GovInfoSecurity
DougOlenick) • February 18, 2021 Get Permission
Hackers are targeting vulnerabilities in websites offering instant quotes - especially those that provide auto insurance rates - in an ongoing campaign designed to steal consumers information, according to an alert from the New York State Department of Financial Services .
The alert says hackers are targeting the sites to steal driver s license numbers and other personally identifiable information. The sites affected were not named.
The department first heard about the issue earlier this year and informed 12 auto insurance instant quote sites in January that they were likely targeted. Following that alert, six more insurers reported to DFS the malicious targeting of their auto quote websites, the state agency says. Two of those insurers reported that the attackers failed to gain access to NPI [nonpublic information] and four
Get Permission
The developers of LodaRAT malware, which has previously only targeted Windows devices, have developed a new variant, Loda4Android, that targets Android devices, according to Cisco Talos.
LodaRAT, previously known as Gaza007, is operated by a group called Kasablanca, which uses the malware for cyberespionage and information stealing, say researchers Warren Mercer, Chris Neal and Vitor Ventura, who analyzed the malware for Cisco Talos. The operators of this Loda campaign appear to have a specific interest in Bangladesh-based organizations, namely banks and carrier-grade voice-over-IP software vendors, which we observed on several lures attempting to distribute the malware droppers, the researchers say. The default victim ID on the Windows version is munafa, which is the Urdu and Bengalese word for profit.