Coinhive has been hacked by cybercriminals who have obfuscated Coinhive’s shortlinks to perform in-browser mining according to researchers at Malwarebytes. Chris Olson, CEO at The Media Trust: “Cryptomining malware has unseated ransomware as malware perpetrators’ top weapon of choice, mainly because it is lucrative and hard to detect. The sizable cryptomining malware “ring” recently uncovered shows the growing sophistication and scale of cryptojacking campaigns. To prevent their websites from being commandeered for drive-by mining, website operators need to do three things: (1) flag known malicious domains and Coin-hive related source code and shut them down once detected; (2) continuously scan…
ISBuzz Team
The famous Hide ‘N Seek botnet, first discovered in January this year, has expanded from infecting Internet of Things (IoT) devices and is now also targeting cross-platform database solutions as well. Sean Newman, Director at Corero Network Security commented below. Sean Newman, Director at Corero Network Security: “As the HNS botnet appears to be versatile in its objectives, defences will vary. If the owner of the compromised device is the target, then attacks resulting in data exfiltration are a likely outcome, which will require tools designed to prevent advanced targeted attacks, such as those equipped with network and device behavioural detection…
Cybersecurity researchers from Imperva and Comparitech today reacted to news that Twitter has suspended more than 70 million accounts in May and June, and the pace has continued in July. Avishay Zawoznik, Security Research Team Leader at Imperva: “When such news emerges, the first question that comes to mind is “how haven’t they done it before?” The answer is simple – it’s always a balance between costs and risk management. The ever-growing sophistication of malicious actors makes bot detection and blocking harder with time. Such protection requires a high-maintenance, comprehensive approach. It seems that Twitter have finally found the fight against…
Orme highlights payment card fraud has been a huge problem for a sustained period of time and the steps currently being taken to stop it are not effective enough and with PSD2 requiring everyday transactions to become subject to two-factor authentication in an attempt to combat fraud, including contactless payments, Biometric authentication has a key role to play. As pert of our security experts comments series, David Orme commented below on the role of biometrics to support PSD2 and combat fraud. David Orme, SVP at IDEX Biometrics: “Card fraud is a serious and increasingly urgent problem. Financial Fraud Action UK (FFA UK)…
The discovery of stolen code signing certificates used in a new malware campaign in Taiwan. Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi commented below. Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi: “These attacks are not new. As ESET points out, the attacker learned from the model established by Stuxnet: if you steal trusted machine identities from global technology companies, you can execute highly effective attacks that don’t raise any alarms. This is just one more demonstration of how machine identities, in this case code signing certificates, are being abused by malicious actors. There’s no…
The popular mobile app Timehop, which surfaces users’ social media posts from the same date in previous years, has been breached, exposing the credentials, phone numbers and personal SoMe histories of 21 million users. IT security experts commented below. Jeannie Warner, Security Manager at WhiteHat Security: “Believe it or not, I love social media! However, as a security expert, I must recommend that you carefully consider which applications you grant permission to access your Facebook, Instagram, Twitter, etc. There is always a danger when you read “Do you want to log on with Facebook?” These apps, which use your social media account login information, don’t have the ability to…
Kaspersky Lab experts have exposed a relatively new fraudulent trend: the development of cryptocurrency is not only attracting investors, but also cyber-criminals seeking to boost their profits. During the first half of 2018, Kaspersky Lab products blocked more than a hundred thousand triggers related to cryptocurrencies on fake exchanges and other sources. With each attempt, criminals have been trying to involve more and more unsuspecting users in fraudulent schemes. The cryptocurrency phenomenon and the growth of a keen audience of cryptocurrency owners was never going to go unnoticed by cyber-criminals. To achieve their nefarious goals they typically use classical phishing…
Timehop, a mobile app that surfaces old social media posts from the same day but from previous years, has announced a security breach affecting its entire userbase of over 21 million users. Not all users were affected to the same extent. The company said a hacker gained access to its infrastructure and stole details on its users that included usernames, emails, telephone numbers, and access keys. IT security experts commented below. Ben Herzberg, Director of Threat Research at Imperva: “It’s ironic that a service which brings back memories from the past was also breached by an attack vector which is one…
It has been reported that a powerful form of malware which can be used to distribute threats including Trojans, ransomware and malicious cryptocurrency mining software has been updated with a new technique which has rarely been seen in the wild. Distributed in spam email phishing campaigns, Smoke Loader has been sporadically active since 2011 but has continually evolved. The malware has been particularly busy throughout 2018, with campaigns including the distribution of Smoke Loader via fake patches for the Meltdown and Spectre vulnerabilities which emerged earlier this year. Ross Rustici, Senior Director of Intelligence Services at Cybereason: “This is the case of an old dog learning new tricks. Malware…
Google and Firefox have pulled the Stylish App from their add-on stores after reports that the app was recording consumers’ browser histories and then selling sending that info to remote servers. Chris Olson, CEO at The Media Trust: “Google and Mozilla’s decision to remove the Stylish browser extension from their respective add-on stores will no doubt have far-reaching impact. It sends out a clear message that they want to be good digital citizens and to set better standards for how companies deal with consumers’ personal data. Companies should take heed of growing consumer wariness with breaches and data leakage and…