Cyber News Rundown: Android Giveaway Fraud | Webroot

0
103

[ad_1]

Reading Time: ~ 2 min.

Thousands of Android Users fall Victim to Giveaway Fraud

Upwards of 65,000
Android users
were potentially compromised after installing a malicious app
promising free giveaways. Over the year the scam was in effect, roughly 5,000
apps were spoofed to lure victims into downloading in exchange for a phony
giveaway. In reality, the infection pushes silent background ads which generate
ad revenue for the scammers and decrease device performance.

North American Real Estate Firm Hit by Ransomware

A new ransomware variant known as DarkSide
claimed its first victim, Brookfield Residential,  after operating for nearly two weeks. The
North American real estate developer recently noticed unauthorized access to
several systems and was left a ransom note stating that over 200GB of data had
been stolen. The data has since been published to DarkSide’s leak site, which
has prompted many to speculate the ransom was not paid by Brookfield
Residential.

Cryptominers Caught Using AI

Researchers have been at work creating an AI
algorithm
to detect malicious cryptocurrency miners while avoiding
legitimate ones. The detection method compares currently running miners to
graphs of both legitimate and illegitimate miners and monitors changes between
the processes being used and the scheduling of mining activity. This type of
detection may be put to use to decrease the overall use of malicious code that
can often tax the system’s CPU usage to max capacity.

Los Angeles School District Suffers Cyber Attack

Just weeks after the FBI issued a warning about the threat
of cyberattacks against school districts, the Rialto
School District
in California has fallen victim to just such an attack. These
setbacks have made the return to online schooling particularly difficult. The extent
of the attack remains unclear and officials are still working to determine the
effects on the 25,000 enrolled students.

Maze Ransomware Cartel Adds New Variant Team

The authors of the lesser-known ransomware variant SunCrypt
have recently joined forces with the Maze ransomware cartel. It’s believed the new
cartel members were brought in to assist with the high volume of attacks that
the Maze Group is handling and are being paid with a portion of its profits. In
addition to new revenue streams from its partnership with the organization, cartel
members also benefit from access to the Maze Group’s resources including
obfuscation techniques and posting cartel member’s stolen data to their dedicated
leak site.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

[ad_2]

Source link