Squid Game app on Play Store was spreading Joker malware

0
[ad_1]

Squid Game and Joker malware turn out to be a “killer combination” after all.

Netflix’s biggest ever series Squid Game is a smash hit with over 142 million users watching it globally. This dystopian series from Korea has raked in approx. $900 million against a relatively underwhelming production cost of $21.4 million.

The craze surrounding Squid Game is surreal, and this is why cybercriminals are trying their level best to exploit its popularity. There are countless Squid Game merchandise, memes, and games available. However, at the same time, there are several unofficial apps uploaded on Google Play Store that are distributing malware.

About Squid Game Wallpaper

A Twitter user and security researcher (@ReBensk) discovered an Android app that was actually Joker malware disguised as a Squid Game wallpaper app.

Malware Infected Squid Game app with 5,000+ Downloads Found on Google Play Store
One of the malicious Squid Game app on the Google Play Store.

It is worth noting that Joker malware isn’t new, as it has appeared on the Google Play Store plenty of times. Joker malware can secretly sign in unsuspecting users onto premium subscription services by displaying a fake sign-up process.

Joker can also steal SMS messages, device information, and contact lists. In the current incident, the Joker variant used in the wallpaper app targets victims of ad fraud. Moreover, it signs innocent users onto expensive SMS services discreetly.

The malicious Squid Game wallpaper app was later examined by ESET malware researcher Lukas Stefanko who discovered that the app exposed users to malicious ad fraud and SMS subscriptions.

Malware Infected Squid Game app with 5,000+ Downloads Found on Google Play Store

Although Google removed this particular app from the Play Store, what’s concerning is the fact that more than 5,000 users had already downloaded it. Moreover, according to Stefanko, there are over 200 Squid Game-related apps available on Google Play Store.

Stefanko evaluated all the apps and concluded that none contained malware, but they all had several ads. And, another startling discovery he made was that there’s no official Squid Game app at all. Hence, fans need to be very careful when looking for show-related apps.

Seems like a great opportunity to make money on in-app ads from one of the most popular TV show without an official game. The most downloaded of them reached 1M installs in 10 days. Its game play is not that well handled, Stefanko tweeted.

If you are on Android there are certain precautions you need to take before downloading an app, for instance, use reliable anti-virus software, scan your device regularly and avoid downloading unnecessary apps from Play Store and third-party platforms.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.


[ad_2]
Source link

Best Language Learning Android apps – 2023

0
[ad_1]

If you have been wanting to learn a foreign language, there’s never been a better time to start. With smartphone apps, you can now learn any language from the comfort of your couch. Of course, mastering a language not native to you isn’t easy. It will require immense dedication and practice. But your Android smartphone can be of great help in this journey.

The Google Play Store has tons of apps that allow you to learn new languages at your own pace and schedule. These apps teach you everything from vocabulary and grammar to the right pronunciation and usage of words in sentences and much more. Whether your goal is to just have basic conversations in a foreign language or to master the language and leverage the skill professionally, as long as you have that burning desire inside you, it’s doable.

But before all of this, you must find the app that is best suited for your goal. To help you with your search, we have compiled a list of the best Android apps for learning new languages. While all apps offer the same core functionality, i.e. teach you new languages, their approach and teaching methods vary. Go through the article below for more information about each app. We have included a brief description, Google Play rating and size, cost of in-app purchases, and screenshots or promo videos, as well as a Google Play Store download link.

Best language learning Android apps 2023 downloads

Below is a little more information on each app, including a direct link for easy downloading.

All download links go to the app’s Google Play Store listing. Users are always recommended to download apps from Google Play or an authorized app store.

Duolingo

Duolingo best language learning Android apps

– Price: Free to download
– In-app purchases: $0.99 – $149.99
– Size: Varies with device
– Google Play rating: 4.7 out of 5 stars

With over 300 million users around the world, Duolingo is one of the most popular apps for learning new languages. The app offers courses in more than 40 languages and you can enroll in as many courses as you like at once. While it may not be the best idea to simultaneously pursue multiple courses, as it could all get mixed up and confusing, Duolingo’s game-like mini-lessons make things a lot simpler.

Whether you are a native English speaker or not, this app has language courses for everyone. Its expert-curated science-based lessons start with basic words, phrases, and sentences before gradually moving to the more complex side of languages. With regular practice, your grammar and vocabulary get strong, helping you improve your speaking, reading, and writing skills over time.

