- New Trojan Turns Thousands Of Linux Devices Into Proxy Servers
A new Trojan has been discovered in the wild that turns Linux-based devices into proxy servers, which attackers use to protect their identity while launching cyber attacks from the hijacked systems. Dubbed Linux.Proxy.10, the Trojan was first spotted at the end of last year. According to researchers, the malware itself doesn’t include any exploitation module to hack into Linux machines; instead, the attackers are using other Trojans and techniques to compromise devices at the first place and then create a new backdoor login account using the username as “mother” and password as “fucker.” Once backdoored and the attacker gets the list of all successfully compromised Linux machines, and then logs into them via SSH protocol and installs the SOCKS5 proxy server using Linux.Proxy.10 malware on it.
Cyber Security Tips: Linux users and administrators are recommended to tighten SSH security by limiting or disabling remote root access via SSH. Keep a regular watch on newly generated login users.
- Hacker Selling 1 Billion user accounts stolen from Chinese Internet Giants
In a recent listing, a well known dark web vendor going by the handle “DoubleFlag” is selling data stolen from several Chinese Internet giants.According to the listing, the data belongs to companies such as NetEase Inc and its subsidiaries 126.com, 163.com and Yeah.net. Tencent Holdings Limited owned QQ.com etc. In the last couple of months, the databases uploaded by DoubleFlag for sale included Brazzers, Epic Games, ClixSense, uTorrent Forum, Mail.ru, Yandex.ru, BitcoinTalk.org, Dropbox and even 203,419,083 accounts from Experian plc, a major credit reference agency with operations in 40 countries.
- Shamoon malware revisiting Saudi Arabia; cyberinfrastructure on high alert
The dreaded Shamoon malware is back to haunt Saudi Arabia; This time Shamoon’s new variant Shamoon 2 has been identified to be circulating and affecting Saudi organizations, according to CrowdStrike, an American cybersecurity technology company. It is worth noting that Shamoon is a malware that wipes data from disks quite efficiently and gains total control of the computer’s boot record due to which the PC cannot be switched on.Currently, it would be too early to pinpoint possible perpetrators of the attack, but the possibility cannot be ruled out that nation-state attackers are involved.
Cyber Security Tips: Get the latest software updates. Enable firewall and use strong passwords.
- Hacker Selling 126 Million Cell Phone Details of S. Cellular Customers
A few hours ago it was reported that Dark Web vendor DoubleFlag was selling more than 1 Billion accounts stolen from Chinese Internet giants. Now, the same vendor is selling something that is not just unique but also highly sensitive and something the Intelligence agencies around the world would consider an excellent opportunity to get their hands on. The vendor is selling a database containing personal and cell phone number details of 126,761,168 citizens of the United States taken from United States Cellular Corporation (U.S. Cellular), a regional carrier which owns and operates the fifth-largest wireless telecommunications network in the United States, serving 4.9 million customers in 426 markets in 23 U.S. states. The database according to him contains details such as first name, last name, address, city, and state and phone numbers of 126,761,168 Americans. The price set for this database is 0.5497 Bitcoin (USD 500). This means anyone with access to this database can scan and check cell phone number details of millions of American citizens.