Malware campaign expands to add cryptocurrency mining and iOS phishing attacks

A rapidly evolving information-stealing malware campaign has added iOS device phishing and cryptocurrency mining to its arsenal, having previously just focused on Android targets. Dubbed Roaming Mantis, the initial attacks mostly targeted South East Asia, but now the malware has been updated with the capability to specifically target users across Europe and the Middle East. Those […]

Telegrab: Russian malware hijacks Telegram sessions

Researchers have discovered and analyzed an unusual piece of malware that, among other things, seeks to collect cache and key files from end-to-end encrypted instant messaging service Telegram. Cisco Talos researchers Vitor Ventura and Azim Khodjibaev dubbed the malware Telegrab. They analyzed two versions of it. The first one, discovered on April 4, 2018, only […]

Adware bundle makes Chrome invisible to launch cryptojacking attacks

An adware bundle has been discovered which installs software to mine cryptocurrency on user PCs without their consent. Analysts from Bleeping Computer say that an adware bundle called FileTour has often walked a tightrope between nuisanceware, adware, and potentially unwanted programs (PuP), but now, the package has gone further by jumping on the cryptojacking bandwagon. FileTour, believed to […]

Rail Europe Notifies Riders of Three-Month Data Breach

Rail Europe North America (RENA), a website Americans use to buy European train tickets, has confirmed a three-month data breach in which customers’ payment card data was compromised. RENA reports the incident began on November 29, 2017 and continued through February 16, 2018, when a bank inquiry informed the organization of an attack. Attackers lifted […]

Proofpoint Sounds Warning on Vega Stealer Targeted Data Theft Campaign

A low-volume data-stealing campaign with the potential to get much bigger has begun targeting retail and manufacturing companies and also a select list of marketing, advertising, and public relations firms. Email security vendor Proofpoint says it has observed and blocked new malware called Vega Stealer that is being used in the campaign to steal saved […]

Chili’s restaurant chain suffers data breach

The Chili’s restaurant chain has been involved in a data breach which may have exposed customer credit card information. Dallas, Texas-based Brinker International — which operates over 1,600 Chili’s outlets worldwide — said that some of the chain’s restaurants have been involved in the incident, which is believed to have taken place between March and […]

Telstra tells cloud customers they’re at risk of malware or worse

Telstra has advised users of its cloud who run self-managed resources that their “internet facing servers are potentially vulnerable to malware or other malicious activity.” The company says that it spotted a weakness in its service on May 4th and is now telling users to “delete or disable” the “TOPS or TIRC account on your […]

Author of TreasureHunter PoS Malware Releases Its Source Code

In a development that could spell trouble for point-of-sale (PoS) operators, the author of TreasureHunter, a point-of-sale malware family that has been circulating in the wild since at least 2014, has released source code for the malware. Along with it, the threat actor has also released code for TreasureHunter’s graphical user interface builder and the […]

Android security: Malicious apps sneak back into Google Play after tweaks

Malware has reappeared in Google Play, the official Android app marketplace, after previously being identified and removed. Uncovered by researchers at Symantec, the malware was bundled inside at least seven different apps. The apps were listed as emoji keyboard additions, space cleaners, calculators, app lockers, and call recorders, but none actually performed the advertised functions, […]

SynAck Ransomware Gets Dangerous ‘Doppleganging’ Feature

The authors of the SynAck ransomware family appear to have found a way to make the malware considerably more dangerous for enterprises. Kaspersky Lab this week reported discovering a new version of SynAck that uses a very sophisticated technique called Process Doppelganging to try and evade anti-malware tools. In an advisory this week, Kaspersky Lab […]