Home ยป Kaspersky
Tag:

Kaspersky

Technology

Kaspersky Uncovers Fraud Scheme Exploiting Fake Digital Marriage Invitation Letters

by Chief editor of world-today-news.com
written by Chief editor of world-today-news.com

beware of Fake Wedding Invitations: Tria Stealer Malwareโข Targets Android Users in Malaysiaโ€Œ adn Brunei

In a chilling new cybercrime campaign, Android users in Malaysia and Brunei are being targeted by a โฃelegant malware operation disguisedโ€ as โคweddingโข invitations.Dubbed Tria Stealer, this malicious softwareโ€Œ is distributed through fake wedding invitation letters, luring victimsโฃ into downloading a perilous APK โคfile. The โขcampaign, detected by Kasperskyโ€™sโ€‹ Global Research and Analysis Team โฃ(GReAT), has already raised alarmsโ€‹ forโ€ its ability to hijack personal data, including SMS messages, call logs, and even WhatsApp and Telegram accounts.

How the Scam โ€ŒWorks

The Tria Stealer campaign relies heavily on social engineeringโ€ tactics.โ€Œ Victims receive messages โ€Œvia Telegram or โฃ WhatsApp, often from someone they โ€know,โฃ inviting โคthem to a wedding. Theโค message includesโฃ a link to download an APK file to view theโค invitation card.Once installed, โคthe malware requests extensive โคpermissions, such as access to SMS messages, โขnetwork activities, and โ€‹device logs.

โ€œOur โ€‹investigation shows that this thief is likely to โ€Œbe operated โขby โ€Œthe perpetrators of Indonesian languageโฃ threats,because weโ€ found โ€Œartifacts written in โขIndonesian,namely some unique series embedded inโ€ malwareโข and theโฃ pattern of naming the โคTelegram botsโฃ used โ€Œby attackers,โ€ said Fareed Radzi,a security researcher at Kaspersky GReAT.

The malware mimics a legitimate settings app, complete with a โฃ gearโฃ icon, toโข deceiveโ€‹ users into thinking itโ€™s โ€Œharmless. Once granted access, โคit canโ€‹ monitor and steal sensitive โ€‹data, including one-time passwords (OTPs) used for online banking and โ€‹other services.

Theโค Devastating Impact

Theโ€ consequences of falling victim to Tria Stealer are severe. Attackers can hijack WhatsApp and Telegram accounts โฃto sendโค fraudulent messages to contacts,โค often requesting money. Additionally, the malware can intercept SMS messages, giving cybercriminals access to โขOTPs and other โขcritical information. โ€

โ€œThis stealer malware can cause serious financial losses and privacy violations,and it is very important for individual andโค corporateโ€ users to always be vigilant and avoid following the requests they receive โ€‹online,even though the request comes from someone they know,โ€โฃ radzi warned.

Who Isโข at Risk?

The campaign primarily targets Android usersโ€Œ in Malaysia and Brunei,thoughโข itsโ€ reach could expand. The malware is distributed through personal and groupโ€Œ chats on โค Telegram โ€Œand WhatsApp, making it especially insidious โ€as it โฃleverages trusted communication channels.

Howโค to Protect Yourself

To avoid falling victim โขto โ€ Triaโ€ Stealer, users are advised to:

  • Avoid downloadingโ€ APK files โขfrom untrusted sources.
  • Be cautious of unexpected โ€Œmessages, even from known contacts.
  • Regularly update their โ€Œdevices and security software.
  • Review app permissions carefully โคbefore grantingโค access.

