Geeks for your information Security Security Vendors Avast Avast Blog News and Info v
Avast Blog_Security News: This week: Sneaky malware, fishy phish, and more
Avast Blog_Security News: This week: Sneaky malware, fishy phish, and more
harlan4096 Online
MalWare Zoo Team
*******
Posts: 16,313
Threads: 10,323
Thanks Received: 9,367 in 7,513 posts
Thanks Given: 10,351
Joined: 12 September 18
#1
Information  18 February 19, 09:56 (This post was last modified: 18 February 19, 09:57 by harlan4096.)
Quote:
[Image: TVDumYE.png]

[Image: avast-security-news-roundup-9-3.jpg?width=900]

Windows malware attacks Macs, a strange phishing scam arises, 617M stolen accounts are for sale, and Trump wants more AI.

Phishing scam has fishy URLs

There’s a phishing campaign afoot that tries scamming users into believing their email accounts have been compromised. The phishing email claims multiple verification errors have caused the users’ accounts to be blacklisted and the only fix is an immediate login with the proper credentials. The email provides a link that reads CONFIRM YOUR EMAIL, and when users click on it, they are taken to a fake login page based on their particular email service. If they enter their credentials, the info is sent back to the malware’s C&C (command-and-control server).

A twist to this otherwise-typical phishing campaign is that the emails include URLs ranging from 400 to almost 1,000 characters long. Experts don’t yet understand the reason to include such a long URL, venturing early guesses that perhaps it is to deliberately add confusion or perhaps hide info within the long URL string. In any event, be wary of any email you receive claiming your account has been blacklisted.

Windows malware meant for Macs

In a move that circumvents the macOS Gatekeeper protocol, a series of malicious executables are making their way onto the machines of Mac users who install cracked software. Using the open source Mono framework, the threat actors created info stealers and adware for Macs, but as Windows EXE binaries. A set of these malicious files have been found bundled with cracked software distributed on torrent websites. When users download the pirated software, the malware gets around Gatekeeper thanks to its Windows status. Not recognizing the file as native to Mac, Gatekeeper does not check the file’s notarization status or Developer ID signature.

So far, the planted malware in the bundles triggers a payload of ads and steals all hardware and software information on that particular machine, sending the info back to its C&C. While the damage is relatively minimal with this malware, threat actors could create Windows EXE binaries for more harmful cyberattacks, including ransomware. As always, all users are strongly advised to stay away from cracked software.
Full reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
AdGuard Browser Extension 5.4.2.0
AdGuard Browser Ex...harlan4096 — 11:45
Cracked in under a minute: (nearly) ever...
We’ve revisited ou...harlan4096 — 11:44
QOwnNotes
26.5.7 Note text ...Kool — 03:54
NanaZip 6.0 Update 7 (6.0.1711.0)
NanaZip 6.0 Update...harlan4096 — 06:10
Vivaldi 7.9 Build 3970.64
Vivaldi 7.9 Build ...harlan4096 — 06:09

[-]
Birthdays
Today's Birthdays
avatar (45)talsmanthago
avatar (31)mocetor
avatar (46)piomaibhaict
avatar (51)kingbfef
avatar (38)izenesiq
Upcoming Birthdays
avatar (28)akiratoriyama
avatar (48)Jerrycix
avatar (40)awedoli
avatar (82)WinRARHowTo
avatar (38)owysykan
avatar (49)beautgok
avatar (39)axuben
avatar (40)ihijudu
avatar (45)tiojusop
avatar (42)Damiennug
avatar (40)acoraxe
avatar (49)contjrat
avatar (41)axylisyb
avatar (44)tukrublape
avatar (44)knigiJow
avatar (46)1stOnecal
avatar (50)Mirzojap
avatar (36)idilysaju
avatar (40)GregoryRog
avatar (45)mediumog
avatar (40)odukoromu
avatar (46)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>