Month: May 2020

Crooks who hacked online shops in several countries are offering for sale more than two dozen SQL databases.

The crooks demand that victims pay BTC 0.06 (about $550) within 10 days, or they leak the database content.

The crooks hack into insecure servers that are reachable over the public web, copy the databases, and leave a note asking for a ransom in return for the stolen data.

The databases contain over 1.5 million rows. Exposed records include email addresses, names, hashed passwords , mailing addresses, gender, and dates of birth.

Read more about it here.

Samsung is patching this month a critical security issue affecting all its Android smartphones sold since 2014, beginning with Android 4.4.4 KitKat. A “zero-click” vulnerability, this newly discovered flaw could let a hacker wreak havoc on someone’s phone by simply sending a specific type of image, exploiting the device without any user action.

The vulnerability was discovered by Mateusz Jurczyk, a security researcher with Google’s Project Zero bug-hunting team, who discovered a way to exploit how Skia (the Android graphics library) handles Qmage image files (.qmg) sent to a device.

Jurczyk said the attack usually needs between 50 and 300 MMS messages to probe and bypass Android’s ASLR (Address Space Layout Randomization), which usually takes around 100 minutes, on average.

This flaw was patched in Samsung’s May 2020 Security Update for Android, so if you own a Samsung device from 2014 or later, make sure to install the update when you get it.

Read more about it here.

Microsoft warns of a spike in malware spreading via pirate streaming services and movie piracy sites during the COVID-19 pandemic.

Cybercriminals are attempting to take advantage of the COVID-19 pandemic, spreading malware via pirate streaming services and movie piracy sites during the COVID-19 outbreak, Microsoft warns.

With lockdown still in place in many parts of the world, attackers are paying attention to the increase in use of pirate streaming services and torrent downloads. We saw an active coin miner campaign that inserts a malicious VBScript into ZIP files posing as movie downloads.

— Microsoft Security Intelligence (@MsftSecIntel) April 28, 2020

“We saw an active coin miner campaign that inserts a malicious VBScript into ZIP files posing as movie downloads,” the company’s security intelligence team says in a tweet.

“The campaign, primarily observed in Spain but has also shown up in some South American countries, aims to launch a coin-mining shellcode directly in memory. We’re seeing the campaign affecting a wide range of customers, from home users to enterprises.”

The movies concerned include John Wick: Chapter 3 – Parabellum, along with Spanish-language titles including Punales Por La Espalda, La Hija de un Ladrón and Lo Dejo Cuando Quiera – as well as Contagio, the Spanish-dubbed version of Contagion.

Read more about it here.