Skygofree: a Not-So-New Malware that Infects Android Devices

Skygofree apparently has been around for a while but was a minor problem until recently. Now it is infecting more and more Android cell phones and tablet computers. The malware (malevolent software) has the ability to grab call records, text messages, geolocation, surrounding audio, calendar events, and other memory information stored on the device.

After manual launch, it shows a fake welcome notification to the user:

Dear Customer, we’re updating your configuration and it will be ready as soon as possible.

Then it steals your information and sends it to a server in an overseas location.

You can read the details in the SecureList web site at: https://securelist.com/skygofree-following-in-the-footsteps-of-hackingteam/83603/

Nokia Security Report for 2017

Are you concerned about malware (malevolent software), such as viruses, keyloggers, and trojan horse programs? If so, you might want to read a new report from Nokia.

The Nokia Threat Intelligence Report examines malware infections found in mobile and fixed networks worldwide. It provides analysis of data gathered from more than 100 million devices by the Nokia NetGuard Endpoint Security solution. The new report details key security incidents and trends from the first three quarters of 2017. Amongst the findings:

  • Devices using the Android operating system were the most likely to be infected this year, according to Nokia research.
  • Android was the #1 target for Malware, about 1% of all Android devices will be infected, an increase from 2016. This means 0.94% of all Android devices were infected, slightly above Google’s 2016 Q4 estimate of 0.71%.
  • Out of all infected devices, 68.50% were Androids, 27.96% ran on Windows, and 3.54% used iOS.

Continue reading

Mac OSX Trojan Malware Spread Via Compromised Software Downloads

Macintosh owners used to feel smug that “Macs never get viruses.” Then a few viruses appeared but did not spread the way Windows viruses normally spread so Mac owners still were able to say, “Macs rarely get viruses.” However, any Mac owner who isn’t careful bout files being downloaded my find himself or herself on the receiving end of a virus.

Details may be found in an article by Danny Palmer in the ZDNet web site at: http://zd.net/2yDSALw.

Luckily, these new viruses are easy to avoid by using a bit of common sense. Mac owners can still rest assured by saying, “Macs rarely get viruses as long as you don’t download files from questionable sources.”

Necurs Ransomware-Spreading Botnet Will Now Screengrab Your Desktop Too

The Necurs botnet has recently undergone a resurgence, distributing millions of malicious emails – large swathes of which have most recently been spreading Locky ransomware. It’s also been known to deliver the Trickbot banking trojan, indicating the attackers behind it have their fingers in many pies. But not happy with just that, wow those behind Necurs – a zombie army of over five million hacked devices – are also attaching a downloader with the functionality to gather telemetery from infected victims.

Uncovered by researchers at Symantec, the Necurs downloader can take screengrabs of infected machines and send them back to a remote server. It also contains an error-reporting feature which sends information back to the attackers on any issues the downloader encounters when performing its activities.

Continue reading

Alabama County Succumbs to Bitcoin Ransomware Demands

A lack of preparedness cost one county in Alabama $37,000. Ransomware attacks are easily neutralized if a data center’s staff is properly prepared in advance.

One of the largest counties in Alabama was the victim this time, and the security breach and subsequent encrypting of sensitive information cost the local government a not-inconsequential $37,000.

Hannah Hawk, a spokesperson for Montgomery County said that the attack “locked up” the county’s data using encryption methods. This prevented the necessary departments from accessing various pieces of sensitive information. Data ranged from vehicle tags to business and marriage licenses.

Continue reading

Petya Author Releases Master Decryption Key for All Versions of the Ransomware

From an article by Mark Wyciślik-Wilson in the BetaNews web site:

“The Petya ransomware — and several variants — wreaked havoc with data around the world, but now the author of the original malware has released the master decryption key.

“Janus Cybercrime Solutions has provided a key that work with all “official” variants of Petya (meaning NotPetya is not included). The key was released to — of all places — Mega, and its authenticity has been verified. While Petya has already been cracked, the key offers the fastest and most reliable decryption method yet.”

The brief, but full, article may be found at: https://betanews.com/2017/07/07/petya-universal-decryptor/.