Hackers have updated the AnarchyGrabber trojan to a new version which is capable of stealing passwords and user tokens, disabling 2FA and spreading malware to a victim’s friends as well. AnarchyGrabber is distributed for free on hacking forums and in YouTube videos and the trojan is used by cybercriminals on Discord who claim it is a game cheat, hacking tool or copyrighted software. Instead it modifies the Discord client’s JavaScript files to turn it into malware that can steal a victim’s Discord user token which is then used by an attacker to log into the popular chat service as the victim.
ISBuzz Team
While much of the world is staying at home in an attempt to slow the spread of COVID-19, cybercriminals are out in full force and trying to use the chaos around the pandemic to their advantage. Many companies are adjusting to having an entirely remote workforce for the first time, and while there are immediate security concerns to worry about – thanks to an uptick in traditional attacks like phishing schemes and ransomware – there are also pervasive and long-term threats that security teams must monitor for as well. Not all cybercriminals want to attack as soon as they gain access to a network. In many cases, cybercriminals will exploit workers to gain access…
The Red Cross has published a letter urging governments to take more decisive action against cyber attacks on healthcare infrastructure during Covid-19.
It has been reported that security researchers have found a major vulnerability in almost every version of Android, which lets malware imitate legitimate apps to steal app passwords and other sensitive data. The vulnerability, dubbed Strandhogg 2.0 (named after the Norse term for a hostile takeover) affects all devices running Android 9.0 and earlier. It’s the “evil twin” to an earlier bug of the same name, according to Norwegian security firm Promon, which discovered both vulnerabilities six months apart. Strandhogg 2.0 works by tricking a victim into thinking they’re entering their passwords on a legitimate app while instead interacting with a malicious overlay. Strandhogg…
As reported by ITPro, EasyJet is facing an £18 billion class-action lawsuit over the recent large-scale data breach that exposed the personal details of nine million of its customers. Law firm PGMBM said it has issued a class-action claim in the High Court of London with a potential liability of £18 billion. If successful, each customer impacted by the breach could receive a payout of £2,000. This move follows the airline’s recent announcement that it had been the subject of a “highly sophisticated cyber-attack” in which the email addresses and travel details of around nine million customers were accessed, as well as the credit card details of 2,208 customers.
Hackers have updated the AnarchyGrabber trojan to a new version which is capable of stealing passwords and user tokens, disabling 2FA and spreading malware to a victim’s friends as well. This is the second update the trojan has received this year as it was also updated back in April to modify Discord client files in order to evade detection by antivirus software and steal user accounts every time someone logs into the popular chat service.
Following reports from Bleeping Computer, “On April 11, 2020, Magellan discovered it was targeted by a ransomware attack. The unauthorised actor gained access to Magellan’s systems after sending a phishing email on April 6 that impersonated a Magellan client,” Magellan SVP & Chief Compliance Officer John J. DiBernardi Jr says in a breach notification notice filed with the office of the Attorney General of California. As the investigation unveiled, the threat actors behind the ransomware attack were able to steal and exfiltrate “a subset of data from a single Magellan corporate server,” including sensitive personal information. “In limited instances, and only with respect to certain current employees, the unauthorized actor…
As reported by BBC News, Twitter has told staff that they can work from home “forever” if they wish as the company looks towards the future after the coronavirus pandemic. The decision came as the social media giant said its work-from-home measures during the lockdown had been a success. But it also said it would allow workers to return to the office if they choose when it reopens.
As reported by Bleeping Computer, in just a few weeks, the security researcher Max Kersten collected over 1,000 domains with payment card skimmers. It exposes the reality that MageCart is still a prevalent threat that targets unprotected webshops. A decade ago, Magecart was first discovered by cybersecurity company RiskIQ. But in the past two years, the attacks have drastically increased hitting large companies like British Airways, Ticketmaster, OXO, Newegg. That is why automated systems assigned to this threat discovered hundreds of thousands of websites that on checkout pages malicious JavaScript made to rob shoppers of their card data.