Duolingo also offers additional resources such as Stories and Events to make your learning process more fun and effective. Moreover, its playful rewards and achievements motivate you to make practicing a daily habit.

DOWNLOAD DUOLINGO

Babbel

Babbel language app

– Price: Free to download
– In-app purchases: $12.95 – $399.99
– Size: Varies with device
– Google Play rating: 4.6 out of 5 stars

Babbel is another popular name when it comes to Android apps for learning new languages. It offers more than 60,000 lessons in 14 different languages. You get thousands of hours of immersive and interactive language content crafted by dedicated professionals, with each lesson broken into small segments that only take 10-15 minutes of your time every day.

Language lessons in Babbel are tailored to real-life situations and customized according to the local culture. So instead of learning the same phrase and vocabulary in multiple languages, you’ll be learning native language skills. This practical approach helps you quickly develop natural speaking abilities in foreign languages. Of course, the app will also teach you formal words, phrases, grammar, pronunciation, and sentence formation.

DOWNLOAD BABBEL

Mondly

– Price: Free to download
– In-app purchases: $4.99 – $191.99
– Size: Varies with device
– Google Play rating: 4.5 out of 5 stars

Mondly focuses on conversational skills more than developing vocabulary. You get lessons on specific real-life situations in 33 languages. So if you’re planning a trip abroad and need to learn some basics in the native language, this app has got you covered. It offers audio pronunciation from native speakers, so you can learn to pronounce words and phrases the way they speak.

Since mastering a language requires you to amass a sizable vocabulary, Mondly eventually comes to that. But conversational skills are its forte. It even boasts AI chatbots to help you practice speaking foreign languages. The app uses speech recognition technology to determine whether you are speaking correctly and provides feedback accordingly. Mondly keeps track of your progress and lets you compete with other users on the platform.

DOWNLOAD MONDLY

Rosetta Stone

Rosetta Stone language app

– Price: Free to download
– In-app purchases: $0.99 – $299.99
– Size: Varies with device
– Google Play rating: 4.7 out of 5 stars

Rosetta Stone has been around for decades, which is a testament to its effectiveness when it comes to teaching foreign languages. Now available as an app, it offers interactive and contextual lessons in over 20 languages. Its proprietary speech recognition technology helps you develop speaking abilities from the very beginning. The app asks you to repeat a said word and match spoken words and phrases with images on the screen.

All this while, Rosetta Stone will guide you to improve your vocabulary and grammar in foreign languages. You can tailor your lessons according to your goal. Simply specify why you want to learn a language and the app will give you curated lessons that gradually take you closer to that goal. It divides lessons into 10-minute segments and lets you download courses for offline access.

DOWNLOAD ROSETTA STONE

Memrise

– Price: Free to download
– In-app purchases: $0.99 – $199.99
– Size: Varies with device
– Google Play rating: 4.6 out of 5 stars

Memrise uses video lessons to teach you foreign languages. The videos are supplied by native speakers, with the whole of its 65 million+ user community contributing. The app boasts more than 30,000 such videos, allowing you to learn the pronunciation, tone, and accent of the language as the locals speak it. When you are ready to begin conversations yourself, you have an AI chatbot for practicing.

This app offers lessons in more than 20 languages, with each course comprising of a rich variety of practice sets, quizzes, and games. These features make your journey more fun and engaging. Memrise also has language lessons curated to real-life situations, helping develop basic conversational skills.

DOWNLOAD MEMRISE

Lingualeo

Lingualeo best language learning Android apps

– Price: Free to download
– In-app purchases: $0.99 – $299.99
– Size: Varies with device
– Google Play rating: 4.6 out of 5 stars

Lingualeo offers a wide range of resources to help you learn languages. It boasts vocabulary training courses, grammar exercises, thematic courses, and video lessons, as well as featured collections of language-themed articles, speeches, books, and more. All of this helps you develop your reading, speaking, and writing skills in foreign languages.

This app’s game-based approach allows you to compete with other users and earn rewards for achieving goals faster. With more than 23 million users around the world, it’s a pretty big community, so competition is high. You can use the same Lingualeo account on the app and website, allowing you to continue your lessons from the device of your choice.

