It’s a trap! Marcher banking trojan masquerades as Adobe Flash Player for Android

 

A variant of the Marcher banking trojan is targeting Android users by masquerading as a mobile Adobe Flash Player app.

This version of the malware arrives via popcash[dot]net, an advertising network which is known to serve “popunder” ads that display behind a main browser window so that the user sees them when they try to exit.

The ads drop malware payloads that pose as Adobe Flash Player. If a user clicks on the dropper URL, they see a message warning them that their Flash Player is out of date.

The dropper also loads the malware “Adobe_Flash_2016.apk” onto the user’s device, a program which then guides the user to disable security features and allow app installations from unknown sources.

Successful installation prompts the malware to conceal its icon from the home screen, to register the infected device with its command-and-control (C&C) server, and to send important information about the infected device including a list of installed apps to its server.

Source: It’s a trap! Marcher banking trojan masquerades as Adobe Flash Player for Android

‘Petya’ cyber attack targeting ‘everyone’: How to protect yourself

Cyber security experts are warning that consumers can also be targeted by the ransomware that has affected huge organisations around the world.

A new variant of known malware Petya is believed to be behind the chaos, which initially hit Ukraine, before spreading to companies in a number of other countries, including the UK.

However, it’s not just big businesses that are under threat.  Consumers are also at risk and should be wary if they are running operating systems that are vulnerable to the exploit, in other words if you have not patched,” Raj Samani, chief scientist & fellow at McAfee, told the Independent.

“Google Docs” Worm Ransacks Gmail Users’ Contact Lists – What You Need to Know

What’s happened?
You may well be one of the millions of internet users who received a dangerous email offering to share a Google Docs file with you.

If you made the mistake of clicking on the link, you could start a process that could potentially result in your email archive and contact lists being slurped up in strangers and the same dangerous message being forwarded to everyone in your address book.

Source: “Google Docs” Worm Ransacks Gmail Users’ Contact Lists – What You Need to Know

Watch Out For “Confirmation Letter Enclosed” Malware Emails

Five Scams That Won’t Make You Laugh on April Fool’s Day

If there’s one day of the year when everyone has their guard up, it’s April Fool’s Day. After all, who can put their hand up and say that they have never been duped by an April Fool’s trick? Some of the classic April Fool’s stunts have gone down in history, such as the BBC’s news report from 1957 showing the annual spaghetti harvest in Switzerland.

Simpler times, you say? Well, 50 years later the BBC pulled a similar stunt – getting Monty Python’s Terry Jones to star in a short documentary revealing the phenomenon of flying penguins. And, like the spaghetti hanging from the branches of trees in southern Switzerland, some people believed it. They believed it because the BBC is a trusted source of information. If some nutter had sat next to you on the bus and tried to convince you that penguins could fly or that you could send a Gmail by making the motion of licking a stamp you probably wouldn’t believe them.

Source: Five Scams That Won’t Make You Laugh on April Fool’s Day

UK residents hit with extremely personalized scam emails – Help Net Security

A compelling and potentially very successful email spam campaign is being leveraged against UK residents, warns Sophos researcher Paul Ducklin.

Needless to say, users would do well to ignore these emails. Some could (understandably) be worried about the fact that someone out there has much personal info about them, but if they are, it’s best to involve local law enforcement and ask for advice.

Source: UK residents hit with extremely personalized scam emails – Help Net Security

Do iPhones get viruses? How to remove a virus from an iPhone or iPad – How to – Macworld UK

iPhones are known for their strong security; any time rival fanboys have an argument about whether iPhones or Android smartphones are better, the superior security of the iOS platform is bound to come up. (To be fair, Android phones are pretty secure too.)

iOS malware is rare but not unknown. Here’s how to check an iPhone or iPad for viruses and wipe it clean

Source: Do iPhones get viruses? How to remove a virus from an iPhone or iPad – How to – Macworld UK

Ransomware could attack your fitness tracker, smart watch and television | Noddle Blog

The latest trends in wireless fitness trackers, smartwatches and Smart TV’s have opened up new ways for criminals to hack into your personal data and hold you at ransom, warn cyber security experts.

Think about all the everyday objects you have that are connected to the internet and hold your personal data, information about you, photos and contacts. Hackers are to those devices as bees are to honey – they’re attracted to your devices because even if the information held is not valuable to them, it’ll be valuable to you. This is where ransomware comes in….

Source: Ransomware could attack your fitness tracker, smart watch and television | Noddle Blog

Phishers’ new social engineering trick: PDF attachments with malicious links – Help Net Security

The latest attacks through PDF attachments are geared towards pushing users to enter their email account credentials into well-crafted phishing pages.

Source: Phishers’ new social engineering trick: PDF attachments with malicious links – Help Net Security

Adobe Flash provides six of the top 10 bugs used by exploit kits in 2016

Adobe Flash responsible for six of the top 10 bugs used by exploit kits in 2016

So, are you ready to uninstall Adobe Flash now?

Of the top 10 vulnerabilities incorporated by exploit kits in 2016, six of them (rather unsurprisingly) affected Adobe Flash Player.

Real-time threat intelligence provider Recorded Future arrived at those findings by analyzing thousands of sources including information security blogs and deep web forum postings.

Source: Adobe Flash provides six of the top 10 bugs used by exploit kits in 2016