23 matches found
HackOnChat: Unmasking the WhatsApp Hacking Scam
CTM360 has discovered a large-scale malicious campaign targeting WhatsApp users worldwide. This scam is designed to hijack WhatsApp accounts through deceptive phishing schemes that exploit user trust in the WhatsApp brand. Threat actors behind this campaign create fraudulent websites that closely...
LOKI: Proactively Discovering Online Scam Websites by Mining Toxic Search Queries
Online e-commerce scams, ranging from shopping scams to pet scams, globally cause millions of dollars in financial damage every year. In response, the security community has developed highly accurate detection systems able to determine if a website is fraudulent. However, finding candidate scam...
U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms
The U.S. Department of Justice DoJ on Monday announced sweeping actions targeting the North Korean information technology IT worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200 computers. The coordinated action sa...
Lowe’s employees phished via Google ads
In mid-August, we identified a malvertising campaign targeting Lowes employees via Google ads. Like many large corporations, Lowes has their own employe portal called MyLowesLife, for all matters related to schedule, pay stubs, or benefits. Lowes employees who searched for "myloweslife" during th...
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years
Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious "imageless" containers over the past five years, once again underscoring how open-source registries could pave the way for supply chain attacks. "Over four million of the repositori...
Explained: Quishing
Quishing is phishing using QR Quick Response codes. QR codes are basically two-dimensional barcodes that hold encoded data, and they can be used to work as a link. Point your phone's camera at a QR code and it will ask you if you want to visit the link. The use of QR codes in malicious campaigns ...
ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk VHD files, marking a deviation from the ISO optical disc image format. "These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games...
Looking for student debt relief? Watch out for scammers says the FBI
The FBI believes that scammers may be after people applying for the One-Time Federal Student Loan Debt Relief, a program announced by the Biden-Harris Administration in August 2022 that provides up to $20,000 in student loan debt relief. In a recent public service announcement, the agency warned ...
New NullMixer Malware Campaign Stealing Users' Payment Data and Credentials
Cybercriminals are continuing to prey on users searching for cracked software by directing them to fraudulent websites hosting weaponized installers that deploy malware called NullMixer on compromised systems. "When a user extracts and executes NullMixer, it drops a number of malware files to the...
Hackers Distributing Fake Shopping Apps to Steal Banking Data of Malaysian Users
Threat actors have been distributing malicious applications under the guise of seemingly harmless shopping apps to target customers of eight Malaysian banks since at least November 2021. The attacks involved setting up fraudulent but legitimate-looking websites to trick users into downloading the...
Spam and phishing in Q3 2021
Quarterly highlights Scamming championship: sports-related fraud This summer and early fall saw some major international sporting events. The delayed Euro 2020 soccer tournament was held in June and July, followed by the equally delayed Tokyo Olympics in August. Q3 2021 also featured several F1...
FBI Reports Increase in Online Shopping Scams
The Federal Bureau of Investigation FBI Internet Crime Complaint Center IC3 has released an alert on a recent increase in online shopping scams. The scams direct victims to fraudulent websites via ads on social media platforms and popular online search engines’ shopping pages. The Cybersecurity a...
Criminals hack Tupperware website with credit card skimmer
Update 2: A spokesperson for Tupperware has given a public statement to Alex Scroxton, Security Editor at ComputerWeekly. You can read it here. Update: Following our blog post, we continued to monitor the Tupperware website. As of 03/25 at 1:45 PM PT, we noticed that the malicious PNG file had be...
Exploit for Use After Free in Microsoft
CVE-2019-0708 The following websites are all cheaters, mainly...
An Established Solution for Mobile Threats
As much as smartphones and applications have evolved over the years, so has mobile malware. We’re seeing an increasing number of threats—from mobile ransomware and auto-clicking adware to dangerous backdoors that can compromise your privacy. And there are also legitimate personal applications tha...
Two Tickets as Bait
Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned Emirates, Air France, Aeroflot, S7 Airline, Eva Air,...
FBI Warns of Phony Sites Offering Government Services
Consumers looking for a replacement Social Security card or government-issued Employer Identification Number EIN are running into a slew of fraudulent search engine results and equally phony websites. The FBI’s Internet Crime Complaint Center today issued an advisory warning that consumer and...
Cyber Criminals phishing with smart subdomains to earn millions
Like many other security issues that now affect computer users, there is a growing threat known as phishing". Phishing attacks are perpetrated by criminals who send deceptive emails in order to lure someone into visiting a fraudulent web site or downloading malicious software, expressly for...
UK's Cyber Cops Take Down 1800 Bogus Websites !
Detectives from London's Metropolitan Police Service's cyber crime unit have in the past year shut down 1,800 bogus websites, which were either fraudulent or advertising counterfeit goods, ranging from tickets to Premier League soccer games to Ugg boots and jewelry from Tiffany & Co. The...
Cache-poisoning attack snares top Brazilian bank
From The Register Dan Goodin One of Brazil’s biggest banks has suffered an attack that redirected its customers to fraudulent websites that attempted to steal passwords and install malware, according to an unconfirmed report. According to this Google translation of an article penned in Portuguese...