DOWNLOAD LINGUALEO

Busuu

Busuu language app

– Price: Free to download
– In-app purchases: $0.99 – $169.99
– Size: Varies with device
– Google Play rating: 4.6 out of 5 stars

Busuu is another popular app among language learners, with more than 120 million people using it to learn new languages globally. It offers courses in 14 languages, with the option to select your current skill set. If you’re a complete newbie to a language, the app will start lessons from the lowest level. But if you do know some basics, it won’t waste your time teaching what you already know.

Regardless of your expertise in a language, Bussu allows you to create a study plan of your own. This ensures that you are learning at a pace best suitable to your schedule. If you need help, you can always turn to the 120 million-strong community where you will certainly find a few native speakers of the language you are learning. You can have conversations with them and get feedback to sharpen up your skills.

DOWNLOAD BUSUU

Drops

– Price: Free to download
– In-app purchases: $0.99 – $194.99
– Size: Varies with device
– Google Play rating: 4.5 out of 5 stars

Drops offers courses in more than 45 languages. It uses illustrations and fast-paced micro-games to teach you essential words, phrases, and conversational skills in a fun way. The app doesn’t give much importance to grammar in its lessons, ensuring that you don’t lose the fun element as you progress. The grammatical part of the language fills in automatically over time.

Language courses in Drops are broken into bite-size lessons that only take a few minutes to complete. So even if you have a busy schedule, you can squeeze in one lesson daily for regular practice. Each lesson feels like a new level in a game, so you enjoy more as you learn.

DOWNLOAD DROPS

Beelinguapp

Beelinguapp best language learning Android apps

– Price: Free to download
– In-app purchases: $1.99 – $54.99
– Size: Varies with device
– Google Play rating: 4.2 out of 5 stars

Beelinguapp focuses on reading comprehension where you read stories in different languages side by side. You can also listen to the story in your target language. This allows you to translate words and phrases between your native language and target language in real-time and grasp their usage and pronunciation naturally.

This unique approach of Beelinguapp makes it a crown favorite. The app offers courses in around 20 languages. While the courses are curated for beginner, intermediate, and expert learners, it’s best suitable for people who already know the basics. You will develop reading and speaking skills faster with Beelinguapp if you know simple words and phrases.

DOWNLOAD BEELINGUAPP

Mango Languages

Mango languages app

– Price: Free to download
– In-app purchases: $0.99 – $199.99
– Size: Varies with device
– Google Play rating: 4.8 out of 5 stars

If you’re a native English speaker looking to learn a new language, you won’t find more options anywhere other than Mango Languages. This app boasts courses in over 70 languages for English speakers. You can even choose regional variants of some languages, such as Latin American and Castilian variants of Spanish. Mango Languages also offers English courses for 21 foreign languages, so its collection is huge.

Like most other apps on this list, Mango Languages teaches you real-life conversation skills from the get-go. It uses audio clips from native speakers to help you with the pronunciation of words and the accent. Lessons are downloadable for offline access. You also get interactive listening and reading exercises here.

DOWNLOAD MANGO LANGUAGES


[ad_2]
Source link

Facebook sues Ukrainian man for scraping and selling 178m users’ data

0
[ad_1]

On October 21, 2021, Facebook filed a lawsuit against a Ukrainian citizen for allegedly scraping information of 178 million users of the social network and selling the data on hacker forums.

Reportedly, the data scraping occurred between 2018 and 2019. Also called web scraping, data scraping refers to importing massive amounts of data from a website and storing it on a local device in a spreadsheet or document.

It is worth noting that in January 2021, Facebook also sued a Portuguese company for developing malicious Chrome extensions allowing data scraping. 

Is data scraping illegal?

Depending on its use web data scraping is an illegal technique in which a computer program (bots) extracts data from a website. 

Remember, third-party firms can use data scrapping, a fairly common practice to extract the personal information of users from websites like LinkedIn, Facebook, or Twitter.

This information can be accessed by cybercriminals in case proper security measures are not implemented. For instance, malicious elements can use ‘scraper bots’ to extract private information anonymously.

Who’s facing the lawsuit?

The lawsuit is filed against a freelance computer programmer Alexander Solonchenko from Kirovograd, Ukraine, who used the online handles of barak_obama and Solomame to carry out his objectives. 

Facebook sues Ukrainian man for scraping and selling 178m users' data
The activity of Barak_Obama on RaidForums (Image: Hackread.com)

Court documents revealed that the programmer could access and sell user IDs and contact numbers, which are publicly available but obtaining and selling the data is against Facebook’s terms of service.

