Apple Macs At Risk From ‘Rising’ Malware Attacks

Apple not so safe after all. Rapid rise in malware targeting Mac devices, as Android security problem worsens

Malwarebytes has warned Apple Mac users that the days of their devices being relatively safe from malware are long over.

The security specialist analysed data from millions of its users worldwide and it discovered that Mac and Android ransomware and malware attacks have risen significantly in the past year.

Indeed, Malwarebytes found that more Mac malware had been detected in Q2 2017 than in all of 2016.

Mac Malware

According to the security vendor, the “rapidly rising rates of malware” targetting Mac devices should disperse the popular belief that Macs are impenetrable.

It cited the recent outbreak of the FruitFly surveillance malware as an example.

Fruitfly creates a backdoor that allows attackers to take screen captures and remotely control the Mac system.

“More malware families have emerged in 2017 than in any other previous year – and we’re only in August,” warned Malwarebytes. In fact, more new malware families have appeared this year than in any other previous year in Mac history.

To this end,  Malwarebytes has introduced ‘Malwarebytes for Mac‘, which offers real-time protection for Mac users to automatically block and remove cyber threats, including malware, adware and potentially unwanted programs.

“We carefully designed Malwarebytes for Mac to protect all Mac users from cyber threats and potentially unwanted programs so that they can feel safe and have a Mac that performs like it should,” explained Marcin Kleczynski, CEO, Malwarebytes.

“Antivirus and security awareness is no longer enough defence for Mac users, the growth of Mac malware has made that very clear. We hope that more and more Mac users will come to this realisation  and begin to seek out additional defences.”

Malwarebytes for Mac includes a real-time anti-malware protection scanner that allows for “ultra-fast proactive scanning for malware and spyware in real-time, in addition to flagging potentially unwanted programs and adware.”

And Malwarebytes for Mac can either completely replace an existing antivirus solutions or can run alongside any antivirus program. It also boasts a small system footprint that utilises minimal system resources to ensure that Macs run smoothly.

“Mac threats are not taken seriously enough in the security community today,” added Thomas Reed, Director of Mac and Mobile, Malwarebytes. “Adware and potentially unwanted programs are becoming a major problem for Mac users. Some very popular apps have been known to carry these threats and despite protections in place, the App Store is not immune to these threats.

“For example, the recent Proton Remote Access Trojan that plagued Mac users fooled many experienced, security-minded people who became infected. This perpetuates a crucial lesson that, despite what many Mac users think, they are not safe even if they are careful about what they download.

“Being security-savvy is no longer enough, all Mac users need dedicated protection against malware, adware and potentially unwanted programs.”

Android Security

There was equally grim news for those in the Android community, as ransomware here increased more than 100 percent between Q1 and Q2 2017. Indeed, Malwarebytes data showed that incidences of Android malware increased more than five percent since the start of the year.

And to make matters worse, incidents of Android ransomware increased 138 percent in Q2 2017 (April to May) over Q1 (January to March) 2017. Malwarebytes found that Jisut, SLocker and Koler ransomware collectively accounted for nearly 95 percent of these detections.

And although Android ransomware is growing at this rapid pace, Trojans and potentially unwanted programs still remain the biggest headaches for Android users.

Android Trojans accounted for more than 48 percent of all Android malware detections in the first half of 2017 and potentially unwanted programs accounted for 47 percent of all detections.

via silicon

Read more »

GM Bot (Android Malware) Source Code Leaked Online

The source code of a recently discovered Android banking Trojan that has the capability to gain administrator access on your smartphone and completely erase your phone's storage has been LEAKED online.

The banking Trojan family is known by several names; Security researchers from FireEye dubbed it SlemBunk, Symantec dubbed it Bankosy, and last week when Heimdal Security uncovered it, they dubbed it MazarBot.

All the above wave of Android banking Trojans originated from a common threat family, dubbed GM Bot, which IBM has been tracking since 2014.

GM Bot emerged on the Russian cybercrime underground forums, sold for $500 / €450, but it appears someone who bought the code leaked it on a forum in December 2015, the IBM X-Force team reported.

What is GM Bot and Why Should You Worry about it?

The recent version of GM Bot (dubbed MazarBOT) has the capability to display phishing pages on the top of mobile banking applications in an effort to trick Android users into handing over their financial credentials to the fraudsters.

Besides this, the banking trojan is also capable of forwarding phone calls and intercepting SMS messages to help fraudsters bypass an additional layer of bank security mechanisms, and locking a device’s screen.

