Home » malware

malware

Nifty News: Fake Pokémon NFT game spreads malware, ‘Jai Ho’ singer to launch metaverse and more

Hackers hide malware in fake NFT game A phishing website purporting to offer a Pokémon-branded nonfungible token (NFT) card game has been spreading malware to unsuspecting gamers, a cybersecurity firm has warned. The website, which at the time of writing was still online, also claims to offer an NFT marketplace, with a link to buy tokens, and even an area to stake NFTs — all based on the popular Japanese media franchise. However, an arm of the South Korean cybersecurity firm AhnLab warned the public about the website on Jan. 6, noting that instead of downloading agame, users were actually downloading a remote access tool that allows hackers to take control of their device. A screenshot of the phishing website. The “Play on PC” link at the bottom of the image downloads the malware. The...

Cybercrooks to ditch BTC as regulation and tracking improves: Kaspersky

Bitcoin (BTC) is forecasted to be a less enticing payment choice by cybercriminals as regulations and tracking technologies improve, thwarting their ability to safely move funds. Cybersecurity firm Kaspersky in a Nov. 22 report noted that ransomware negotiations and payments would rely less on Bitcoin as a transfer of value as an increase in digital asset regulations and tracking technologies will force cybercriminals to rotate away from Bitcoin and into other methods. As reported by Cointelegraph, ransomware payments using crypto topped $600 million in 2021 and some of the biggest heists such as the Colonial Pipeline attack demanded BTC as a ransom. Kaspersky also noted that crypto scams have increased along with the greater adoption of digital assets. However, it said that people have be...

The Current & Future State of Smart OT Security

Image sourced from Pixabay It’s no surprise that security and network professionals working in operational technology (OT) environments are eager to take advantage of the emerging capabilities of digital transformation. Adopting modern technologies like cloud computing, machine automation, and the Internet of Things (IoT) across the industrial sector offers many potential benefits, ranging from streamlined processes that contribute to increased staff productivity to decreased plant downtime. However, a new report published by Smart Industry and sponsored by Fortinet explores the challenges these decision makers face when balancing the acceleration of their digital transformation efforts with the creation and maintenance of a strong security program. The report...

Sneaky fake Google Translate app installs crypto miner on 112,000 PCs

Crypto mining malware has been sneakily invading hundreds of thousands of computers around the world since 2019, often masquerading as legitimate programs such as Google Translate, new research has found.  In an Aug. 29 report by Check Point Research (CPR), a research team for American-Israeli cybersecurity provider, Check Point Software Technologies revealed the malware has been flying under the radar for years, thanks partly to its insidious design which delays installing the crypto mining malware for weeks after the initial software download. .@_CPResearch_ detected a #crypto miner #malware campaign, which potentially infected thousands of machines worldwide. Dubbed ‘Nitrokod,” the attack was initially found by Check Point XDR. Get the details, here: https://t.co/MeaLP3nh97 #crypto...

Malware That Can Take Over Computers is Skyrocketing in Africa

Sourced from Tech Advisor According to data collected by Russia-based cybersecurity provider Kaspersky, the number of backdoor computer malware detected in Q2 2022 for corporate users in South Africa, Kenya and Nigeria has significantly increased compared to the previous quarter. Currently, numbers are hitting new records and posing challenges to cybersecurity professionals in enterprise and government agencies. “Backdoors enable a series of long unnoticed cyberespionage campaigns, which result in significant financial or reputational losses and may disrupt the victim organisation’s operations. Corporate systems should be constantly audited and carefully monitored for hidden threats,” comments Dr Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Afri...

Ransomware: The Threat that Lies in Wait

There can be no doubt that ransomware attacks are on the rise across the globe. A simple online search will reveal thousands of statistics in this regard, and South Africa is no exception. What is also clear from numerous examples of successful breaches, is the potentially devastating effect of a ransomware attack, which can cripple a business and shut down essential services for extended periods, not to mention cost a fortune to recover from. They are, in fact, legitimate business disasters, and need to be considered as such when it comes to disaster recovery and business continuity planning. Under Siege There is no shortage of high-profile examples of ransomware attacks in South Africa over the past two years, from Johannesburg City Power to the Life Healthcare hospital group, Transnet P...

