- ISPs May Be Helping Hackers to infect you with FinFisher Spyware
Today using an application in mobile phones is emerging, but there is question are you sure the version of WhatsApp, or Skype, or VLC Player installed on your device is legitimate? According to the latest report, security researchers have discovered that legitimate downloads of several popular applications including WhatsApp, Skype, VLC Player and WinRAR have reportedly been compromised at the ISP level to distribute the infamous FinFisher spyware also known as FinSpy. FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels. When the target users search for applications on legitimate websites and click on its download link, their browser is served a modified URL, which redirects victims to a trojanized installation package hosted on the attacker’s server. Once your device is infected with this spyware it starts working, it is able to secretly conducting live surveillance by turning ON its webcams and microphones, recording everything the victim types with a keylogger, intercepting Skype calls, and exfiltration of files. FinFisher usually uses various attack vectors, including spear phishing, manual installation with physical access to the device, zero-day exploits, and watering hole attacks.
Cyber Security Tips: You are strongly recommended that always use reputed and updated antivirus, never click on any ads, avoid downloading software’s from untrusted zones, keep your smartphones as well as computers up-to-date and beware of phishing attacks.
- CCleaner Malware Infects Big Tech Companies With Second Backdoor
CCleaner is a popular application with over 2 billion downloads, created by Piriform and recently acquired by Avast that allows users to clean up their system to optimize and enhance performance. Recently it has been compromised by hackers to spread malware. Millions of users are on rink said, researcher. But according to the latest report due to this malware not only users were compromised but also reputed companies. The group of unknown hackers who hijacked CCleaner’s download server to distribute a malicious version of the popular system optimization software targeted at least 20 major international technology companies with a second-stage payload. According to a predefined list mentioned in the configuration of the C2 server, the attack was designed to find computers inside the networks of the major technology firms and deliver the secondary payload. In the database, researchers found a list of nearly 700,000 backdoored machines infected with the malicious version of CCleaner, i.e. the first-stage payload, and a list of at least 20 machines that were infected with the secondary payload to get a deeper foothold on those systems.
Cyber Security Tips: Users are strongly recommended to update their CCleaner software to version 5.34 or higher and affected users are strongly recommended that to fully restore their systems from backup versions before the installation of the tainted security program.