Our selected infosec articles July 2018 include an Android malware that targets Israeli soldiers through fake Facebook profiles, an updated Trojan that can infect via a cryptor or a miner, a money laundering ring that uses fake Apple accounts and gaming profiles to make transactions with stolen credit/debit cards, and more.
For more articles, check out our #onpatrol4malware blog.
Infrastructure and Samples of Hamas’ Android Malware Targeting Israeli Soldiers
Source: ClearSky CyberSecurity
The Israeli Defense Forces (IDF) have uncovered a campaign they attribute to Hamas, in which fake Facebook were used to lure soldiers to install Android Malware. Read more.
To crypt, or to mine- that is the question
Source: Kaspersky Lab Secure List
Criminals have added mining capability to the Trojan-Ransom.Win32.Rakhni family. In this article, we describe a downloader that decides how to infect the victim: with a cryptor or with a miner. Read more.
Everybody and Their Mother is Blocking Ads, So Why Aren’t You?
Source: Malwarebytes
Ad blocking provides a vital security layer that not only severs a potential vector for online malvertising attacks, but also blocks privacy-invading tracking plugins from collecting and harvesting your personal information. Read more.
Persistent Malicious Redirect Variants
Source: Sucuri
Learn about php.spam-seo.injector.153, a family of malicious injectors and redirects that have been maintained, modified, and improved over time to ensure they serve their purpose and avoid detection. Read more.
Source: Bleeping Computer
A money laundering ring is using fake Apple accounts and gaming profiles to make transactions with stolen credit/debit cards and then sells these game premiums on online sites. Read more.