Cyber criminals could also use the malware to:

• Spy on victims
• Delete data from the infected device
• Gain boot persistence to help survive device restart
• Send and Read your SMS message
• Make Calls to your contacts
• Read the phone's state
• Plague phone's control keys
• Infect your Chrome browser
• Change phone settings
• Force the phone into sleep mode
• Query the network status
• Access the Internet
• Wipe your device's storage (the most critical capabilities of the malware)

However, someone leaked the malware source code only to boost his/her reputation on an underground forum, according to the researchers.

GM Bot Android Malware Source Code for FREE

Yes, the source code for GM Bot and its control panel is now accessible to cybercriminals and fraudsters for FREE.

Here’s the Cherry on the Top:

Besides the source code, the leader also posted a tutorial and instructions for server-side installation, which means cybercriminals can create their own versions of the malware strain to conduct online banking frauds.

Though the archive file containing the source code and its control panel is password protected, the leader is offering the password only to active forum members who is approaching him.

"Those who received the password, in turn, passed it on to other, unintended users, so the actual distribution of the code went well beyond that discussion board’s member list," IBM cyber security evangelist Limor Kessem wrote in a blog post.

Online users had started sharing the password to the archive among their friends, and in no time, the GM Bot source code was all over the hacking underground forums.

GM Bot is one of the most dangerous banking trojan in the Android ecosystem and after its source code gets leaked, users are recommended to beware while banking online.

How to Protect Yourself?

As I previously mentioned, online users are advised to follow these steps in order to protect themselves against this kind of threat:

• Never open attachments from unknown sources.
• Never click on links in SMS or MMS messages sent to your phone.
• Even if the email looks legit, go directly to the source website and verify any possible updates.
• Go to Settings → Security → Turn OFF "Allow installation of apps from sources other than the Play Store" option.
• Always keep an up-to-date Anti-virus app on your Android devices.
• Avoid unknown and unsecured Wi-Fi hotspots and Keep your Wi-Fi turned OFF when not in use.

via hackernews

Read more »

iOS still does app privacy better than Android

There's not a lot new in Android 6.0 Marshmallow, which is now slowly making its way onto Android smartphones and tablets. Google characterizes Marshmallow more as an under-the-hood effort to improve system performance and stability. But one of the key new features for users is the ability to manage the privacy settings of applications.

How do Marshmallow's privacy controls compare to iOS's?

[ Looking to run office productivity apps on the go? Check out InfoWorld's comparisons of office apps for the iPad and office apps for Android devices. | If you're editing in the cloud, check out our comparison of cloud office suites. | Keep up on key mobile developments and insights with the Mobile Tech Report newsletter. ]

For several versions, Android has shown users what data and services an app wants to use when the app is installed, but you could only accept or reject them all. Also, you could not deactivate permissions (such as to your contacts or camera) later.

There's not a lot new in Android 6.0 Marshmallow, which is now slowly making its way onto Android smartphones and tablets. Google characterizes Marshmallow more as an under-the-hood effort to improve system performance and stability. But one of the key new features for users is the ability to manage the privacy settings of applications.

How do Marshmallow's privacy controls compare to iOS's?

[ Looking to run office productivity apps on the go? Check out InfoWorld's comparisons of office apps for the iPad and office apps for Android devices. | If you're editing in the cloud, check out our comparison of cloud office suites. | Keep up on key mobile developments and insights with the Mobile Tech Report newsletter. ]

For several versions, Android has shown users what data and services an app wants to use when the app is installed, but you could only accept or reject them all. Also, you could not deactivate permissions (such as to your contacts or camera) later.

If you want to see all the apps that use a specific type of data or resource, here's how: In the Settings app, tap App, then tap the Settings icon (the gear) to open the Configure Apps screen. Normally, you use the More menu (via the ... icon) in Android for accessing additional features, but in this case you use Settings. In the Configure Apps screen, tap App Permissions to get a screen that shows each permission. Tap a permission, as you would in iOS's equivalent but more accessible screen, to see and manage which apps use those permissions. It shouldn't be that hard to find.

Of course, a diligent user will eventually find that obtuse path or go into each app's settings in Android Marshmallow and check into every permission. (iOS lets you work that way too; if you tap an app in Settings, you can see its privacy permissions and adjust them.) But Android's approach is also more apt to let apps get more access to your private data and system services than you'd like or realize.

via infoworld

Read more »

Facts About Remote Access Trojans (RATs) vs AlienSpy

AlienSpy is the latest in a family of RATs which target both consumers and enterprises in a bid to steal valuable data and compromise systems.

Remote Access Trojans (RATs) never fully vanish; instead, they are often recycled and redeveloped in the changing cybersecurity landscape. These kinds of Trojans, often deployed through phishing campaigns which use spoof emails and malicious files to deliver malware payloads, can be tailored to target particular industries -- such as banking or manufacturing -- or be used indiscriminately against both consumers and businesses.

