Eriakos Scam in Facebook Ads Targets Personal and Banking Data

Another online scam involving Facebook adverts

Fraudsters are using fake websites and Facebook Ads to steal users’ financial data. Researchers named the campaign Eriakos after the CDN that fraudsters used in all campaigns. Facebook Ads Steal Credit Card Information On April 17, 2024, specialists from Recorded Future discovered a fraudulent campaign with Chinese origins that had targeted Facebook users. They named… Continue reading Eriakos Scam in Facebook Ads Targets Personal and Banking Data

BangBros Leak Exposes 12 Million User Records

Unusual data leak from BangBros exposes 12M users

BangBros, a studio and platform specializing in adult content, leaked information about the users registered on their website. The database was discovered by researchers, and according to their report, it contains 12 million records of sensitive information. Further checks show that there is barely a possibility of this DB not belonging to the company. BangBros… Continue reading BangBros Leak Exposes 12 Million User Records

Fake Google Authenticator Abuses Google Ads, Spreads Malware

Hackers abuse Google Search Ads to deploy backdoors, pretending to be Google

Cybercriminals promote a fake Google Authenticator page through ads in Google Search. According to the report, they use a tricky scheme to hide the fraudulent domain and make the ad contain a genuine URL. The resulting page, which looks exactly like the original Google Authenticator one, downloads a malicious file. Fake Google Authenticator Downloading Page… Continue reading Fake Google Authenticator Abuses Google Ads, Spreads Malware

Gh0st RAT Malware Attacks Chinese Users Via Fake Chrome Page

Chinese malware targets Chinese users - a rather unusual thing to see

Attackers are using a new loader, Gh0stGambit, to spread Gh0st RAT malware to Chinese users. A Google Chrome phishing download site is being used for that purpose, copying the design of the genuine page. That is, in fact, the part of the campaign that attracted the attention of cybersecurity experts. Gh0st RAT Trojan Targets Chinese… Continue reading Gh0st RAT Malware Attacks Chinese Users Via Fake Chrome Page

2024 Olympic Cyberattack Risks: What Should We Expect

The biggest event of 2024. What can go wrong?

The Olympic Games is a massive sporting event that attracts billions of people worldwide. But where there are thousands of people – fans and supporters; there are also cybercriminals. Such events have always caused a spike in the number of cyberattacks of different kinds. In this post, we will discuss exactly this – risks of… Continue reading 2024 Olympic Cyberattack Risks: What Should We Expect

India Post SMS Phishing Targets Mobile Users in India

Cybercriminals send thousands of spam messages that mimic legit parcel delivery notifications

Massive complaints come from Indian users regarding a new wave of SMS phishing scams, particularly targeting iPhones. They mimic delivery notification messages from India Post, one of the major postal services in the country. Fraudsters try stealing user credentials associated with that service, which may be the fuel of further scams. Fraudsters Impersonate India Post… Continue reading India Post SMS Phishing Targets Mobile Users in India

Docker Engine Authentication Bypass Vulnerability Exploited

The old-new critical vulnerability was found in the Docker Engine

Attackers are actively exploiting a critical vulnerability in the Docker Engine that may allow for authentication bypass in a chain attack. This vulnerability allows attackers to bypass AuthZ authorization plugins, effectively mutilating any auth control. For this and several other reasons, the flaw got the max severity score possible (10.0). Critical Docker Engine Flaw Allows… Continue reading Docker Engine Authentication Bypass Vulnerability Exploited

Hamster Kombat Players Targeted in a New Malware Spreading Scheme

Another scam campaign based on Hamster Kombat

Players of Hamster Kombat have become prime targets for scammers promoting phishing schemes aimed at those looking for easy earnings. Malicious actors steal confidential data and infect inattentive players with malware. Due to the technical aspects of Hamster Kombat, these fraudulent schemes are highly successful. Hamster Kombat Tap-Game Players Targeted in Malware Spreading ESET researchers… Continue reading Hamster Kombat Players Targeted in a New Malware Spreading Scheme

New Telegram Scam Mimics Digital Wallets, Promotes Shady Apps

Scammers are increasingly using Telegram in their schemes, this time - to gather user information

A new Telegram scam has emerged, leveraging bots functionality of the application and offering fake earning schemes. Scammers impersonate official bots of popular digital wallet brands, tricking users into investing their money into non-existent ventures. Further, they simply cut any communications, leaving users with no money and no promised returns. Telegram Bots Mimic Digital Wallet… Continue reading New Telegram Scam Mimics Digital Wallets, Promotes Shady Apps

Jellyfish Loader Malware Discovered, Threatens 2024 Olympics

Analyzing the new threat Jellyfish Loader, that shares parts of its code with malware samples used in cyberattacks during 2018 Olympic Games

A new threat has been discovered in the form of a Windows shortcut that is actually a .NET-based shellcode downloader called Jellyfish Loader. It has some strange features that may signify that it is still at the development stage. Nonetheless, this malware is capable of deploying other malicious software in a selection of ways. Jellyfish… Continue reading Jellyfish Loader Malware Discovered, Threatens 2024 Olympics