What Happened?

According to reports, in 2018, Solonchenko scraped personal details of Facebook users exploiting the contact import feature of Facebook, which the company discontinued in Sep 2019.

Using this feature, he could sync users’ contact lists to identify which contacts had an account on Facebook to reach out to them on Messenger. The defendant then fed Facebook servers with millions of random phone numbers. 

SEE: 2 scraped LinkedIn databases with 500m and 827m records sold online

Facebook claims that he used an automated tool to mimic Android devices in this attack. Whenever the company returned the info to accounts associated with the phone numbers fed to its servers, he collected it.

The programmer allegedly tried to sell the stolen data on the clearnet cybercrime and hacker forum called RaidForums in October 2020. Facebook also stated that the defendant exploited the feature between Jan 2018 and September 2019, which means the data heist continued for more than 21 months.

About Contact Importer Feature

This feature allowed users to upload their contact list directly from their address books onto their mobile devices and provided them with a one-to-one list of users whose phone numbers matched the numbers uploaded from a device’s address book. This functionality was included to let users identify friends through their contact information.

How Facebook Tracked the programmer?

Facebook tracked down the programmer after he mistakenly used the same username and contact information on email and job portals. It turned out that the Ukrainian programmer had scraped and sold data from several other high-profile firms and organizations, including Ukraine’s largest private delivery service, largest commercial bank, and a France-based data analytics firm.

After tracking him down, Facebook quickly filed a lawsuit with the Federal District Court for the Northern District of California and requested the judge to ban Solonchenko from accessing its website and selling the scraped data apart from seeking undefined damages.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.


[ad_2]
Source link

911 (911.re) Proxy Service Shuts Down After Confirming Security Breach

0
[ad_1]

At the time of writing, the home page of 911 (911.re) Proxy Service was displaying a detailed message left by the website’s administrator revealing details of the security breach.

911 proxy service (911.re), regarded as one of the few original residential proxy networks, has announced shutting down its operations after suffering a data breach. The service that has sold access to countless Microsoft Windows computers since 2015 confirmed in a message on its home page that the cyberattack destroyed critical elements of its business operations.

Incident Details

Earlier in July 2022, Brian Krebs from KrebsOnSecurity had criticized the connections 911.re proxy service had with dubious pay-per-install affiliate programs, which bundled its software with pirated software and free utilities.

Krebs noted that 911.re operated multiple pay-per-install programs and paid affiliates to bundle its software with other programs to generate a steady stream of proxies.

oon after Krebs’ report, 911.re informed users about reviewing its network and implementing new security measures to “prevent misuse” of its services, along with closing new user registrations and proxy balance top-up.

“We are reviewing every existing user, to ensure their usage is legit and in compliance with our Terms of Service,” the notice read.

Many users complained that they could not use the service after the company’s public notice. On July 28th, the website announced a permanent shutdown of its services.

“We regret to inform you that we permanently shut down 911.re and all its services on July 28th.”

911 (911.re) Proxy Service Shuts Down After Confirming Security Breach

Was 911.re Hacked?

As shown in the screenshot above, 911.re claims that its service was hacked in July 2022 after someone manipulated the balances of many user accounts by abusing an API (application programming interface) that handled account top-ups.

The company investigated and discovered that the hacker “maliciously damaged” its server data. The hackers managed to overwrite its servers, data, and its backups. Since the company wasn’t sure how it compromised this system, it decided to shut down the recharge system and new user registration “urgently.”

How do Residential Proxy Services Work?

Users rent a residential IP address and use it as a relay for internet communications while securing their identity. But they are generally unaware that it would turn their device into a proxy that allows other users to use their internet address.

Such proxy services build their networks by offering free proxy or free VPN services powered by software that turns their computers into a traffic relay.


[ad_2]
Source link

Google details cookie stealer malware campaign targeting YouTubers

0
[ad_1]

Google attributed the malware campaign to a group of attackers recruited via a Russian-language hacker forum.

Google has disclosed details of a new campaign involving phishing attacks launched against YouTube channel owners with the sole purpose of hijacking their channels. According to the report, threat actors are using cookie theft malware in the attacks to take control of the device/computer and hack YouTube accounts.

Researchers revealed that attackers behind this channel hijacking scheme are financially motivated as they auction off the stolen channels if they have a large number of followers or promote cryptocurrency scams by abusing these accounts.

