Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Adware. Show all posts
threat report
Adware Cyber Security Data Safety macOS security threat threat report

Top Cybersecurity Trends to Watch Out in 2023

 

The most recent research from Malwarebytes, which examines the situation of malware in 2023, has just been published. The research includes information on current significant security advancements, 5 cyber threat archetypes to watch out for this year, the most prevalent malware identified on Macs, and more. 

The 30-page 2023 State of Malware study was released earlier this week by Malwarebytes. The business states in its opening: 

"The traditional cybersecurity guidelines are obsolete. Your company can no longer only rely on the greatest security software to protect you from the most harmful malware used by your adversaries. The conflict is becoming more human; your best soldiers are up against their worst."

More than ever, malicious hackers are turning to social engineering as older assault routes have closed up. The report begins with six significant occasions from 2022 that had an impact on cybersecurity:

Conflict in Ukraine: The conflict in Ukraine was strategically significant, making it a good subject for social engineering lures. According to the Malwarebytes Threat Intelligence team, the war was a common theme in attacks against German targets by alleged Russian state actors and against Russian targets by alleged Chinese state actors. 

Ransomware: Throughout 2022, ransomware organisations tried out a variety of new strategies, but few of them were successful. Purchasing access to businesses through displeased employees is one strategy that might be more successful in 2023. Macros One of the most effective malware delivery mechanisms ever created was ultimately stopped in 2022 when Microsoft declared that it will prohibit macros in Office documents obtained from the Internet.

Authentication:  It has taken a while to find a truly viable replacement, but in May, Google, Apple, and Microsoft announced their strong support for FIDO2, an established, current, and widely used standard for password-free authentication.

Roe v. Wade: The US Supreme Court's decision to overrule Roe v. Wade in June 2022 represented the most significant shift to data privacy in that year. As previously innocuous data points—like whereabouts, purchasing preferences, search histories, and menstrual cycles—acquired a potentially life-altering meaning, worries about digital privacy suddenly became widespread. 

TikTok: Brendan Carr, a commissioner for the US Federal Communications Commission, called the social media app TikTok "an intolerable national security danger" in June due to its vast data collection and "Beijing's apparently unfettered access to that sensitive material." 

Mac malware that is most prevalent

Macs are not immune to malware, though they are less frequently attacked than Windows. Adware was the most typical detection on macOS in 2022, according to Malwarebytes. A single adware programme called OSX accounted for 10% of all detections on Mac. 

The "worst," according to the company, is Genio. Despite being categorised as adware, the report states that it exhibits malware-like behaviour in order to "dig deeper into the machines it's placed on, penetrating defences and compromising security in the name of making itself incredibly difficult to remove." 

OSX.Genio makes money by 'intercepting users' web searches and putting its own intrusive adverts into the results in order to work. 11% of the total came from malware detections, followed by 14% from adware operators and a variety of other sources.
Read more »
User Security
Adware Cyber Fraud Cyber Scam Internet Fraud threat report User Security

Internet Users are Inundated With Adware and False Advise Frauds Thanks to Hackers

 


Avast, a leading provider of cybersecurity software, has released its Q4 2022 Threat Report, which closely examines the kinds of scams that prey on unsuspecting consumers. 

One of the most well-known scam types was social engineering, which highlights the human error, as well as techniques for refund and invoice fraud and purported tech support scams. Like in prior quarters, lottery-related adware campaigns were still widely used. In addition to scams, the business identified two zero-day exploits in Chrome and Windows, which have since been patched, underscoring consumers' need to maintain software updates. 

Widespread email fraud 

Jakub Kroustek, Director of Avast Virus Research, argued that hackers attribute a significant percentage of their success to human nature, which causes us to react with urgency, anxiety, and a desire to recover control of situations.

According to Kroustek, "at the end of 2022, we witnessed an increase in human-centered threats, such as scams tricking people into thinking their computer is infected, or that they have been charged for goods they didn’t order. It’s human nature to react to urgency, and fear and try to regain control of issues, and that’s where cybercriminals succeed.

