Tag Archives: Malware

Panda Security

The Internet collapses, brings the world to a halt for a few hours

 

young man with glasses sitting in front of his computer, programming. the code he is working on (CSS) can be seen through the screen.

A massive cyber-attack against US DNS service provider Dyn knocked out major websites across the Internet last Friday. The attack shut down several websites, including Netflix, Twitter, Amazon and The New York Times. The Internet service was disrupted for almost 11 hours, affecting more than one billion customers around the world.

Cyber crooks are always looking for ways to exploit the latest, most innovative technologies to carry out attacks like those we saw just a few hours ago. Are we in the Age of Internet Attacks? The latest PandaLabs Quarterly Report already warned of the huge number of large-scale distributed denial-of-service (DDoS) attacks that have been occurring over the last few months, and the way many of them are exploiting botnets made up of not only computers but also smart devices like IP cameras.

The recent DDoS attacks reflect the new approach taken by Black Hat hackers when it comes to launching new, more devastating campaigns that combine everyday devices and malware to form highly dangerous armies ready to launch DDoS attacks.

Probing Internet defenses

Just one month ago, security guru Bruce Schneier, published an article with the most revealing title: ‘Someone Is Learning How to Take Down the Internet.’

The recent examples of denial-of-service attacks flood servers with useless traffic that overburdens Internet bandwidth and prevents legitimate users from accessing targeted sites. Attacked servers become saturated with the huge number of requests.

The article explained that the best way to take down the Internet is through a DDoS attack like the one suffered by Dyn, and how some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks, in what seems to be an strategy to gather information and see how well these companies can defend themselves.

A few weeks ago, the website of Brian Krebs, a US journalist specialized in computer security issues, was taken offline as he fell victim to the largest DDoS attack to date. He was only able to go back online after Google came to the rescue.

This attack adds to the list of those suffered by a number of tech giants over the last few months, such as the hack of 500 million Yahoo accounts back in September, or the theft of 60 million  Dropbox user IDs and 100 million LinkedIn passwords.

It is precisely the success of the Internet, with billions of connected devices worldwide, that makes it so appealing to criminals willing to exploit its vulnerabilities. Many of these devices lack basic security measures, making them easy prey for hackers and, in this context, any organization, media company or social networking service can become the victim of the next attack.

 

The post The Internet collapses, brings the world to a halt for a few hours appeared first on Panda Security Mediacenter.

Hackers News

New Drammer Android Hack lets Apps take Full control (root) of your Phone

Earlier last year, security researchers from Google’s Project Zero outlined a way to hijack the computers running Linux by abusing a design flaw in the memory and gaining higher kernel privileges on the system.

Now, the same previously found designing weakness has been exploited to gain unfettered “root” access to millions of Android smartphones, allowing potentially anyone to take control of

Panda Security

Point of Sale attacks through Terminal Server

img-tpvs

Some months ago we published a technical analysis of Multigrain, a Point of Sale Trojan that uses DNS petitions in order to exfiltrate stolen information. We also wrote about one case where this PoS malware was used to infect hundreds of restaurants in the United States.

At the end of September we have seen again activity, with new attacks infecting PoS with new Multigrain variants. However, unlike this previous attack that was targeting the same kind of victims in a region (restaurants in the US) now it looks like cybercriminals are trying to find new fields where they can maximize their profit. We have seen 2 waves of attacks which victims were companies from a number of countries:

  • Argentina
  • Belgium
  • Brazil
  • Chile
  • France
  • Germany
  • India
  • Ireland
  • Norway
  • Spain
  • Sweden
  • Thailand
  • UK
  • USA

They were from different industries, including the typical restaurants and hotels, but also others not that common in these attacks: Telecommunications, Business IT Services, Engineering, Cargo Insurance, Medical Services, Logistics, Accountants, Medical Services, Unions, Engineering and Industrial Machinery Suppliers.

Why the disparity in victim profiles? It looks like the attackers were not looking for these specific industries. All attacks have been perpetrated through Terminal Server, similar to what we have seen in other cases, using brute-force attacks until they can break into the computers and infect them with Multigrain. These are automated attacks, where cybercriminals start scanning the Internet looking for potential victims, and once located they launch the attack until they gain access.

Tips to prevent attacks in companies

In order to minimize the risk, companies must remember that these services, when possible, are better out of the Internet. In case there is a need for them to be in the open, be sure to use strong credentials (with a strong enough password you can basically avoid brute-force attacks), to use 2FA when possible, use non-standard ports and of course monitor all incoming connections from the outside.

 

The post Point of Sale attacks through Terminal Server appeared first on Panda Security Mediacenter.

Panda Security

Cybercrime Reaches New Heights in the Third Quarter

pandalabs-q3-header

Cybercrime isn’t slowing down anytime soon. This quarter, cybercriminals were increasingly more ingenious, using innovative technologies and new tools to spread their wares. According to the PandaLabs report, 18 million new malware samples were captured in this quarter alone, an average of 200,000 each day.

