Traditional e-mail based scams are also in the mix this year, one in particular that uses the legitimate app TeamViewer to take over victims’ systems.The attacks are emerging alongside the traditional e-mail based attacks that try to trick users into installing malware that can steal credentials or take control of systems. One of the new target tax scams leverage the legitimate TeamViewer remote-control app to do its dirty work.
Google has removed nearly 600 Android apps from the Play Store for serving up obnoxious, invasive ads that aren’t easily “x’d” out of. The internet giant said the enforcement action was a strike against mobile ad fraud. Google said Thursday that the apps violated its disruptive ads policy – and are therefore also banned from Google’s ad monetization platforms, Google AdMob and Google Ad Manager.
Researchers have identified eight malicious Android apps in the official Google Play marketplace distributing a new malware family. The “Haken” malware exfiltrates sensitive data from victims and covertly signs them up for expensive premium subscription services. The eight apps in question, which have since been removed, had collectively been downloaded 50,000 times. The apps were mostly camera utilities and children’s games, including “Kids Coloring,” “Compass,” “qrcode,” “Fruits coloring book,” “soccer coloring book,” “fruit jump tower,” “ball number shooter” and “Inongdan.” The apps legitimately function as advertised, but in the background covertly perform an array of malicious functions.
A Denmark-based global facility-management company was hit with a major cyber attack this week that shut down its worldwide computer systems for a few days and disrupted operations across its global network of employees. ISS World cut off access to shared IT services across its customer sites and offices worldwide after it was the target of a malware attack on Monday, Feb. 17, the company said in a press statement.
Active exploits are targeting a recently patched flaw in the popular WordPress plugin Duplicator, which has more than 1 million active installations. So far, researchers have seen 60,000 attempts to harvest sensitive information from victims. Researchers at Wordfence who discovered the in-the-wild attacks said in a post Thursday that 50,000 of those attacks occurred before Duplicator creator Snap Creek released a fix for the bug last week on Feb. 12 – so it was also exploited in the wild as a zero-day.