When people face surprising pop-up messages or emails, we recommend they stay calm and take a moment to think before they act. Threats are so ubiquitous today that it’s hard for consumers to keep up. It is our mission to help protect people by detecting threats and alerting users before they can do any harm, using the latest AI-based technology.”

During the latter months of 2022 running up to Christmas, an alarming rise in the refund and invoice fraud was observed, with duped victims giving hostile actors access to their screens and online banking. Uncertain individuals may prefer to go directly to the platform's website and use a number they are sure of rather than dialing the number on the scam email. 

Along with the Arkei information stealer, which showed a startling 437% growth, other lottery-style popups and other sources of data theft also occurred. Among other places, Arkei is renowned for stealing data from autofill forms in browsers. Two zero-day vulnerabilities have also been discovered in Windows and Google Chrome. According to Avast, the risk to users was reduced because both businesses were alerted and responded quickly.
Read more »
Software
Adware Android Applications Cyber Fraud Safety Scam Security Software

Facebook Ads Push Android Adware, Installed 7M Times on Google Play Store

 

Several adware programmes marketed aggressively on Facebook as system cleansers and optimizers for Android devices have accumulated millions of downloads from the Google Play store. 

The applications lack all of the advertised functionality and push adverts while attempting to stay on the device for as long as possible. To avoid deletion, the applications regularly change their icons and names, posing as Settings or the Play Store itself. 

Adware applications make use of the Android component Contact Provider, which allows them to transport data between the device and web services. Because the subsystem is contacted whenever a new programme is installed, the adware might exploit it to start the ad-serving process. It may appear to the user that the advertising is being pushed by the legitimate app they installed. 

McAfee researchers found the adware applications. They point out that customers do not need to activate them after installation to see the advertising because the adware runs automatically without user intervention. The first thing these intrusive apps do is set up a permanent service for displaying adverts. If the process is "killed" (terminated), it instantly restarts. 

This video demonstrates how the adware's name and icon change automatically and how ad-serving occurs without user intervention. 

According to McAfee's analysis, consumers are persuaded to believe the adware applications because they see a Play Store link on Facebook, leaving little room for uncertainty. As a result, exceptionally high download counts for the specific type of apps have emerged, as shown below:
  • Junk Cleaner, cn.junk.clean.plp, 1M+ downloads
  • EasyCleaner, com.easy.clean.ipz, 100K+ downloads
  • Power Doctor, com.power.doctor.mnb, 500K+ downloads
  • Super Clean, com.super.clean.zaz, 500K+ downloads
  • Full Clean -Clean Cache, org.stemp.fll.clean, 1M+ downloads
  • Fingertip Cleaner, com.fingertip.clean.cvb, 500K+ downloads
  • Quick Cleaner, org.qck.cle.oyo, 1M+ downloads
  • Keep Clean, org.clean.sys.lunch, 1M+ downloads
  • Windy Clean, in.phone.clean.www, 500K+ downloads
  • Carpet Clean, og.crp.cln.zda, 100K+ downloads
  • Cool Clean, syn.clean.cool.zbc, 500K+ downloads
  • Strong Clean, in.memory.sys.clean, 500K+ downloads
  • Meteor Clean, org.ssl.wind.clean, 100K+ downloads
The majority of impacted users are from South Korea, Japan, and Brazil, however, the adware has regrettably spread globally. The adware applications have been removed from the Google Play Store. Users who installed them, on the other hand, must manually delete them from the device.

Despite their limited advantages, system cleansers and optimizers are popular software categories. Cybercriminals know that many people would attempt such methods to extend the life of their gadgets, thus they disguise dangerous software as such.
Read more »
Play Store
Adware Android Apps Antivirus Google Mallicious Apps malware Mobile Apps Play Store

Alert! Check if you have these Android Malware Apps Installed With 10M+ Downloads

 

A fresh batch of harmful Android applications containing adware and malware that have been installed on almost 10 million mobile devices has been discovered on the Google Play Store. 

