➀ Scammers in Switzerland are using fake letters with QR codes to trick people into downloading a fraudulent 'Severe Weather Warning App'; ➁ The app mimics the official Alertswiss app and contains the Copper trojan malware; ➂ Swiss authorities are investigating the extent of the scam.
Recent #Malware news in the semiconductor industry
1. Microsoft approved a fake ad blocker that injected kernel-level malware. 2. The malware, HotPages, was marketed to internet cafes in China as DWAdsafe. 3. The issue raises concerns about Microsoft's code-checking process.
1. Fujitsu confirms malware infection without ransomware behavior; 2. Potential data leakage involving personal and customer-related information; 3. Implemented measures include isolating and initializing affected PCs, blocking connections to the source server, enhancing security monitoring rules, and updating virus detection software.
➀ Phishing attacks are on the rise, with over 800,000 victims in the first quarter of 2024;
➁ Astaroth malware bypasses 2FA restrictions to gain access to Gmail, Outlook, or Yahoo accounts;
➂ The malware intercepts requests, captures session cookies, and uses reverse proxy techniques to steal credentials.
➀ Security researchers at Check Point warn of a Google Calendar security threat affecting over 500 million users; ➁ Cybercriminals are exploiting user-friendly features to trick victims into clicking malicious links; ➂ The attack is evolving to align with Google Drawings capabilities.
➀ FakeCall malware has been discovered again with new advancements; ➁ It takes over Android's default call handler; ➂ Uses Android's accessibility services for control and features like recording and location access; ➃ Users are advised to be vigilant and use official app stores.
1. Researchers at Cado Security have identified a new malware named 'Cthulhu Stealer' targeting macOS users, disguising as legitimate software like CleanMyMac and Grand Theft Auto IV. 2. The malware, similar to Atomic Stealer, attempts to steal passwords, credentials, cryptocurrency wallets, and game account data. 3. Users are advised to download software only from the Apple App Store or official vendor websites to avoid potential malware threats.
❶ A secret network of 3,000 'ghost' accounts on GitHub has been discovered spreading malware and phishing links. ❷ The operation, named Stargazer Goblin, has been active since June 2023, using GitHub's community tools to boost malicious code visibility. ❸ The network sells services like repository stars and trusted accounts, potentially earning up to $100,000 since August 2022.