Google details cookie stealer malware campaign targeting YouTubers

About the Campaign

In their report, Google’s Threat Analysis Group’s (TAG) Ashley Sen attributed to a group of attackers recruited via a Russian-language forum through the following job description, offering two types of work:

Google details cookie stealer malware campaign targeting YouTubers

The attacks have been going on since 2019, and attackers used to lure targets through fake collaboration schemes such as requests to purchase ads on the targeted user’s channel, photo editing, online games or music players, VPNs, and demo for anti-virus software, etc.

After gaining the channel owner’s trust, the scammers would send the victim a URL through email or a Google Drive PDF in which they would promise a legitimate software, but actually, it redirected them to a malware landing page.

SEE: Vlogger loses $2M in cryptocurrency during YouTube live stream

When the malware was installed on the computer, it would steal cookies from the browser using a smash-and-grab technique, and the cookies were used to hijack the session and eventually hijack the channel. Scammers would then look to sell it to the highest bidder with an asking price of $3,000 to $4,000 or launch cryptocurrency scams using it.

It was observed that scammers sent phishing messages to email IDs made public by YouTube channel owners for business purposes.

The malware used in the scam includes Azorult (also used in recent COVID-19 related scams), Raccoon, Vidar, Grand Stealer, Kantal, Nexus stealer, Masad, The Thief, Predator, Vikro Stealer, and RedLine along with open-source tools like AdamantiumThief and Sorano.

How was The Campaign Busted?

Google’s TAG team collaborated with Gmail, YouTube, Trust&Safety, CyberCrime Investigation Group, and Safe Browsing teams to decrease the distribution rate of phishing emails on Gmail. Their collaboration decreased the volume of the phishing campaign by 99.6% since May 2021 and blocked 1.6 million messages to probable targets.

SEE: OpenSea vulnerability allowed crypto stealing with malicious NFTs

Furthermore, around 62k Safe Browsing phishing page warnings and 2.4k files were blocked, with nearly 4,000 accounts restored successfully. After attackers sensed increased detection efforts, they turned to other email providers such as Seznam.cz, email.cz, Aol.com, and post.cz.

It was also noted that the attackers had registered nearly 15,000 accounts and had domains associated with fake firms, while over 1,000 websites were used to distribute malware. For preventing further distribution of phishing emails, Google notified the FBI as well.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.


[ad_2]
Source link

Relay for Reddit announces planned subscription prices

0
[ad_1]

Relay for Reddit, one of the very few remaining third-party Reddit apps for Android, is switching to a subscription model. The developer of the app recently announced that they are planning four different subscription tiers, with prices ranging between $1 and $5 per month. Pricier tiers will offer more API calls, i.e. more usage. The subscription model will go live in a few weeks. The app is free to use until then.

Reddit switched from a free to a paid API last month. This change means developers are required to pay the company for accessing its data through their apps. Many popular third-party apps shut down following this switch, with developers accusing the company of charging exorbitant prices for its APIs. However, a few of them live on, including Relay. Their developers planned to cover the costs with a subscription model.

Relay developer has now officially announced the subscription prices. The base tier will cost $1 per month and give subscribers an average of 45 API calls per day. About 45 percent of Relay users make fewer API calls on average, the developer said. For $2 a month, API calls are increased to 100 per day. This tier covers about 80 percent of users at their current usage rate.

The $3 per month tier doubles API calls to 200 per day, covering 95 percent of Relay users. Finally, the most expensive ($5 a month) plan gives users unlimited usage. According to the developers, this tier covers 99.8 percent of users profitably. They would suffer a loss from the remaining 0.2 percent of Relay users, but if enough users sign up, the loss should be covered by others.

Relay for Reddit users can check their average API call volume

API calls mean actions you execute via the Relay app. If you upvote a Reddit post/comment, that’s one API call. Likewise, if you check comments, open posts, or visit profiles, every action will count towards your API calls. This means users need to see how many calls they are making on average each day. If they exceed the monthly limit for their subscription tier, they’d no longer be able to access Reddit through Relay until their subscription renews the next billing cycle.

To simplify things for users, Relay will show their average daily API calls within the app. The feature is already available with the latest version of the app. It also shows a breakdown of what functions you are using the most (voting, comments, mail, feed, etc.). Once the subscription is live, users will see a separate meter that displays their plan usage percentage (the percentage of available API calls used) and the number of days remaining for renewal. If you use Relay, watch out for more updates from the developer in the coming days.