The apps pretend to be picture editors, virtual keyboards, system optimizers, wallpaper changes, and other things. Their primary functionality, however, is to display invasive advertisements, subscribe users to premium services, and hijack victims' social network accounts. 

The Dr Web antivirus team discovered several dangerous applications, which they highlighted in a study published. Google has removed the great majority of the offered applications, however, three remain available for download and installation via the Play Store at the time of writing. Also, if anyone installed any of these applications before they were removed from the Play Store, then will need to manually delete them from the device and conduct an antivirus check to remove any leftovers. 

The latest dangerous Android applications Dr Web found adware apps that are variations on existing families that initially surfaced on the Google Play Store in May 2022. When the applications are installed, they ask for permission to overlay windows over any app and can add themselves to the battery saver's exclusion list, allowing them to run in the background even after the victim shuts the app. Furthermore, they hide their app drawer icons or replace them with anything resembling a fundamental system component, such as "SIM Toolkit."

"This app "killed" my phone. It keep'd crashing , i couldn't even enter password to unlock phone and uninstall it. Eventually, I had to make a complete wipe out (factory reset), to regain phone. DO NOT , install this app !!!!," read a review of the app on the Google Play Store. 

Joker applications, which are infamous for incurring false payments on victims' mobile phones by subscribing them to premium services, are the second kind of harmful apps spotted on the Play Store. Two of the featured applications, 'Water Reminder' and 'Yoga - For Beginner to Advanced,' have 100,000 and 50,000 downloads, respectively, in the Play Store. Both deliver the claimed functionality, but they also execute malicious operations in the background, interacting with unseen or out-of-focus WebView objects and charging consumers. 

Finally, Dr. Web identifies two Facebook account stealers that are disseminated through picture editing applications and use cartoon effects on ordinary images. These applications are 'YouToon - AI Cartoon Effect' and 'Pista - Cartoon Photo Effect,' and they have been downloaded over 1.5 million times in the App Store. 

Android malware will always find a way into the Google Play Store, and apps can occasionally linger there for months, so users should not blindly trust any app or no apps. As a result, it is critical to read user reviews and ratings, visit the developer's website, read the privacy policy, and pay close attention to the permissions sought during installation. 
  • Photo Editor: Beauty Filter (gb.artfilter.tenvarnist)
  • Photo Editor: Retouch & Cutout (de.nineergysh.quickarttwo)
  • Photo Editor: Art Filters (gb.painnt.moonlightingnine)
  • Photo Editor - Design Maker (gb.twentynine.redaktoridea)
  • Photo Editor & Background Eraser (de.photoground.twentysixshot)
  • Photo & Exif Editor (de.xnano.photoexifeditornine)
  • Photo Editor - Filters Effects (de.hitopgop.sixtyeightgx)
  • Photo Filters & Effects (de.sixtyonecollice.cameraroll)
  • Photo Editor : Blur Image (de.instgang.fiftyggfife)
  • Photo Editor : Cut, Paste (de.fiftyninecamera.rollredactor)
  • Emoji Keyboard: Stickers & GIF (gb.crazykey.sevenboard)
  • Neon Theme Keyboard (com.neonthemekeyboard.app)
  • Neon Theme - Android Keyboard (com.androidneonkeyboard.app)
  • Cashe Cleaner (com.cachecleanereasytool.app)
  • Fancy Charging (com.fancyanimatedbattery.app)
  • FastCleaner: Cashe Cleaner (com.fastcleanercashecleaner.app)
  • Call Skins - Caller Themes (com.rockskinthemes.app)
  • Funny Caller (com.funnycallercustomtheme.app)
  • CallMe Phone Themes (com.callercallwallpaper.app)
  • InCall: Contact Background (com.mycallcustomcallscrean.app)
  • MyCall - Call Personalization (com.mycallcallpersonalization.app)
  • Caller Theme (com.caller.theme.slow)
  • Caller Theme (com.callertheme.firstref)
  • Funny Wallpapers - Live Screen (com.funnywallpapaerslive.app)
  • 4K Wallpapers Auto Changer (de.andromo.ssfiftylivesixcc)
  • NewScrean: 4D Wallpapers (com.newscrean4dwallpapers.app)
  • Stock Wallpapers & Backgrounds (de.stockeighty.onewallpapers)
  • Notes - reminders and lists (com.notesreminderslists.app)
Read more »
Malware.
Adware Among Us app Gaming Malware.

