Recently, a new form of phishing scam has been discovered. It uses the recipient’s real password to make the victims mistakenly believe that their online data has been attacked by hackers. It is claimed that the victims have to meet the request of the attackers, otherwise the video regarding victims visiting porn sites would be exposed. A few weeks ago, Vade Secure released a report,...
Read More
Recently, 360 Security Center discovered that attackers injected the CryptoMining script into the Chinese official website of the well-known provider of Internet streaming media, RealNetworks. When users open the official website of RealNetworks, it would cause high CPU usage, the processor would get hot, and the computer would be much slower. RealVideo and RealPlayer created by RealNetworks have been widely spread, so the number of...
Read More
Context Exobot Actor (nicknamed “android”) started a new Android bot rental service named Exobot v1 in June 2016. The malware in use was built to be able to target many banks with so called overlay attacks (also known as injects). SfyLabs’ team analyzed and researched Exobot v1, which is covered in detail in our blog. After a year of successful campaign of Exobot v1, in May...
Read More
Recently, 360 Security Center discovered a malicious hijacking campaign against MikroTik routers, mainly using the zero-day vulnerability in the MikroTik router in April. It infected the routers using code that loads the browser-based crytpomining software by Coinhive. Hence, when users try to access the Internet through the MikroTik proxy, they will encounter HTTP error since Coinhive’s Javascript has been injected into web pages that users...
Read More
According to Taiwan media reports, on the evening of 3rd August, the largest iPhone chip supplier, Taiwan Semiconductor Manufacturing Co.(TSMC), was infected by WannaCry ransomware, and the production line was completely shut down. It is rumored that TSMC was attacked by hackers, but TSMC officially confirmed the incident that some production equipment was infected by WannaCry ransomware. The company has controlled the scope of the...
Read More
