Data Security News Headlines 19th August 2017

  1. Android Trojan Now Targets Non-Banking Apps that Require Card Payments

Previously some android Trojan targeted android banking application to steal data. But according to the latest report now, hackers are targeting non-banking application which required card payment such as Uber and other booking apps to steal user data. Security researchers at Kaspersky Lab have discovered a new variant of the Android banking Trojan called Faketoken that now has capabilities to detect and record an infected device’s calls and display overlays on top of taxi booking apps to steal banking information. The researcher said that, Dubbed Faketoken.q, the new variant of mobile banking Trojan is being distributed using bulk SMS messages as their attack vector, prompting users to download an image file that actually downloads the malware. Once downloaded, the malware installs the necessary modules and the main payload, which hides its shortcut icon and begins monitoring everything—from every calls to launched apps—that happens on the infected Android device.  When calls are made to or received from certain phone numbers on the victim’s device, the malware begins to record those conversations and sends the recordings to the attacker’s server. fraudsters require an SMS code sent by the bank to authorise a transaction, the malware steals incoming SMS message codes and forward them to the attackers command-and-control (C&C) server for a successful attack.

Cyber Security Tips: You are strongly recommended that avoid downloading apps from links, avoid clicking on spam links, avoid installing an application from third parties, make sure “Unknown sources” option is turned off and check app permission while installing.

  1. LG hit with WannaCry after failing to apply security patches

HARDWARE FIRM LG has been hit by yesterday’s bad news, the all destroying WannaCry malware that knocked the NHS with one punch and went on a worldwide tour of mayhem. According to the report published by the inquirer.ne, it happens because the company does not applied the patches released by Microsoft. LG has not officially confirmed that it’s been struck by ‘WannaCry’ yet, and we have made efforts to contact it. According to reports, the company has had to close down some of its facilities in South Korea as it handles the infection. “The problem was found to be caused by ransomware,” said a spokesperson. “There was no damage such as data encryption or asking for money, as we immediately shut down the service centre network.”

Cyber Security Tips: To prevent yourself from WanaCry ransomware users are strongly recommended to install patch release by Microsoft, keep yourself up-to-date, if you are using unsupported windows system apply the emergency patch released by Microsoft, modify your firewall configurations to block access to SMB ports over the network or the Internet, Disable SMB, Keep your Antivirus software up-to-date, Backup Regularly and be aware of phishing.

  1. WannaCry attacks publishing firm in Delhi

WannaCry ransomware that crippled 48,000 computer systems in India and hundreds of thousands of computers across 150 countries back in May. The company publishes books for students of CBSE and ICSE boards, registered a complaint at Daryaganj police station on August 9 after it found that the employees are unable to log in to their accounts in any of the 200 computers in the office, and are only able to use the “demo” account. The incident come into picture when IT staff at the firm tried to diagnose the problem, they found that they had been at the receiving end of a ransomware attack. According to a report in The Indian Express, the hackers had posted a message demanding a ransom between USD 800 to USD 1,000 in bitcoins. The cyber cell is investigating the issue said by the spokesperson.

Cyber Security Tips: To prevent yourself from WanaCry ransomware users are strongly recommended to install patch release by Microsoft, keep yourself up-to-date, if you are using unsupported windows system apply the emergency patch released by Microsoft, modify your firewall configurations to block access to SMB ports over the network or the Internet, Disable SMB, Keep your Antivirus software up-to-date, Backup Regularly and be aware of phishing.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: