42,000 Sites Generate Ad Traffic Pretending to Be Famous Brands

The Chinese group Fangxiao has built a huge network of 42,000 websites that pose as well-known brands (including Coca-Cola, McDonald’s, Knorr, Unilever, Shopee and Emirates) and generate ad traffic. These resources redirect their visitors to sites that advertise adware applications, dating sites, giveaways, or infect their systems with the Triada Trojan. You might also be… Continue reading 42,000 Sites Generate Ad Traffic Pretending to Be Famous Brands

Attackers Hacked 15,000 Websites to Poison SEO

Sucuri analysts have discovered a massive hacking campaign in which the attackers hacked about 15,000 sites, mostly running WordPress. Let me remind you that we also wrote that 0-day Vulnerability in WordPress BackupBuddy Plugin Attacked Over 5 million Times, and also that Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites. Attackers use compromised… Continue reading Attackers Hacked 15,000 Websites to Poison SEO

Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users

Meta has sued several Chinese companies (including HeyMods, Highlight Mobi and HeyWhatsApp) for developing and using “unofficial” WhatsApp apps for Android. The fact is that since May 2022, these applications have been used to steal more than a million WhatsApp accounts. By the way, also read our article: Top Facebook Scams 2022: How to Avoid… Continue reading Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users

SharkBot Malware Infiltrates Google Play Store Again

Information security specialists from Fox IT discovered two applications in the Google Play Store that distribute the SharkBot Trojan: Mister Phone Cleaner and Kylhavy Mobile Security were installed more than 60,000 times in total. Let me remind you that we wrote that Researchers Found 35 Malware on Google Play, Overall Installed 2,000,000 Times, and also… Continue reading SharkBot Malware Infiltrates Google Play Store Again

Researchers Found 35 Malware on Google Play, Overall Installed 2,000,000 Times

Bitdefender experts found 35 malware in the Google Play Store that distributed unwanted ads, and which users in total downloaded more than 2,000,000 times. Let me remind you that we wrote that About 8% of apps in the Google Play Store are vulnerable to a bug in the Play Core library, and also that Mandrake… Continue reading Researchers Found 35 Malware on Google Play, Overall Installed 2,000,000 Times

Most Often, Malware to Bypass Protection Impersonates Skype, Adobe Acrobat and VLC

VirusTotal analysts presented a report on the methods that malware operators use to bypass protection and increase the effectiveness of social engineering. The study showed that attackers are increasingly imitating legitimate applications such as Skype, Adobe Reader and VLC Player to gain the trust of victims. Let me remind you that we also wrote that… Continue reading Most Often, Malware to Bypass Protection Impersonates Skype, Adobe Acrobat and VLC

Fraudsters Are Running a Malicious Advertising Campaign through Google Search

Malwarebytes, an information security company, has discovered a large malicious campaign that skillfully uses ads and Google search. A phishing campaign using Windows tech support is spreading through Google Ads. Let me remind you that we wrote that Companies in the EU will have to remove Google Analytics from their websites, and also that Google… Continue reading Fraudsters Are Running a Malicious Advertising Campaign through Google Search

Fake DDoS App Targets Pro-Ukrainian Hacktivists

Google Threat Analysis Group (TAG) specialists reported that the Russian-speaking group Turla (aka Waterbug and Venomous Bear) created a fake Android application, allegedly designed to carry out DDoS attacks and target pro-Ukrainian hacktivists. Let me remind you that we also wrote that Microsoft Accuses Russia of Cyberattacks against Ukraine’s Allies, and also that TrickBot Hack… Continue reading Fake DDoS App Targets Pro-Ukrainian Hacktivists

0-Day Vulnerabilities of 2022 Repeat the Mistakes of Past Years

Google Project Zero researcher Maddie Stone published a study on 0-day vulnerabilities in 2022 on GitHub called “0-day In-the-Wild Exploitation in 2022…so far”. According to Stone, 9 of the 18 exploited zero-day vulnerabilities are variants of previously patched vulnerabilities. In many cases, the attacks were not sophisticated, and the attacker could have exploited the vulnerability… Continue reading 0-Day Vulnerabilities of 2022 Repeat the Mistakes of Past Years

Google Report Companies Creating Mobile Spyware for Governments

Google Reveals An Italian Company to Sell Android and iOS Spyware to Governments In its blog, Google has published a report revealing that multiple companies have been crafting and selling spyware exploiting mobile devices’ zero-day vulnerabilities discovered by Google specialists last year. The post includes code fragments from the disputed malware. Over 30 companies turned… Continue reading Google Report Companies Creating Mobile Spyware for Governments