Our selected infosec articles July 2018 include an Android malware that targets Israeli soldiers through fake Facebook profiles, an updated Trojan that can infect via a cryptor or a miner, a money laundering ring that uses fake Apple accounts and gaming profiles to make transactions with stolen credit/debit cards, and more.

For more articles, check out our #onpatrol4malware blog.

infosec articles July

Infrastructure and Samples of Hamas’ Android Malware Targeting Israeli Soldiers

Source: ClearSky CyberSecurity

The Israeli Defense Forces (IDF) have uncovered a campaign they attribute to Hamas, in which fake Facebook were used to lure soldiers to install Android Malware. Read more.

infosec articles July

To crypt, or to mine- that is the question

Source: Kaspersky Lab Secure List

Criminals have added mining capability to the Trojan-Ransom.Win32.Rakhni family. In this article, we describe a downloader that decides how to infect the victim: with a cryptor or with a miner. Read more.

infosec articles July

Everybody and Their Mother is Blocking Ads, So Why Aren’t You?

Source: Malwarebytes

Ad blocking provides a vital security layer that not only severs a potential vector for online malvertising attacks, but also blocks privacy-invading tracking plugins from collecting and harvesting your personal information. Read more.


infosec articles July

Persistent Malicious Redirect Variants

Source: Sucuri

Learn about php.spam-seo.injector.153, a family of malicious injectors and redirects that have been maintained, modified, and improved over time to ensure they serve their purpose and avoid detection. Read more.

infosec articles July

Open Mongo DB Database Exposes Mobile Games Money Laundering Operation

Source: Bleeping Computer

 A money laundering ring is using fake Apple accounts and gaming profiles to make transactions with stolen credit/debit cards and then sells these game premiums on online sites. Read more.