Key โคDetails โ€‹at a Glance

| Aspect โ€Œ โ€Œ โข โข โ€Œ | Details โ€ โค โ€ โ€‹ |
|————————–|—————————————————————————–|
| Malware Name โ€‹ | Tria Stealer โ€ โข โฃ โขโข โค โค โ€โ€ โฃ โ€ โค โข โ€Œ โ€Œ โค โ€Œ โค โ€ |
| Distribution Method | Fake wedding โ€‹invitations via telegram and โคWhatsApp โ€Œ โค โ€‹ โค โข |
| Targeted Regions โ€ โฃ| Malaysia, Brunei โฃ โ€‹ โ€Œ โข โ€Œ โค โ€ โ€‹ |
| Primary Risks โฃ | SMS interception, accountโข hijacking, financial fraud โฃ โ€‹ โฃ โ€‹ โข |
| Prevention Tips | Avoid untrusted โ€APKs, update devices, โ€review app permissions โ€‹ โ€Œ โข โ€Œโข |

Stay Vigilant

Theโ€‹ Tria Stealer campaign is a stark reminderโ€Œ of the evolving tactics used โขby cybercriminals. By staying informed and cautious, users can protect โ€‹themselves from falling prey to such schemes. Always verify theโ€Œ authenticity of messages and downloads,โ€‹ andโ€‹ remember: if something seemsโค too goodโ€”or too urgentโ€”to be true, it probably is.

For more โขinsights into cybersecurity threats, visit Kasperskyโ€™s analysis of theโ€ Tria Stealer campaign.

0 comments
0 FacebookTwitterPinterestEmail
New macOS Malware Targets Crypto Asset Wallets, Posing Threat to Users’ Digital Currency Security
Technology

New macOS Malware Targets Crypto Asset Wallets, Posing Threat to Users’ Digital Currency Security

by Chief editor of world-today-news.com
written by Chief editor of world-today-news.com

Wednesday, January 24 2024 – 23:04 WIB

Jakarta โ€“ Kaspersky researchers have discovered an unconventional type of macOS malware. This previously unknown suite of malicious software, distributed covertly via pirated apps, targets macOS users’ crypto assets, which are stored in digital wallets.

Unlike the proxy trojans previously discovered by Kaspersky, this new threat focuses on compromising the trojan.

New macOS Backdoor Targets Crypto Asset Wallets

This crypto Trojan is unique in two ways: first, it uses DNS records to deliver its malicious Python scripts. Second, he not only stole the crypto wallet but also replaced the wallet app with an infected version of it.

This makes it possible to steal secret phrases used in accessing crypto assets stored in wallets.

The malware targets macOS version 13.6 and later, indicating a focus on users of newer operating systems, both on Intel and Apple Silicon devices.

Picture disk the compromised ones contained the โ€œactivatorsโ€ and the sought-after applications. The activator, which at first glance appears harmless, activates the compromised application after entering the user’s password.

The attacker uses a pre-compromised version of the application, manipulating the executable file so that it does not work until the user runs the activator. This tactic ensures users activate compromised apps unknowingly.

After the patching process, the malware executes its main payload by obtaining the DNS TXT record for the malicious domain and decrypting the Python script of the domain. The script runs endlessly trying to download the next stage of the infection chain which is also a Python script.

The purpose of the next payload is to execute arbitrary commands received from the server. Although no orders were received during the investigation and backdoor updated regularly, it is evident that the malware campaign is still in development.

New macOS Backdoor Targets Crypto Asset Wallets

The code indicates that the command is most likely a coded Python script.

Apart from the mentioned functions, the script contains two important features involving the apple-analyzer domain[.]com.

These two functions aim to check the existence of a crypto asset wallet application and replace it with a version downloaded from the specified domain. This tactic appears to target Bitcoin and Exodus wallets, turning these applications into malicious entities.

2024-01-24 16:04:02
#Pirates #Target #Crypto #Asset #Wallets

0 comments
0 FacebookTwitterPinterestEmail
Rising Threat: Kaspersky Reports a Surge in Malware Attacks on SMBs in 2023
Technology

Rising Threat: Kaspersky Reports a Surge in Malware Attacks on SMBs in 2023

by Chief editor of world-today-news.com
written by Chief editor of world-today-news.com

The troublesome malware isn’t slowing down!! Kaspersky reveals that in the first half of 2023, it ‘blocked 2,375 malware’ or unwanted software items targeting small and medium-sized businesses or SMBs, 257.68% higher than the same period last year. โ€œSmishingโ€ (smishing) Smartphone hacker!!

Kaspersky Announcement of statistical reportThreat Latest SMB data for Thailand January – June 2023 A new report shows that in the first half of 2023, 251 SMB employees experienced malware or unwanted software masquerading as an application. business platform There were 270 unique files spread this way. And the total number of detected files is 2,375 files.

