Malware in fake Fortnite Android apps is already spreading

Malicious websites offering Android versions of Fortnite downloads have been discovered already, just days after the game was officially launched as a beta outside of the Google Play Store. Developer Epic Games had already announced the game would not be available through Google Play, in a move that avoids it having to pay Google’s 30% cut on all purchases made, and instead provides the game as a download through its own website. In a Wired report, the publication found seven websites advertising Fortnite for Android, all of which were then identified to carry malware by security experts Lockout. Upon investigation, the most common malware fools downloaders into visiting websites loaded with ads, on the promise of a code or opportunity...

Read more »

How google fights android malware 👀 ⚠️

Did Google score a complete victory against Android malware last year? No. Did it win? Yes. If you just read the headlines, it sounds like Android is a security mess. There's a report about one Android malware program after another. What's not said is that often these Android viruses require a user to be a sucker to get them. But since a sucker is born every minute, Google does its best to stop malware in its tracks. How does Google do this? Google's VP and head of security, Dave Kleidermacher, and Google Play's product manager, Andrew Ahn, explained in a blog post: "While the majority of developers have their audience's best interest at heart, some bad apps and malicious developers do attempt to evade detection and...

Read more »

New code injection method avoids malware detection on all versions of Windows

Presented at Black Hat Europe, a new fileless code injection technique has been detailed by security researchers Eugene Kogan and Tal Liberman. Dubbed Process Doppelgänging, commonly available antivirus software is unable to detect processes that have been modified to include malicious code. The process is very similar to a technique called Process Hollowing, but software companies can already detect and mitigate risks from the older attack method. Process Hollowing occurs when memory of a legitimate program is modified and replaced with user-injected data causing the original process to appear to run normally while executing potentially harmful code. Unlike the outdated hollowing technique, Process Doppelgänging takes advantage of...

Read more »

No Platform Immune from Ransomware, According to SophosLabs 2018 Malware Forecast

Ransomware ravaged Windows, but attacks on Android, Linux and MacOS systems also increased in 2017 Just two strains of ransomware were responsible for 89.5 percent of all attacks intercepted on Sophos customer computers worldwide OXFORD, U.K. – Nov. 2, 2017 – Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced its SophosLabs 2018 Malware Forecast, a report that recaps ransomware and other cybersecurity trends based on data collected from Sophos customer computers worldwide during April 1 to Oct. 3, 2017. One key finding shows that while ransomware predominately attacked Windows systems in the last six months, Android, Linux and MacOS platforms were not immune. “Ransomware has become platform-agnostic....

Read more »

WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping

A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack. The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network. That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream. In other words: this...

Read more »

Here is every patch for KRACK Wi-Fi attack available right now

Monday morning was not a great time to be an IT admin, with the public release of a bug which allowed WPA2 security to be broken. As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for Key Reinstallation Attack -- is at heart a fundamental flaw in the way Wi-Fi Protected Access II (WPA2) operates. The security protocol, an upgrade from WPA, is used to protect and secure communications between everything from our routers, mobile devices, and Internet of Things (IoT) devices, but there is an issue in the system's four-way handshake which permits devices with a pre-shared password to join a network. According to security researcher Mathy Vanhoef, who discovered the flaw, threat actors can leverage the vulnerability...

Read more »

Shadow Brokers Release Windows Malware that can Steal Keystrokes and Record Audio to its Paid Subscriber

Paid subscribers of Shadow Brokers’ monthly subscription can now gain complete access to your PC/laptop and steal your passwords and chats The hacking group named SHADOW BROKERS, which was responsible for the NSA leaks earlier. is back with another NSA hacker kit. This time however, the leak is only available for the users with its “monthly subscription”.In their latest release, SHADOW BROKERS have released a malware dubbed UNITEDRAKE. It is a remote access and control tool with “plug-ins” that can target WINDOWS based systems enabling the hacker with full control over their victim's system.UNITEDRAKE is compatible with systems running on Microsoft Windows XP, Vista, 7, 8 up to Windows Server 2012. It first came to light in 2014 as a part...

Read more »

HOW TO REMOVE ANDROID MALWARE

Is your Android device suddenly slow, using too much data, or showing corrupted data? You could have downloaded an infected app that came along with malware — or the much more obvious ransomware. Suspect apps (often promising free work software, cheat codes, new games, porn, or money) are an increasingly common method of getting viruses onto your mobile devices, where they wreak havoc and steal data. If you can still access your Android device, your first step should be to get rid of the infected app ASAP, before it tries to infect other devices or does more damage. Here’s how to locate and remove Android malware, along with a few options for security downloads to help protect you in the future. We’re going to speak generally about...

Read more »