Cyber Bites

The banking trojan has upgraded and is seeing a resurgence on the back of coronavirus stimulus payment themes. The Zeus Sphinx banking trojan has seen a recent resurgence in the United States, sporting some modifications and using COVID-19 spam as a lure. Sphinx re-emerged in December but saw a big spike in March via the use of coronavirus themes. Since April, it has been seen attacking U.S. targets with a few changed processes. The main...

Over the past year, the Astaroth infostealer trojan has evolved into one of today's stealthiest malware strains, containing a slew of anti-analysis and anti-sandbox checks to prevent security researchers from detecting and analyzing its operations. Luckily, all these innovations are only used to target and infect users in one country alone -- namely Brazil. The malware has historically targeted Brazilian users ever since it was first spotted in the wild in September 2018. IBM researchers...

Almost four million users of a popular Android dating app have had their personal and log-in data stolen by hackers, according to Risk Based Security. The security vendor said it found the data on a prominent hacking forum — now free for anyone to access, although it had been previously up for sale. It’s associated with nearly 3.7 million users of MobiFriends, a Barcelona-based dating app. The information was originally posted to the forum in...

The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim's files, even those that are opened and locked by another process. Some applications, such as database or mail servers, will lock files that they have open so that other programs cannot modify them. These file locks prevent the data from being corrupted by two processes writing to a file at the same time. When a file is...

IT services provider Cognizant is expecting to lose between US$50 to US$70 million in the aftermath of a recent ransomware attack. The US-based company revealed on 18 April it had been hit by a "Maze" ransomware cyber attack, resulting in service disruptions for some of its clients. Although Cognizant claimed it responded “immediately” to the attack, it expects its upcoming second quarterly results to be negatively impacted by both the downtime and temporary suspension of...

Hackers behind a series of targeted financial attacks have been updating their malware to better evade detection over the last year, according to new Prevailion research slated to be published Wednesday. Since at least February 2019, the hackers, who have begun impersonating CEOs and banks in their lure documents, have introduced at least seven updates to the malicious software known as EVILNUM, which enables attackers to upload and download files, harvest tracking cookies, and run...

Microsoft and Intel have recently collaborated on a new research project that explored a new approach to detecting and classifying malware. Called STAMINA (STAtic Malware-as-Image Network Analysis), the project relies on a new technique that converts malware samples into grayscale images and then scans the image for textural and structural patterns specific to malware samples. The Intel-Microsoft research team said the entire process followed a few simple steps. The first consisted of taking an input...

A security researcher has developed an leftfield technique for extracting data from air-gapped systems that relies on hacking power supplies. The Mission Impossible-style approach, dubbed ‘POWER-SUPPLaY’, relies on creating an acoustic covert channel by turning a PC’s power supplies into speakers. The technique, developed by Israeli security researcher Dr Mordechai Guri, is capable of working on secure air-gapped PCs, even in cases where the owners have taken the extra precaution of disabling audio hardware and...

A major Facebook bug caused a large number of iOS applications to crash on Wednesday for more than three hours, according to reports on GitHub and social media. The bug impacted some of the biggest iOS apps today, including the likes of TikTok, Spotify, Tinder, Venmo, GrubHub, Doordash, Soundcloud, and Pinterest, just to name a few. According to technical analysis of crash logs posted online, the issue was tracked down to the Facebook software developer...

Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users. Unacademy is one of India's largest online learning platforms boasting 14K teachers, over a million video lessons, and over 20 million registered users (learners). After recently raising $110 million in funding from General Atlantic, Sequoia and Facebook, Unacademy has a valuation of over $500 million. Source:...