[ad_2]
Source link

Millions of Android devices abused by UltimaSMS Adware Scam

0
[ad_1]

The UltimaSMS Adware scam is abusing Android apps to subscribe users to premium SMS services that charge up to $40/month depending on their mobile carrier and geographic location.

Avast researchers have discovered a globally active SMS fraud campaign that has leveraged around 151 malicious Android applications, collectively boasting around 10.5 million downloads.

SEE: New Android malware TeaBot found stealing data, intercepting SMS

The campaign’s modus operandi involves scammers attempting to subscribe unsuspecting users to premium subscription services without notifying them. These fraudulent apps are downloaded by users in the following countries:

  • Egypt
  • Oman
  • Qatar
  • Turkey
  • Kuwait
  • Pakistan
  • Saudi Arabia
  • United Arab Emirates
  • United States of America

Number of downloads per country

Millions of Android devices abused by UltimaSMS Adware Scam

About UltimaSMS

The campaign has been dubbed UltimaSMS by Avast researchers, and its main targets are Android applications available on Google Play Store. The name is derived from the first app the researchers discovered used in this fraud, Ultima Keyboard 3D.

Reportedly, the campaign has been active since May 2021. It primarily involves applications covering various categories, from QR code scanners and virtual keyboards to photo and video editors, camera filters, online games, and spam call blockers.

How does the Scheme Works?

Avast researcher Jakub Vávra explained that after a malicious app is downloaded on the device, it checks the user’s location and mobile phone’s IMEI number to determine the language in which it has to communicate with the user and country code.

Then, it prompts the user to enter their email ID and phone number to access the app’s advertised features. But, in reality, it discreetly subscribes the victim to premium SMS services that charge up to $40/month depending on their mobile carrier and geographic location.

“The sole purpose of the fake apps is to deceive users into signing up for premium SMS subscriptions. While some of the apps include fine print describing this to users, not all of them do, meaning many people who submitted their phone numbers into the apps might not even realize the extra charges to their phone bill are connected to the apps,” Vávra noted in their blog post.

Dozens of Apps Removed from Play Store

According to Avast researchers, at least 151 Android apps from more than 80 countries were used to subscribe users to premium SMS services.

A significant number of these malicious applications have been removed from the Play Store. However, there are about 82 apps available for download on online marketplaces as of Oct 19, 2021.

Millions of Android devices abused by UltimaSMS Adware Scam

Reportedly, this adware scam is also distributed through advertising channels on mainstream social media platforms like Facebook, TikTok, and Instagram, where users are lured towards downloading the apps with attention-grabbing video ads.

How to Protect Your Device?

Uninstalling the app is the first and most effective action to prevent any further compromise of the device. Apart from that, you must disable all premium SMS options with the carriers so that none of these apps can perform subscription abuse. Since children have downloaded these apps too, based on the reviews on the app, it is imperative to secure children’s phones.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.


[ad_2]
Source link

SolarWinds hackers, Nobelium, hit cloud providers and resellers

0
[ad_1]

So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group.

The IT security researchers at Microsoft have revealed that the threat actors from the Nobelium group are back in action and currently targeting resellers and Cloud service providers.

Nobelium is the same group that launched the massively devastating supply chain attacks against Texas-based SolarWinds’ Orion software last year. the infamous group is also known for using SUNBURST and TEARDROP malware.

Microsoft has been following the activities of this group quite closely since then and just last month, the company warned of Nobelium’s comeback after the actors were found using a never-before-seen post-exploitation backdoor called FoggyWeb.

The backdoor is capable of stealing sensitive data from a compromised AD FS (Active Directory Federation Services) server. For your information, according to the U.S. government and other authorities Nobelium is part of Russia’s foreign intelligence service known as the SVR.

140 service providers informed; 14 compromised

In the latest blog post, Microsoft’s Corporate Vice President, Customer Security & Trust, Tom Burt revealed that since May 2021, the company has informed 140 resellers and technology service providers about Nobelium’s cyberattacks on their critical infrastructure.

However, since Microsoft is still investigating, Mr. Burt revealed that 14 of the informed companies were compromised by the group. It is worth noting, the prime target of this campaign are resellers and technology service providers who specialize in managing, customizing, deploying cloud services and other technologies on behalf of their customers.

We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers’ IT systems and more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers, Mr. Burt noted in his blog post.