The wave of sophisticated attacks used this quarter confirm that Ransomware attacks and the theft of data (that is sold on the black market) are the most-used tactics this quarter. We also witnessed increasing DDoS attacks, interference with the Internet of Things (such as connect cars), along with a new kind of ransomware attacks that are focused on iOs-based mobile devices.

Ransomware and the Evolution of Cybercrime

According to the National Crime Agency of the United Kingdom, cybercrime currently makes up more than 50% of the crimes committed in the UK.

graphs_hacker

In addition to the traditional infection techniques via exploits and spam, there are some other extremely effective techniques, specifically directed at businesses. We saw this in September when a group of attackers successfully installed the Crysis ransomware on a French company’s server.

graphs_imgtexto-videojuegos

Cybercriminals struck gold when they started compromising game sites. Millions of people have been victims of these kinds of attacks including users of the pornographic website Brazzers, who suffered a security breach where 800,000 users’ data was stolen.

graphs_imgtexto-tpv

 

PunkeyPOS and PosCardStealer have become the biggest nightmare for Point of Sale terminals in establishments, mainly in the United States, and compromised client credit and debit card data.

graphs_imgtexto-banco

In August, SWIFT released a statement that revealed that many attacks similar to the Bangladesh one are taking place. They did not include exact amount stolen and number of attacked banks in their statement. What is mentioned, however, is that these financial entities did not have adequate security measures in place.

graphs_imgtexto-troyano

Lately, the ransomware attacks on iPhones and iPads are increasing. But in contrast to their Windows counterparts, the cybercriminals do not use malware for these attacks. Instead, they use the victim’s AppleID and password (usually obtained through phishing) to ask for a reward from the “Find my IPhone” application.

If you would like to learn more about the biggest data thefts in history (like the recent attacks on Yahoo and Dropbox), stay updated about the latest DDos attacks, learn more about the hackable IoT devices, or stay informed about the cyberwar evolution, please download our quarterly PandaLabs report.

 

Download PandaLabs Report Q3:

International Edition
flag_of_russia-svg Russian Edition

 

The post Cybercrime Reaches New Heights in the Third Quarter appeared first on Panda Security Mediacenter.

Hackers News

Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card

While some payment card companies like Mastercard have switched to selfies as an alternative to passwords when verifying IDs for online payments, hackers have already started taking advantage of this new security verification methods.

Researchers have discovered a new Android banking Trojan that masquerades primarily as a video plugin, like Adobe Flash Player, pornographic app, or video codec

Panda Security

They can remotely access and control my computer?

trojans panda security

We are always talking about ransomware and the importance of keeping your corporate network protected, and we want to warn our readers about the popular Trojan attacks that are going after small and medium sized businesses. But how do you know when it’s a Trojan? How can you secure yourself against Trojans?

5 Things You Should Know

  1. They are malicious software programs designed to rob information or take control of the computer. These attacks target businesses that manage top-secret information.
  2. Trojans are the most popular type of malware and have been for years. Running closely behind them is Ransomware.
  3. Trojans seem harmless but as soon as they are executed they will damage systems and steal information.
  4. Most of them create backdoors and give unauthorized users remote access and control over your system…but they go unnoticed!
  5. Trojan horse: The professional trickster. It disguises itself as something its not.

trojans infographicTrojans: Topping the Charts

Trojans make up the majority of the 227,000 malware samples that are detected daily by PandaLabs. Month after month, they continue to be in first place as the most created malware.

Increasing since the second quarter of 2016, Trojans currently make up 66.81% of the new malware samples created this quarter. Viruses make up 15.98% (Worms 11.01%, PUPs 4.22% and Adware/Spyware at 1.98%).

What do their creators want to achieve?

  • Steal personal and corporate information: bank information, passwords, security codes, etc.
  • Take photos with webcams, if there are any!
  • Erase the hard-drive.
  • Capture incoming and outgoing text messages.
  • Seize the call registry.
  • Access (consult, eliminate and modify) the address book.
  • Make calls and send SMS messages.
  • Use the GPS to figure out the geographic location of the device.

How can we protect ourselves from Trojans?

 Avoid downloading content from unfamiliar websites or sites with dubious reputations.

– Monitor downloads from p2p applications.

– Keep your advanced security solution updated. Install one of the Panda Solutions for Companies that best adapts to you and protect yourself from these dangers.

– Analyze your computer for free and make sure it’s Trojan free.

The post They can remotely access and control my computer? appeared first on Panda Security Mediacenter.

Hackers News

Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software

Over the past few years, Internet users globally have grown increasingly aware of online privacy and security issues due to mass monitoring and surveillance by government agencies, making them adopt encryption software and services.

But it turns out that hackers are taking advantage of this opportunity by creating and distributing fake versions of encryption tools in order to infect as many