In a security advisory (.PDF) posted Thursday, security firm Fidelis said the newly-discovered AlienSpy Trojan is currently being used in international phishing campaigns against both consumers and the enterprise, although generally has been detected in campaigns based in the technology, finance, government and energy sectors.

Joining the likes of njRAT, njWorm and Houdini, the RAT's development focuses on delivery rather than core functions. However, AlienSpy does differ from its predecessors. While also similar to Frutas, Adwind and Unrecom, the security firm believes the new RAT has benefited from "unified," collaborative development. As a result, the Trojan is more sophisticated and has expanded functionality.

AlienSpy currently supports infections on Windows, Linux, Mac OSX and the Android mobile operating system. However, the Trojan also demonstrates new evasion techniques not present in past RATs.

Once deployed, the Java-based Trojan grants an attacker access and control over a compromised system. The malware is able to collect system information including OS version, RAM data and computer name, upload and deploy additional malware packages, capture webcam and microphone streams without consent, and remotely watch device activity. In addition, the Trojan includes a keylogger.

AlienSpy's additional features include a sandbox detection tool, the detection and disabling of antivirus software, and the use of Transport Layer Security (TLS) cryptographic protocols to secure its connection to the command and control (C&C) server.

"Applying this technique makes it very difficult for network defenders to detect the malicious activity from infected nodes in the enterprise. To prevent various security tools from running, this version of AlienSpy performs various registry key changes," the advisory notes. "Infected systems could end up with botnet malware downloaded through AlienSpy RAT (e.g. Citadel) as it was observed by our security researchers during one of the infections."

In the same manner as its predecessors, AlienSpy is available through various subscription models and receives continual updates from its developers. According to Fidelis, AlienSpy can be purchased for between $19.90 and $219.99.

"Enterprises should ensure that they are capable of detecting inbound malware as well as active infections involving this RAT," Fidelis says.

The security firm has also published a Yara rule to help developers identify and classify the AlienSpy malware strain.

via ZDNet

Read more »

Related searches for free online router malware scan

• scan for malware free
• free online malware removal scan
• free online anti malware scan
• best free scan for malware
• microsoft free scan for malware
• online malware scan without downloading
• best free online malware scanners
• run malware scan

Read more »

5 Ways to Stay Away from Malware on a Smartphone

A malware is some software specially designed to harm your computer or smartphone, or to get your personal information for various anti-social purposes (let’s say spying on you). It may be a virus, a spyware, worm, or a Trojan, but their sole purpose is to harm you. Nowadays, since smartphones are more in use, these malwares are aimed mostly at them. So here are some precautions that you can adopt to stay away from them:

1. Download Stuff From Trusted Sources

While you download stuff (songs, pictures etc.) into your mobile, be sure that you don’t download anything but what you want to download. Sometimes, rather most of the times, a file that you want to download is accompanied with a malicious software, that drains out your personal information out of your phones and can be used for anything, and the worst part is that you’d never know. One such unwanted application is Mobogenie that automatically gets downloaded onto Android phones and can cause serious troubles. Don’t believe messages on your browsers that say anything about your phone slowing down or those that offer you “hot pics”.

2. Don’t Cache Passwords

Well, it must be very annoying to type your password again and again onto your device, but this is the key area where most of the spywares attack. They phish out the cache from browsers and hence, can gain access to your private accounts. So the only foolproof method to avoid this is to not save these passwords. Oh, and while you’re at it, turn on the 2-step verification to be extra safe. Click here to know more about two-step verification.

3. Don’t Fall Into Traps Of Spams

You might have come across emails claiming that you’ve won a billion dollars in some lottery you never signed up for, or something like this:

Never click on these links, unless you’ve subscribed or signed up for them as they may contain software that can get installed on your smartphones without your consent.

4. Be Extra Cautious If You’ve Got Root Access

This point is exclusive for Android devices.When you root your smartphone, you allow the apps to gain ‘root access,’ and once a malware gets this access, it has the rights to do almost anything on your device, without your knowledge. That doesn’t mean you shouldn’t root your phones. Just be careful while you grant Superuser privileges, and don’t grant these permissions to non-trusted software downloaded from non-trusted sources. Though we recommend not to download such softwares, but even if you do, don’t grant them Superuser permissions.

5. Install An Anti-Malware Program

Though these apps aren’t enough for keeping the malwares away, they do help to some extent. There are a plenty of such applications out there, most of them free. The best rated ones include Lookout, AVG, or Avast. Mostly, they check installed apps, and watch out for malicious codes.

Read more »