Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Avast Blog_Security News: Closing the cybercrime superstore and more news of the week
#1
Information 
Quote:
[Image: TVDumYE.png]

Europol busts an international cyber syndicate; spyware infects WhatsApp; Forbes online subscribers get hacked; and Zombieload rises.

Europol takes down cybercrime supermarket

In a joint effort by six countries, Europol led a complicated international operation to take down the GozNym malware cybercriminal network. The network preyed on over 40,000 victims from whom it attempted to steal a collective $100M. A federal grand jury in Pittsburgh indicted ten members of the criminal network under conspiracy to infect victims’ computers with GozNym malware designed to capture banking credentials, using the stolen credentials to gain fraudulent access to the victims’ accounts, and stealing and laundering money from those accounts. The bust entailed cooperation from Bulgaria, Germany, Georgia, Moldova, Ukraine, and the United States.

The GozNym network is an example of “cybercrime as a service,” where bad actors with specific criminal skill sets team up to form a full “assembly line” of crime. This consists of the leader of the network, the developer of the malware, “crypters” who encrypt the malware so it can’t be detected, spammers who distribute the malware, bulletproof hosting servers to house the malicious domains, account takeover specialists who do the actual transferring of funds from victims’ accounts, and “cash-outs” (also called “drop masters”) who launder the money. Five of the indicted men have evaded capture and remain on the run, while the others await prosecution.

Quote of the week

“The GozNym network exemplified the concept of ‘cybercrime as a service,’ with different criminal services such as bulletproof hosters, money mules networks, crypters, spammers, coders, organizers, and technical support.”
– Europol explaining GozNym malware crime ring

WhatsApp flaw lets in spyware

Commercial-grade spyware believed to come from the Israeli cyber-offense program called Pegasus has been detected in certain cyberattacks using the WhatsApp app. The malware could install itself onto the mobile device just by making a call, and the victim didn’t even have to answer. WhatsApp parent company Facebook believes specific people were targeted in the attack, namely human rights activists and lawyers. “The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems.”

The attackers took advantage of a buffer overflow flaw, but WhatsApp claims it immediately blocked that attack vector in an update once the attacks were detected and users have been protected against it since last week. It’s unclear how many victims were targeted in the attack, but WhatsApp has briefed a number of human rights organizations on the details over the past few days.

Avast Security Researcher Luis Corrons notes, “Although we are not used to seeing attacks through WhatsApp, we are talking about a platform with several hundreds of millions of people using it. A security hole in this platform that allows the targeting of specific people can be a powerful weapon in the hands of criminals.”
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • Deep900
Reply
#2
Security flaws and issues in very popular applications should be fixed as soon as possible by the developers to prevent possible malicious activities that use those security flaws. This is valid also, however, if we talk about of less popular applications but which are used daily by users, for example messaging apps which, if are affected by security issues, it can be a serious problem for the users.
[-] The following 1 user says Thank You to Deep900 for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54
GFYI [Official] EaseUS Data Recovery Wi...
I utilize EaseUS Par...zevish — 08:10

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>