password in the process, the Bank car...
Fast payment and some credit card functions whether there is a defect? Know Bank card number and Expiration Date can consumer-vulnerability warning-the black bar safety net
Someone once broke a credit card just know the card number and expiration date on the CAN in some of the website on any purchase, while various payment products such as tenpay, Alipay launched fast pay only need to provide Bank card number, ID number, name, and phone number can be opened fast...
Mobile Android banking Trojan Svpeng Adds Phishing Know-How
An Android banking Trojan known as Svpeng has added phishing capabilities to its arsenal, and researchers have spotted it attacking Russian banking clients in what is perceived to be a dry run before it is adapted for other countries. “Typically, however, cybercriminals first test-run a technolog...
Half Million Chinese Android Devices got infected with SMSZombie
The amount of malware crafted and aimed at Android devices is ever-increasing. With Android being the most popular platform for smartphones and tablets around the world, Android users have become the low-hanging fruit when it comes to writing malware by the nefarious users. A new Android threat h...
California Man Gets 6 Years for Laundering
A Long Beach, California man who helped funnel stolen cash to a global network of hackers and carders was sentenced Thursday to 6 years in prison for conspiracy to launder money. Cesar Carranza, 38, sold MSR-206’s to carders to encode stolen bank card data onto blank cards, and he served as a...
Card Skimming Hits Up to 180 Gas Pumps
Criminals hid bank card-skimming devices inside gas pumps — in at least one case, even completely replacing the front panel of a pump — in a recent wave of attacks that demonstrate a more sophisticated, insidious method of stealing money from unsuspecting victims filling up their gas tanks. Read...