minute read
Share this article:
Goontact lures users of illicit sites through Telegram and other secure messaging apps and steals their information for future fraudulent use.
New spyware is targeting iOS and Android frequenters of adult mobile sites by posing as a secure messaging application in yet another twist on sextortionist scams.
The spyware, dubbed Goontact, targets users of escort-service sites and other sex-oriented services – particularly in Chinese-speaking countries, Korea and Japan, according to research published by Lookout Threat Intelligence on Wednesday.
The ploy and malware can ultimately be used to exfiltrate data from targets. Data siphoned from devices include phone number, contact list, SMS messages, photos and location information. The nature of the data sweep and the context of the attacks “suggests that the ultimate goal is extortion or blackmail,” researchers Robert Nickle, Apurva Kumar and Justin Albrecht observed in a report publis
The worm returned in recent attacks against web applications, IP cameras and routers.
The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers, this time with an expanded set of exploits for initially compromising devices.
First discovered in a round of late-October attacks that targeted Linux-based servers and internet-of-things (IoT) devices, the botnet utilizes GitHub and Pastebin for housing malicious component code, has at least 12 different attack modules and includes a cryptominer that targets the Monero cryptocurrency.
Click to register.
Now, researchers have uncovered a new slew of attacks by the malware, starting on Nov. 10, which used a different GitHub repository to target web applications, IP cameras, routers and more. The campaign was shut down on Oct. 27 after the GitHub repository hosting the worm’s payloads was removed.
A poorly configured file opens users up to site takeover.
Easy WP SMTP, a WordPress plugin for email management that has more than 500,000 installations, has a vulnerability that could open the site up to takeover, researchers said.
Easy WP SMTP allows users to configure and send all outgoing emails via a SMTP server, so that they don’t end up in the recipient’s junk/spam folder. Version 1.4.2 and below contains a flaw in the debug file that is exposed because of a fundamental error in how the plugin maintains a folder, according to researchers at GBHackers.
“[The vulnerability] would allow an unauthenticated user to reset the admin password which would enable the hacker to take complete control of the website,” according to a Monday posting.
Mozilla Foundation releases Firefox 84 browser, fixing several flaws and delivering performance gains and Apple processor support.
A Mozilla Foundation update to the Firefox web browser, released Tuesday, tackles one critical vulnerability and a handful of high-severity bugs. The update, released as Firefox version 84, is also billed by Mozilla as boosting the browser’s performance and adding native support for macOS hardware running on its own Apple processors.
In total, six high-severity flaws were fixed, in addition to the critical bug, tracked as CVE-2020-16042. The specific critical bug in Firefox was also highlighted earlier this month in Google’s Chrome browser security update, where it was rated as a high-severity flaw.
minute read
Share this article:
Subway loyalty program members in U.K. and Ireland have been sent scam emails to trick them into downloading malware.
Count the Subway sandwich faithful among the latest victims of cybercriminals. Researchers at Sophos discovered a phishing campaign aimed at Subway loyalty-card members in the U.K. and Ireland, in an attempt to trick them into downloading malware.
The campaign wasn’t particularly impressive, according to Sophos researchers.
Click to register.
“As phishes go, this one isn’t terribly sophisticated or believable, and the scam itself requires several clicks, each one more suspicious than the last,” the report said.