โ€œMalwareโ€ is a general word that means โ€œMalicious softwareโ€ It was designed by cybercriminals and used bycyber criminalsprofessionals to harm the user’s equipment or network. CoverageCyber โ€‹โ€‹threatsA variety

Destructive malware

such as Trojanandvirus ransomwareWell, it is.MalwareIn one form, malware attacks harm small businesses. This is because malware can destroy devices that require expensive repairs or replacements. Malware also allows attackers to access and steal data. This puts both customers and employees at risk.

Malware attacks on SMB businesses increase

Compared to the same period last year, Thailand’s 2023 numbers have increased significantly. In the same period of 2022, Kaspersky found only 68 SMB employees affected by malware and found 81 malicious files.

The total number of detections in the first half of 2023 was 257.68% higher than the first half of 2022, when Casper recorded only 664 files.

According to this report, Unique Users represents the number of SMB employees using Kaspersky products at the time of the attack. Unique hits (Unique hits) shows the number of hits.cyber criminalsAttempting to attack users Unique Files are unique malware detected and blocked by Kaspersky.

The statistics used in this report were collected from January โ€“ June 2023 by Kaspersky Security Network (KSN), a system for processing information related to cyber threats shared voluntarily and anonymously by users.

Related content

To assess the threat landscape for SMBs, Kaspersky experts have compiled a list of the most popular software products used by customers who own small or medium-sized businesses around the world: MS Office, MS Teams, Skype and other software used by SMBs. Kaspersky then runs these software names against Kaspersky Security Network (KSN) to see if malware and unwanted software are distributed under these rogue applications. How much is this?

According to the Office of Small and Medium Enterprises Promotion (OSMEP), Thailand, there are 3.178 million small and medium-sized businesses or SMBs, accounting for 99.57% of the total number of enterprises in the country. There are more than 12.6 million people employed, accounting for 71.86% of total employment. There is no doubt that SMBs are the economic backbone of a country.

SMBs are a target for cybercriminals.

Mr. Xiang Thiang Yow, General Manager, Southeast Asia, Kaspersky said: โ€œThe perception among many is that large organizations are more attractive to cybercriminals. But in reality Cybercriminals can target anyone.

Especially those with little cyber protection, SMBs often have limited resources and may not have the same level of sophisticated security measures in place. This makes these businesses easy targets for cybercriminals.โ€

Cybercriminals attempt to deliver malware and unwanted software to employees’ devices using a variety of methods, including exploits, phishing emails, and fake messages. Even things that aren’t business-related, like YouTube links, can be used to target SMBs because employees often use the same devices for work and personal use.

Get to know “smishing” (smishing) hacking smartphones

โ€œSmishingโ€ is one of the most common methods used to hack into employees’ smartphones. It’s a combination of SMS and phishing. The victim receives a link via SMS, WhatsApp, Facebook Messenger, WeChat, or another messaging app if the user clicks on the link. Malicious code is uploaded to the system.

Scammers often reach employees via email. It uses social engineering techniques to try and trick employees into following phishing links. Revealing confidential company information or transferring money

โ€œThe impact of cyberattacks on SMBs can be damaging. Resulting in financial loss. reputational damage And in some cases, it may even mean closing the business. Therefore, it is important to prioritize cybersecurity for SMBs to protect their digital assets. Maintain customer trust It guarantees the continuous development and success of businesses that create high growth for the country,โ€ Mr. Yow added.

0 comments
0 FacebookTwitterPinterestEmail
Protecting Your Smartphone from Serious Security Threats: Why Comprehensive Security Protection is Vital
Technology

Protecting Your Smartphone from Serious Security Threats: Why Comprehensive Security Protection is Vital

by Chief editor of world-today-news.com
written by Chief editor of world-today-news.com

TANTRUM – Behind the comfort and convenience offered by smartphonehidden serious threats that can threaten a user’s personal, financial and business data.

Cyber โ€‹โ€‹security company Kasperskyreveals three important reasons why smartphones need serious security protection.

