AI clickbait can turn your notifications into a scam feed

Pushpaganda is the name researchers have given to an AI-assisted ad fraud, social engineering, and scareware operation targeting mobile users. For most people, Pushpaganda starts as something that looks completely normal. For example, a recommended article in your Google Discover feed the...

AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning SEO techniques and artificial intelligence AI-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser...

Most Parked Domains Now Serving Malicious Content

Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now configured to...

Rising Trend of macOS Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ALC is a scareware, pretending to be ransomware, as it doesnt carry out any file encryption on the victims device. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

ALC: Is It a Scareware or a Ransomware?

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ALC is a scareware, pretending to be ransomware, as it doesnt carry out any file encryption on the victims device. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

A week in security (July 12 – July 18)

Last week on Malwarebytes Labs: DNS-over-HTTPS takes another small step towards global domination Nope, that isn’t Elon Musk, and he isn’t offering a free Topmist Dust watch either Four in-the-wild exploits, 13 critical patches headline bumper Patch Tuesday Is crypto’s criminal rollercoaster...

What is scareware?

Scareware is a type of rogue program which has been around for many years, arguably dating back to 1990. It can be installed without permission, or via deception and false promises. Scareware is primarily used to panic or worry someone into performing a task they otherwise wouldn’t have done. The...

Everything You Need to Know About Evolving Threat of Ransomware

The cybersecurity world is constantly evolving to new forms of threats and vulnerabilities. But ransomware proves to be a different animal—most destructive, persistent, notoriously challenging to prevent, and is showing no signs of slowing down. Falling victim to a ransomware attack can cause...

Apps Exposing Children to Porn Ads Booted From Google Play

Sixty app were removed from the Google Play marketplace in December that were infected with malware dubbed AdultSwine that in some cases generated pornographic ads on apps aimed at children. The developers behind the malicious apps also scammed victims with scareware techniques and attempted to...

Apple iOS 10.3 Fixes Safari Flaw Used in JavaScript-based Ransomware Campaign

If you own an iPhone or iPad, it's possible you could see popup windows in a sort of endless cycle on your Safari browser, revealing your browser has been locked and asking you to pay a fee to unlock it. Just do not pay any ransom. A new ransomware campaign has been found exploiting a flaw in...

Tuto4PC Utilities Silently Install 12M Backdoors, Cisco

Security experts are warning PC users of scareware computer utilities published by the French firm Tuto4PC that secretly bundle adware and spyware. Cisco’s Talos security research team said several of the company’s utilities, including OneSoftPerDay and System Healer, contain Trojans that exhibit...

Scareware Signed with Apple Cert Targets Mac OS X Machines

A unique scareware campaign targeting Mac OS X machines has been discovered, and it’s likely the developer behind the malware has been at it a while since the installer that drops the scareware is signed with a legitimate Apple developer certificate. “Sadly, this particular developer certificate...

Malicious Minecraft apps affect 600,000 Android Users

So you love Minecraft? You might want to be very careful before downloading the cheats for the popular Minecraft game from Google Play Store. Nearly 3 Million users have downloaded malicious Minecraft Android applications for their smartphone and tablets from the Google Play store, security...

Email Spam Campaign Spreading Android Malware

At first it seems like email spammers relying on old tricks – but a further look into a new campaign spotted by security firm FireEye reveals that the messages are not spreading drive-by downloads or even peddling ordinary PC malware. Instead, attackers are beginning to drop Android malware, in...

Free Beacon Article Redirects to ZeroAccess Rootkit, Fake AV

Update: Aaron Harison, president of the Center for American Freedom, told Threatpost this morning that the issue has been resolved and the site is no longer serving malware. Hackers have latched on to the NSA surveillance story—literally. A news story on the outing of whistleblower Edward Snowden...

Q&A: TJ Campana

REDMOND, Wash.–The Microsoft Digital Crimes Unit has been spearheading botnet takedowns and other anti-cybercrime operations for many years, and it has had remarkable success. But the cybercrime problem isn’t going away anytime soon, so the DCU is in the process of building a new cybercrime cente...

Hacked Media Sites Serving Fake AV Malware

Websites belonging to a number of Washington, D.C.-area media outlets have been compromised in a series of opportunistic attacks with criminals using a watering-hole tactic to spread scareware, or phony antivirus software. Popular D.C. radio station WTOP, sister station Federal News Radio, and th...

Joomla, WordPress Sites Hit by IFrame Injection Attacks

Users of the popular Joomla content management system are being urged by security experts to upgrade to the latest version after reports of exploits being used to compromise websites built on the platform. The SANS Internet Storm Center received numerous reports that Joomla sites, as well as...

Phony Browser Updates Redirect Victims to Malware Sites, Scareware

Hackers are using malicious ads promising browser updates to drop malware on users’ machines. Using a mix of social engineering and a variation on scareware, attackers have been taking advantage of recent legitimate Firefox and Chrome updates to infect hundreds of machines in Europe and the Unite...

Scareware and Phishing Scams Play on Windows 8 Launch

Windows 8 isn’t yet a week old, but the scammers and phishing crews already are taking their swings at it, setting up new campaigns based on the shiny new operating system. Security researchers have identified a new scareware campaign playing off of the Windows 8 launch, as well as a phishing ema...