InnfiRAT Targets Personal Data, Cryptocurrency Wallets

A newly discovered remote access Trojan can steal various types of data from the infected machines, including personal data and cryptocurrency wallet information, Zscaler security researchers warn. Dubbed InnfiRAT and written in .NET, the malware can not only gather sensitive information from the compromised machines, but was also designed to download additional payloads onto them. When run, the malware first checks whether it is executed from %AppData% with the name…

September 16, 2019
Read More >>

UK Teen Arrested in US-Led Music Hacking Probe

British police said Friday they had arrested a 19-year-old man for stealing unreleased songs from musicians’ websites and cloud-based accounts, as part of a US-led investigation. The teenager, who was arrested in Ipswich in eastern England, is also suspected of selling the stolen music in exchange for cryptocurrency, according to a statement from the City of London Police intellectual property crime unit. A raid was also carried out on a…

September 16, 2019
Read More >>

Are Cash Transfer Apps Safe to Use? Here’s What Your Family Needs to Know

I can’t recall the last time I gave my teenage daughter cash for anything. If she needs money for gas, I Venmo it. A Taco Bell study break with the roommates? No problem. With one click, I transfer money from my Venmo account to hers. She uses a Venmo credit card to make her purchase. […]

The post Are Cash Transfer Apps Safe to Use? Here’s What Your Family Needs to Know appeared first on McAfee Blogs.

September 14, 2019
Read More >>

Shape Security Raises $51 Million at $1 Billion Valuation

Shape Security has raised a further $51 million in Series F growth funding, valuing the company at $1 billion. The total capital raised to date is now $183 million The latest funding was led by C5 Capital and included returning investors Kleiner Perkins, HPE Growth, Norwest Ventures Partners, Focus Ventures, JetBlue Technology Ventures, Top Tier Capital Partners, and EPIC Ventures. Shape uses its AI-powered systems for fraud detection to distinguish between…

September 13, 2019
Read More >>

WiryJMPer Dropper Employs Heavy Obfuscation to Deliver Netwire

A recently discovered malware dropper employs heavy obfuscation and poses as a virtual coin wallet, in an attempt to deliver a Netwire payload, Avast’s security researchers reveal. Dubbed WiryJMPer, the dropper appears as a regular WinBin2Iso binary (an app to convert CD/DVD/Blu-ray images to ISO), but has a file size three times as big as it should, due to a suspiciously large .rsrc section. Its JMP instruction, normally meant to…

September 13, 2019
Read More >>

Ukrainian Man Pleads Guilty to Hacking, Wire Fraud Charges

A member of a sophisticated international hacking group that authorities say targeted businesses in 47 states to steal credit and debit card records pleaded guilty to hacking and wire fraud charges in Seattle. Fedir Hladyr, a 34-year-old Ukrainian, also agreed to pay $2.5 million in restitution as part of his plea Wednesday in U.S. District Court. He could face up to 25 years in prison. Defense lawyer Arkady Bukh said…

September 13, 2019
Read More >>

WatchBog Crypto-Mining Botnet Relies on Pastebin for C&C

The WatchBog cryptocurrency-mining botnet is heavily reliant on the Pastebin website for command and control (C&C) operations, Cisco Talos’ security researchers reveal. Active since last year, the botnet is focused on leveraging Linux-based systems to mine for the Monero virtual currency. In July, however, the malware was observed incorporating code to also scan for the BlueKeep Windows vulnerability. The botnet mainly targets known vulnerabilities, such as Jenkins’ CVE-2018-1000861, Jira’s CVE-2019-11581,…

September 12, 2019
Read More >>