First, smartphones are no longer just storing contact numbers and text messages, but have turned into digital wallets that store today’s money.

Southeast Asia has been the stage for an explosion in mobile wallet adoption following the pandemic, with more than 86 direct mobile money services emerging in the region last year. The use of e-wallets is also growing rapidly.

Also Read: Antam’s Gold Price Has Dropped Again to IDR 2,000

However, with this growth comes serious security risks. Kaspersky noted that 1,083 mobile banking Trojans were blocked in the Southeast Asia region in 2022, while 207,506 mobile malware incidents occurred.

Second, mobile devices have also become a potential threat to the business environment. Beyond their function as a communication tool, smartphones are often used to access email and company assets.

The phenomenon of BYOD (Bring Your Own Device) which allows the use of personal devices in a work environment, although it provides flexibility, also carries potential security risks.

Kaspersky has documented serious cases, including Advanced Persistent Threats (APTs), that entered corporate systems via infected mobile devices.

Third, the user’s digital identity is increasingly threatened in the social media era. Many users are not aware of the dangers of theft and identity fraud that may occur through the platform.

Also Read: PT Semen Indonesia Tbk Presents SobatBangun Interior Services

Fraud is common on social media, which is more accessible via mobile devices. Kaspersky points out that one in four internet users in Asia Pacific has been a victim of identity fraud.

Another study also revealed that around 38 percent of social media users claimed to know someone who had been the victim of a data breach while using social media.

This threat has become even more apparent with phishing reports reaching more than 360,000 blocked attempts in 2022, most of them coming from popular platforms such as WhatsApp, Telegram and Viber.

In the face of the complexity and development of cyberthreats, Kaspersky emphasizes the need for comprehensive security protection for mobile devices.

2023-08-14 02:06:00
#Reasons #Smartphones #Security #Protection

0 comments
0 FacebookTwitterPinterestEmail
Business

LockBit Ransomware Group Attacks PT Bank Syariah Indonesia (Persero) Tbk: Latest Business News in Jakarta

by Chief editor of world-today-news.com
written by Chief editor of world-today-news.com

TEMPO.CO, Jakarta – The latest economic and business news until Tuesday afternoon, May 16 2023, is still dominated by information about cyber attacks on PT Bank Syariah Indonesia (Persero) Tbk. or BSI.

Starting from BSI who became a victim of a ransomware attack by a group of cybercriminals (hackers or hackers) called LockBit. What is the group profile of the LockBit ransomware? Quoted from the official website of cyber security company Kaspersky, it is stated that LockBit ransomware is malicious software designed to block user access to computer systems in exchange for ransom payments.

Followed by hacker groups (hacker), LockBit, which admits to attacking the IT system of PT Bank Syariah Indonesia (Persero) Tbk or BSI, is now spreading encrypted customer data on dark web. LockBit admitted to having stolen 15 million customer data, employee information, and around 1.5 terabytes of internal data from the bank.

Next, BSI ensures that customer data and funds are in a safe condition, so that customers can transact normally. This was conveyed by Corporate Secretary BSI Gunawan A. Hartoyo responded to the growing issue regarding data leaks caused by cyber attacks from irresponsible parties.

Furthermore, the hacker group (hacker), LockBit, who claimed to have attacked BSI’s Information Technology or IT systems, allegedly provided a number of recommendations to all BSI customers.

Finally, the latest mode of fraud via WhatsApp is now targeting online sellers selling on e-commerce. Fraudsters force asking for the WhatsApp number of the seller on the pretext that they want to buy a lot and send list order form file PDF.

Those five stories are the most accessed by readers of the Tempo.co Economy and Business channel. The following is a summary of the five trending news:

Next: 1. Get to know LockBit, the Ransomware Group that….

2023-05-16 11:00:00
#Latest #LockBit #Attacking #BSI #Fraud #Mode #Targeting #Online #Sellers

0 comments
0 FacebookTwitterPinterestEmail
Business

The rise in digital security incidents against government agencies in the world..and these are the challenges

by Chief editor of world-today-news.com
written by Chief editor of world-today-news.com

Kaspersky experts presented their predictions about the challenges ahead Security operations centersExperts pointed to an increase in the number of digital security incidents that targeted the government and media sectors in the world in 2022, noting that this trend will continue in the current year.