Fake Among Us apps floating over the internet can deploy malware and adware in your device

There is an imposter among us, quite literally - the popular gaming app has attracted many flukes and malware carrying apps made to look like the legit gaming application or mod. These malicious apps can range from harmlessly annoying to quite dangerous.

Players looking for Among Us should be cautious as to use only trustworthy sources to install the app from and look into mods and their legitimacy before using them.

These "fake" apps range from mock among us intending to swindle off from the game's success to mods, which attracts young players in the lure of hacks but actually drops malware in the system or steal data from the device.
A report from TechRadar says that currently there are 60 fake imposter apps of Among Us including apps that can i) install adware or bloatware or ii) apps that deploy malware and iii) steal financial data. 

Why Among Us? 

Among Us, a multiplayer PC and mobile game suddenly became popular in 2020. Though it was released in 2018, did not gain much attention until gaming streamers started broadcasting the game. Developed by InnerSloth, a small studio in Redmond, Washington, Among Us has stayed top five on Apple’s U.S. App Store since Sept. 1, with more than 158 million installs worldwide across the App Store and Google Play. 

Word to mouth marketing and pandemic imposed lockdown made the game quickly catch up with young players which these miscreants exploited. A young player looking for hacks and mods would be easy to dupe and install a fake app that installs adwares or one that's more damaging. 

Precautions to avoid Among Us imposter apps:

It's smart to avoid any website that claims to offer hacks, resources, packs, and mods as people without much background in gaming and the cyber world won't be able to detect malicious content. 

 
Always install the app from a trusted source and after reading comments as they would tell you if anything is wrong with the app. 

As to find out the legitimacy of mods it's best to use the community. In themselves mods are harmless but as told before some of these fake ones could add codes into your device. Use legitimate mod websites and if going for a private website then do read comments as someone would probably write any suspicious behavior on the discourse. Also, mods developed by semi-public figures or among us content creators will usually be safe.
Read more »
malware
Adware Google Google Play Store malware

Google Banned 29 Android Apps Containing Adware


A research discovered that almost all the malware are designed to target android users and in order to prevent users from installing adware filled apps built to stealthily access their banking and social media credentials; Google has made a continuous effort including the introduction of ‘Google Play Protect’. The main idea behind Play protect is to keep your device, apps, and data secure by automatically scanning the apps in real-time and identifying any potentially malicious apps. Despite the strength of Google’s machine learning algorithms and constantly improving real-time technology, the operations of Potentially Harmful Applications (PHAs) do not seem to halt any time soon as cybercriminals are devising new methods to evade detection by Play Protect also.

Recently, Google pulled off 29 apps from the Play Store as they were found to be infected with adware, most of these apps were present in the facade of photo editing apps having a feature of ‘blur’, which was also the codename of the investigation called as “CHARTREUSEBLUR”- that unveiled the malicious operations. The apps were discovered as a part of the White Ope’ Satori threat intelligence team. In total, these Android apps had more than 3.5 million downloads.

As per the observations, these malicious apps were promoting irrelevant advertisements which are said to be used to keep away from detection. After the victim installs any of these apps, the icon to launch the app would immediately disappear from the home screen and won’t be found anywhere, making it highly inconvenient for the users to remove the adware laden apps from their devices. Moreover, there was no open function to be found on the Play Store either.

In order to stay on a safer side, the investigation team advised Android users to stay wary of adware filled apps by examining reviews properly before downloading and not to fall for fake 5-star reviews. Apps that seem new and have received a whopping number of downloads in a short period of time should be strictly avoided.