How to Secure Your Remote Work Environment from Cybersecurity Threats

Sourced from International IDEA Cybersecurity threats are at an all-time high. With organizations increasingly employing hybrid work models, it has become more vital than ever to educate employees on the various cybersecurity risks that come with a distributed work environment. In a hybrid work environment, employees working from home pose a greater security risk compared to those working at the office. Home networks are less secured than corporate networks, unprotected by in-office firewalls and advanced fraud detection systems. In the comfort of one’s home, a small mistake by an employee could potentially risk the company’s confidential data being leaked. However, risks like data leaks and device compromise can be managed by following certain best practices. Here are some of the practice...

Understanding the Risks to Cryptocurrency Trading

Sourced from Hacker Noon. Alongside self-fertilizing crops and low-carbon shipping, cryptocurrencies have made the World Economic Forum (WEF) list of top tech trends in 2022 bolstered by research by the Thomson Reuters Foundation that describes it as moving from the ‘fringes of finance to the mainstream’. Perceptions around cryptocurrencies have shifted, with several countries adopting it as legal tender, banks looking to create their own forms of digital currency, and consumers putting their savings into crypto wallets instead of traditional financial institutions. Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 Africa. Countries are either considering or are already partially using Central Bank Digital Currency (CBDC), which essentially allows for companies and individuals...

Mobile Malware Attacks Across Africa are on the Decline – Why It Isn’t a Good Thing

Image sourced from Sectigo. While analysing the threat landscape of African countries, Kaspersky experts saw a steady decline in attacks on mobile devices in the region, as cybercriminals consolidated their efforts to focus on more complicated, dangerous and profitable threats instead. These and other findings are featured in Kaspersky’s Mobile Threats in 2021 report. Overall, in 2021, South African users faced 38% less mobile malware attacks than in 2020, while other countries in the region have seen even more dramatic changes of their mobile threat landscape: Mozambique saw a 48% decrease, followed by Botswana (58%), Nigeria (59%), Ethiopia (69%) and Ghana (76%). The only countries where the share of attacks increased was Angola, where mobile malware actually grew by 12%. “Indeed, there ...

Hodlers beware! New malware targets MetaMask and 40 other crypto wallets

Security was never the strong suit of browser-based crypto wallets to store Bitcoin (BTC), Ether (ETH) and other cryptocurrencies. However, new malware makes the safety of online wallets even more complicated by directly targeting crypto wallets that work as browser extensions such as MetaMask, Binance Chain Wallet or Coinbase Wallet. Named Mars Stealer by its developers, the new malware is a powerful upgrade on the information-stealing Oski trojan of 2019, according to security researcher 3xp0rt. It targets more than 40 browser-based crypto wallets, along with popular two-factor authentication (2FA) extensions, with a grabber function that steals users’ private keys. MetaMask, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet and TronLink are listed as some of the ...

‘Less sophisticated’ malware is stealing millions: Chainalysis

Cryptojacking accounted for 73% of the total value received by malware related addresses between 2017 and 2021, according to a new malware report from blockchain analysis firm Chainalysis. Malware is used to conduct nefarious activity on a victim’s device such as a smartphone or PC after being downloaded without the victim’s knowledge. Malware-powered crime can be anything from information-stealing to denial-of-service (DDoS) attacks or ad fraud on a grand scale. The report excluded ransomware, which involves an initial use of hacks and malware to leverage ransom payments from vicitms in order to halt the attacks. Chainalysis stated: “While most tend to focus on high-profile ransomware attacks against big corporations and government agencies, cybercriminals are using less sophisticated typ...

‘Less sophisticated’ malware is stealing millions: Chainalysis

Cryptojacking accounted for 73% of the total value received by malware related addresses between 2017 and 2021, according to a new malware report from blockchain analysis firm Chainalysis. Malware is used to conduct nefarious activity on a victim’s device such as a smartphone or PC after being downloaded without the victim’s knowledge. Malware-powered crime can be anything from information-stealing to denial-of-service (DDoS) attacks or ad fraud on a grand scale. The report excluded ransomware, which involves an initial use of hacks and malware to leverage ransom payments from vicitms in order to halt the attacks. Chainalysis stated: “While most tend to focus on high-profile ransomware attacks against big corporations and government agencies, cybercriminals are using less sophisticated typ...