- Source Code of Another Banking Malware Leaked
Newly discovered banking Trojan is leaked online, it is designed to steal money from bank accounts of Android devices’ owners by gaining administrator privileges on their smartphones. Dubbed BankBot, the Trojan has the ability to get administrator privileges on infected devices. Once it gets full privileges, the malware Trojan removes the app’s icon from the phone’s home screen in order to trick victims into believing it was removed. BankBot has the ability to perform a broad range of tasks, including send and intercept SMS messages, make calls, track devices, steal contacts, show phishing dialogs, and steal sensitive information, like banking and credit card details.
Cyber Security Tips: Never open attachments from unknown or suspicious sources. Never click on links in SMS or MMS sent to your mobile phone even if it looks legit, go directly to the website of origin and verify any possible updates.
- Over 199,500 Websites still Vulnerable to Heartbleed OpenSSL Bug
OpenSSL Heartbleed was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at the time of its discovery in April 2014. However, the critical bug still affects more than 199,500 systems even after 2 years and 9 months have already passed, according to a new report published today on Shodan. Heartbleed (CVE-2014-0160) is a serious bug in the OpenSSL’s implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server’s memory, potentially revealing users data that the server isn’t intended to reveal.
Cyber Security Tips: Update your software to the latest versions of OpenSSL.
- BBC, NYT Twitter accounts hacked
Twitter accounts of BBC and NYT were hacked and posted fake news about Trump and Putin. A tweet posted on New York Times read “BREAKING: leaked statement from Vladimir Putin says: Russia will attack the United States with Missiles.” Same day BBC’s Northampton Twitter account posted a tweet that read “Breaking News: President Trump is injured in the arm by gunfire #Inauguration.” OurMine admitted to having hacked the Twitter account of NYT but claimed that the group only co-operated the hack while another hacker posted the post about Putin. Previously, whenever OurMine hacked an account, they immediately took responsibility, but this time there are hints of the possible involvement of a third party.
Cyber Security Tips: Always keep your passwords strong which should include numbers, alphabets and special characters. Keep changing your passwords time to time.
- Western Union Agrees Facilitating Wire Fraud and Pays $586 Million
The Western Union, A global financial services company has admitted to facilitating a wire fraud and it has agreed to pay $586 million as part of a settlement with U.S. Federal Trade Commission (FTC) and Department of Justice. According to the authorities, Western Union has violated many laws; those include the Bank Secrecy Act (BSA) and the FTC Act. The FTC said that more than 550,000 complaints are received by the Western Union in between January 2004 and August 2015, regarding these fraudulent transfers involving online dating, lottery, advance-fee, and family emergency scams. All these transfers sums-up to more than $632 million. As a part of its settlement with FTC and the Justice Department, Western Union agreed to pay $586 million, a sum that will be used to compensate the innocent fraud victims