Nobelium’s previous attack on SolarWinds involved exploiting critical vulnerabilities (the group also hacked iPhones by exploiting iOS 0-day flaws) but in the latest attack, the group’s modus operandi involves phishing and password spraying attack.

This indicates that the group is keeping its strategy plain and simple by using social engineering tactics to steal valid credentials and gain privileged access.

SolarWinds hackers, Nobelium, hit cloud providers and resellers
Example intrusion conducted by NOBELIUM (Microsoft)

What is Password Spraying Attack?

In this kind of attack, threat actors try to brute-force accounts cycling the same passwords on multiple accounts at once. This helps them hide failed attempts using different IP addresses and evade automated defenses such as IP blocking or password lockout designed to block multiple failed login attempts.

Microsoft’s technical guidance

Microsoft’s Threat Intelligence Center (MSTIC) has also released technical guidance for companies and downstream customers to protect themselves against cyberattacks from Nobelium. 

Protection against phishing attacks

From small businesses to large corporations, providing adequate education about phishing and cybersecurity is a must. However, for beginners, using common sense can help in the long run therefore, refrain from opening anonymous emails and do not click links or download attachments from them.

Nevertheless, teach employees how to spot phishing attempts by simply following these steps:

  • Phishing attempts almost always contain a link, downloadable attachment, or directive telling people to do something ASAP.
  • There are often a lot of spelling mistakes, but not always.
  • The email or message can instill a sense of urgency to get people to act quickly without thinking.
  • It may be a threat or even blackmail, as is the case with sextortion phishing scams.
  • The email signature will usually look strange or different from normal.
  • Despite all of the common telltale signs, phishing emails can look legitimate. Hackers can make spear phishing attacks that look like a known company, bank, or contractor sent the email. However, employees should use common sense to think about whether this email was warranted. Does it contain a link and is asking them to log onto their account for no reason? Most banks, for example, won’t send an email asking people to log into their accounts or send any links.
  • Phishing emails or messages aren’t always from strangers. Sometimes they’re sent from the compromised accounts of friends, coworkers, or other contacts.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.


[ad_2]
Source link

UpdateAgent malware variant impersonates legitimate macOS software

0
[ad_1]

By Waqas

According to Microsoft Security Intelligence, the new variant of UpdateAgent malware is also capable of dropping adware against macOS.

This is a post from HackRead.com Read the original post: UpdateAgent malware variant impersonates legitimate macOS software


[ad_2]
Source link

You can’t afford to miss this Samsung Galaxy Watch 6 sale!

0
[ad_1]

Amazon has a pretty sweet deal on the new Galaxy Watch 6, it’s basically the same as their pre-order offer but now it’s still available after pre-orders ended. Basically, you can get the Galaxy Watch 6 for its regular price. And Amazon will toss in a $50 gift card as well as a fabric band ($50 value) for free. So you get all of that for just $299. Not to bad at all.

Samsung Galaxy Watch 6 – Amazon

Why you should buy the Samsung Galaxy Watch 6

The Samsung Galaxy Watch 6 is a great smartwatch for anyone who wants to track their health and fitness, stay connected, and control their devices from their wrist. Here are some of the reasons why you should buy the Galaxy Watch 6:

Advanced health tracking: The Galaxy Watch 6 has a variety of sensors that can track your heart rate, sleep, steps, calories burned, and more. It also has an ECG sensor that can detect atrial fibrillation, a serious heart condition.

Long battery life: The Galaxy Watch 6 has a battery that can last up to 40 hours on a single charge. This means you can wear it all day and night without having to worry about it running out of power.

Sleek design: The Galaxy Watch 6 is available in two sizes: 40mm and 44mm. Both sizes have a sleek, minimalist design that looks great on any wrist.

Wear OS 4: The Galaxy Watch 6 runs on Wear OS 4, which is a version of Android designed for smartwatches. This means you can access a variety of apps and features on your watch, including Google Maps, Spotify, and YouTube Music.

Water resistance: The Galaxy Watch 6 is water resistant up to 50 meters, so you can wear it in the shower, pool, or ocean.

Overall, the Galaxy Watch 6 is a great smartwatch that offers a variety of features and benefits. If you’re looking for a way to track your health, stay connected, and control your devices from your wrist, the Galaxy Watch 6 is a great option.

Samsung Galaxy Watch 6 – Amazon


[ad_2]
Source link