Recently banned 29 Android applications included Color Call Flash, Photo Blur, Photo Blur Master, Super Call Screen, Square Blur Master, Blur Photo Editor, Super Call Flash, Auto Picture Cut, Square Blur Photo, Magic Call Flash amid a few others.
Read more »
Windows
Adware Cybersecurity Microsoft Windows

24 Million Adware Attacks found on Windows


Avast, a security firm, discovered in their research the growing scale of adware. According to the report, around 72% of malware on android was adware. Another report by Malwarebytes reveals some shocking numbers with 24 million windows adware detections and 30 million on Macs. Nowadays, with good search engines and added internet security, we hardly consider adware as a severe threat. There was a time, around 2002 when adware attacks were at an all-time high. It was quite common to be faced with pop-ups and adds opening another window showing adverts. Only a few software provided essential protection against these pop-ups.


But in this digital-savvy decade, we hardly consider pop-ups as a security threat, but this report by Avast tells a different story. The numbers show that adware is still very much present and thriving. "Adware is unwanted software designed to throw advertisements up on your screen, most often within a web browser." This adware campaign can have malicious intents, especially using COVID-19, to fulfill their purposes.

Kaspersky released a report in which more than 120,000 malware and adware were impersonating meeting software like Zoom. Most evident were: DealPly and DownloadSponsor. This adware has evolved from their previous counterparts to a high capacity. Now they display that install and download other adware software. In some cases, the adware DealPly and ManageX can be installed automatically with the legitimate installer and other potentially unwanted applications (PUAs). Battling with adware is a hard war because of their large numbers. There are hundreds of apps developed every day and registered; many come laden with adware. To check every single one of them is more robust than finding a needle in a haystack.

In March, Google banned 56 malicious applications, but by then, they already had around a million downloads. It is effortless for these apps to pose as legitimate and carry adware along with them. Adware is often ignored in the shadows of more severe security threats, and even though it is less harmful, it nonetheless is far more ubiquitous. Hence, security teams must be cautious of adware and take preventive steps.
Read more »
Mobile Security
Adware Android Applications Android Security Mobile Security

Researchers Found Android Apps on Google Play that Steal Personal Data of Victims and Pose Other Threats



Security researchers identified seven new malicious apps present on Google Play Store that infect devices with adware and malware while laying open the system's backdoor access which ensures a smooth installation of any new functionality that comes along with the application. Other threats include battery drainage and excessive consumption of mobile data.

In recent times, with the mobile malware penetrating its roots in the cyber world, there have been a number of new discoveries from security researchers where they warn of malicious android apps that request sketchy permissions and contain malware. Android platform's openness, flexibility, and excess control are the key factors which make it all the more attractive to the users and likewise, cybercriminals. As a downside, it also provides a more vulnerable space for criminals to exploit by posting adware infected apps to serve marketing interests and steal sensitive user data. These apps can take different forms and mostly, share a similar code structure which indicates a direct link between the developers.

These malicious apps are configured to download and consequently install APKs from a GitHub repository, hence attackers are handling the GitHub communication very sophisticatedly, as a part of which they effectively wait to bypass detection by security officers and malware detection agencies.

Attackers have embedded a GitHub URL within the malicious app code which sets the basis for evading Google Play protect scan. However, while security researchers somehow managed to unearth the configuration data of the malicious apps and related URLs, they were directed to Adware APK which is triggered right after the installation of the infected app. The APK halts for a timeframe of 10 minutes after being triggered to execute the malicious motives.

Here, the aforementioned malicious apps have been posted by three different developers as listed below:

iSoft LLC (Developer) – Alarm Clock, Calculator, Free Magnifying Glass
PumpApp (Developer) – Magnifying Glass, Super Bright LED Flashlight
LizotMitis (Developer) – Magnifier, Magnifying Glass with Flashlight, Super-bright Flashlight

As a security measure for the continuously expanding mobile malware, Google tied up with various mobile security companies that would assist them in detecting bad apps before they hit a download mark over million. Users who have already installed these dropper apps are recommended to uninstall them manually.
Read more »
Subscribe to: Posts (Atom)