New Python-Based "Legion" Hacking Tool Emerges on Telegram

An emerging Python-based credential harvester and a hacking tool named Legion is being marketed via Telegram as a way for threat actors to break into various online services for further exploitation. Legion, according to Cado Labs, includes modules to enumerate vulnerable SMTP servers, conduct...

CVE-2022-4004 Donation Button <= 4.0.0 - Subscriber+ Broken Access Control leading to SMS Spam

The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its "donationbuttontwiliosendtestsms" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes t...

CVE-2022-4004 Donation Button <= 4.0.0 - Subscriber+ Broken Access Control leading to SMS Spam

The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its "donationbuttontwiliosendtestsms" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes t...

Donation Button <= 4.0.0 - Subscriber+ Broken Access Control leading to SMS Spam

The plugin does not properly check for privileges and nonce tokens in its "donationbuttontwiliosendtestsms" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes to arbitrary phone numbers. While logged...

Donation Button <= 4.0.0 - Subscriber+ Broken Access Control leading to SMS Spam

The plugin does not properly check for privileges and nonce tokens in its "donationbuttontwiliosendtestsms" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes to arbitrary phone numbers. PoC While...

A week in security (April 11 – 17)

Last week on Malwarebytes Labs: Credential-stealing malware disguises itself as Telegram, targets social media users Old Play Store apps served notice by upcoming API level changes Denonia cryptominer is first malware to target AWS Lambda Ransomware: March 2022 review Why identity management...

Steer clear of this “TestNTrace” SMS spam

Yesterday I received an SMS from “TestNTrace”, with the message resembling an official NHS communication: The text reads as follows: NHS: You’ve been in close contact with a person who has contracted the Omicron variant. Please order a test kit via: URL redacted Well, that’s an alarming thing to...

A week in security (March 28 – April 3)

Last week on Malwarebytes Labs: New UAC-0056 activity: There’s a Go Elephant in the room Globant suffers network breach due to LAPSUS$ compromise Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited Hive ransomware impacts California non-profit health...

“A little gift for you” SMS spam appears to come from your own phone number

If youve received a spam SMS message sent from your own phone number, dont panic. No, you werent hacked. And youre not the only one who has received such a message, which looks a bit like this: A colleague received this same spam SMS message that has been going around more frequently these past f...

Mercury - A Hacking Tool Used To Collect Information And Use The Information To Further Hurt The Target

Mercury is a hacking tool used to collect information and use the information to further hurt the target. Installation Requires Python2 Linux apt-get install python2 git clone https://www.github.com/MetaChar/Mercury pip install -r requirements.txt Features BruteForce Mercury uses Selenium to...

Unikrn: Improper validation at Phone verification (possible cost increase + SMS SPAM attack)

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Please add the affected...

Cuvva: No rate limiting at POST /2/2017-05-22/send_identifier_token

SUMMARY ---------- Hello, while testing your api I have noticed that the request at POST /2/2017-05-22/sendidentifiertoken does not have any rate limiting made about 60-70 requests and this actually sens an SMS when the type is mobilephone. I agree, this is not a very big issue, but all endpoints...

Mobile Phone Number Harvester Fuels SMS Spam

The latest version of a phone number harvesting tool offers its users the ability to trawl the public web and collect mobile phone numbers indexed on sites that ask visitors for them, according to a Webroot report. The numbers are later used as targets for SMS spam campaigns peddling whatever get...

Android Trojan Apps Build SMS Botnet

A rudimentary, SMS-based botnet is ensnaring Android users into its web with a series of text messages offering free downloads for popular, paid gaming applications, according to Cloudmark researcher Andrew Conway. The Trojan applications are reportedly mimicking games such as The Need for Speed...

Russian Underground Cybercrime market offering sophisticated services

Security firm Trend Micro recent analyses the Russian crimeware markets and has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. If you want to buy a botnet it wi...

New Trojan Spreading On App Store and Google Play

A new Trojan that uploads users’ phonebooks to a remote server is making the rounds, circulating on both Apple’s App Store and the Google Play marketplaces, according to research by Kaspersky Lab posted on the Securelist web site earlier today. Kaspersky virus researchers, responding to a request...

SMS Trojan Found in Several Android Apps

Google has removed a group of mobile phone applications from its Android Market after it was discovered that the applications contained code that could be used to send SMS Short Message Service spam. Google’s action came after a security firm in Taiwan published a security alert about the apps on...

Simplest Phones Open to 'SMS of Death' !

It's a scene from an as-yet-unmade thriller: Across a country, tens of thousands of cellphones all blink white at the same, and turn themselves off. Calls are lost, phones are rendered useless, and the affected mobile operator is forced to pay a ransom or lose customers. It hasn't happened yet. B...