Experts suggested that security operations centers in these and other sectors are facing more Repeated targeted attackssupply chain attacks via telecom service providers.

Another threat awaiting security operations centers is more public application hacking incidents.

Organizations threatened by ransomware attacks may also face the potential for their data to be destroyed.

The organizations’ view of their security operations centers indicates nothing more than a shortage of personnel and an increase in the demand for competencies.

Security operations centers are very important, given that the role of digital security in large companies increases significantly every year. Well-organized teams working in these centers can secure their organizations against malware and rapidly evolving attack methods.

This year’s Kaspersky Security Bulletin includes predictions for SOCs.

Frequent targeted attacks from government-sponsored actors

Experts noted that the average number of incidents in the media sector doubled in 2022, rising to 561 attacks, after reaching 263 in 2021.

The past year has seen a number of high-profile cases, including the interruption of Iranian state television broadcasts by hackers during the protests that rocked the country.

Media outlets have also been subjected to DDoS attacks, including media organizations in the Czech Republic.

The media has become a major target for cybercriminals, among targets that included 13 sectors that were subject to expert analysis, including the food, development and financial sectors, in addition to the government sector, which witnessed an increase in the average number of incidents by 36% in 2022.

Growth is expected to continue in 2023, with targeted attacks by government-sponsored actors more likely to be noticed. While this trend will prevail over government agencies, the media will be increasingly targeted during international conflicts that are traditionally associated with information warfare, due to the vital role the media plays in conflicts.

Large corporations and government entities have long been targets of cybercriminals and government-sponsored vandals, according to Sergey Soldatov, Head of the Security Operations Center at Kaspersky, who notes that political unrest “increased attackers’ motivations and reinvigorated hacking, which digital security professionals did not confront.” According to clear regulatory policies until 2022. He said: “The new wave of attacks has political motives and therefore targets the government and media sectors in particular, and it is necessary to protect institutions to implement comprehensive threat detection and treatment through managed services for detection and response to threats.”

Supply chain attacks via telecom service providers

In 2023, cybercriminals may target supply chains by stepping up their attacks on telecom companies, so the growing threat looms large. In 2021, the telecommunications sector witnessed, for the first time, a prevalence of high-risk incidents throughout the year.

Although the average rate of such incidents in 2022 was lower, reaching about 12% per 10,000 monitored systems, compared to 79% in 2021, these entities remain attractive targets for cybercriminals.

Ransomware Destroyers: Incidents of Public Application Hacking

Throughout 2022, Kaspersky experts noticed a new ransomware trend that is expected to continue in 2023, in which malicious actors not only encrypt corporate data, but also destroy it. It is a trend consistent with politically motivated attacks.

Another threat awaiting security operations centers is more incidents of hacking public applications used by the public, as penetration from the perimeter requires less preparation than phishing when old vulnerabilities are still exposed.

What will the security operations centers face internally?

The value that each team member (even the unskilled) holds in SOCs is increasing. Developing team skills is the proven way to counter the growing amount of threats, which makes trainings around hardware checks and other forms of exercise such as TTX, purple teams, and simulated attack advisory, highly important.

This, and the growing threat landscape leads to increased budgets allocated to security operations centers, and a higher demand for more competencies.

Increasing numbers of incidents and threats translate into a need to predict attacks and methods, which increases the value of threat intelligence and tracking.

The researchers recommend the following measures to protect against threats:

Always keep the software updated on all devices to prevent attackers from infiltrating the network through vulnerabilities, with the need to install patches for new vulnerabilities if available, as once updates are downloaded, malicious actors will not be able to exploit them.

Use the latest threat intelligence to stay on top of the actions, tactics and methods used by malicious actors, as well as choose a reliable endpoint security solution.

0 comments
0 FacebookTwitterPinterestEmail
Newer Posts
Older Posts
@2025 - All Right Reserved.

Hosted by Byohosting Most Recommended Web Hosting – for complains, abuse, advertising contact: contact@world-today-news.com