Category Archives: Cyber Attacks


STRRAT Malware Is At It Again

A recent post from the Microsoft Security Intelligence revealed that STRRAT Malware is at it again with a new version release. The STRRAT malware is an odd duck to say the least. This STRRAT Malware is a Java-based RAT that poses as ransomware. It changes the file names on the infected devices by appending the “.crimson” extension without actually encrypting the files.

About STRRAT

The STRRAT Malware is actively distributing itself through a phishing campaign which includes a malicious attachment. Downloading this attachment will allow the malware to connect with the server to download the payload onto your computer. Once the payload is injected onto the computer the malware will start stealing data like passwords and installs keylogging software. It will also run remote commands and PowerShell, and executes other activities though it’s backdoor access. On top of it all the malware will also start renaming files and making them … Read the rest


New Android Malware Spreading Through WhatsAPP

New Malware has been discovered being pushed through WhatsApp messages and once infected it will push to other contacts in order to expand what appears to be an adware campaign.

ESET researcher Lukas Stefanko said “This malware spreads via victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app” .

The malware will introduce itself as a Huawei Mobile app, upon clicking the link it will redirect users to a lookalike Google Play Store and luring you to install the malware app. You will be prompted to grant it notification access, which is then abused to carry out the malware attack.

Please be vigilant and always consider that the messages people send you with links may lead you to malware, especially if it something random and out of character from one of your contacts. 

Read the rest

COVID-19 Vaccine Email Scams

Online scammers have found another avenue to lure their desperate victims. These scams are being sent through emails stating that you can purchase a vaccine for around $150 and the COVID-19 Vaccines can be delivered within a few days.

Doing searches in dark web forums and on messaging app Telegram found seven different offers for alleged COVID-19 vaccines.

These Scams include emails stating that your VIP and on the sort list for early vaccine access. Robocalls presenting themselves as government agencies selling COVID-19 vaccines and text messages being sent to your cell phones requesting payment for vaccines.

There also has been a number of new website domains registered with variants of the words COVID-19 and Vaccine since October there have been around 2,500 domains registered which mostly will be used for online fraud.

Please disregard those scams and if you cannot tell the difference it should be time to put … Read the rest


Microsoft.com is being Spoofed to Phish Office 365 Users

As the title said, the microsoft.com domain is being spoofed to phish office 365 users. This is quite alarming for one, why is Microsoft allowing its domain to be spoofed is beyond me. They can easily fix this with proper SPF, DKIM, and DMARC records within their DNS.

In a recent report posted online by Lomy Ovadia, Ironscales vice president of research and development said that many industries are being targeted and lots of damage is being done. 

The email phishing attack is so realistic looking that victims fall for the scam. It sure doesn’t help that the domain Microsoft.com is being spoofed. 

The email is also composed in a way that will lure you into making a bad decision.

“Specifically, the fraudulent message is composed of urgent and somewhat fear-inducing language intended to convince users to click on what is a malicious link without hesitation,” Ovadia wrote. “As inferred

Read the rest

Phishing for Microsoft Teams Credentials

Phishing continues to be a pain in everyone’s rear end. This particular Phishing scam aims to rob you from your Microsoft Teams Credentials. 

Since Microsoft Teams has become a favorable communication tool throughout the world of course hackers are now aiming to phish you into giving them your login information.

Abnormal Security said “Because Microsoft Teams is an instant messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification.”

What to look for

  1. The attack impersonates an automated message from what you think would be from Microsoft Teams.

  2. The from field would state “Theres new activity in teams”. 
  3. The message from the teammate would craft a message with a sense of urgency.
  4. The email will have clickable URL’s and Buttons that direct you to a fake Office365
Read the rest

Zeus Sphinx Banking Trojan Ramps Up During COVID19

The Zeus and Sphinx Banking Trojan is showing off its ugly face more often now during COVID19, lurking and targeting desperate users looking for information about COVID19.

According to researchers Amir Gandler and Limor Kessem at IBM X-Force, the researchers observed a significant increase in volume in March 2020, of the Zeus and Sphinx’s malware. It was clear that the operators looked to take advantages around government relief payments to COVID19 affected people and companies.

Zeus and Sphinx Banking Trojan

In March 2020 these phishing and malspam campaigns emails tell targets that they need to fill out an attached form to receive coronavirus relief from the government. These new Zeus and Sphinx Banking Trojan variant is spreading via coronavirus-themed email sent to victims in the U.S., Canada and Australia, housed in malicious attachments named “COVID 19 relief,” according to an X-Force blog posting on Monday.

Stay vigilant and review these Email Security Tips you can … Read the rest


Help your users spot Covid-19 phishing emails

As the Covid-19 pandemic rises scammers are now using the fear of the public to capitalize by using a method of email phishing to steal money and data.

World Health Organisation Advice

 There has been a growing confusion around the next steps to take, scammers can slip through the cracks. Health advice emails, advising people to sign up to doctor and fake links to “safety tips”.

Some emails are even claiming to have found a cure for the virus! As of yet, (13th March 2020) there is no vaccine so these emails should be deleted immediately.

To verify that an email is legitimate contact the World Health Organisation directly, and flag the phishing email as fraud if it is so to help others avoid making the mistake of giving these scammers their details.

The World Health Organisation has recommended to check the original email address to make sure it … Read the rest


Your NETFLIX Membership Has Expired Phishing Email

Did you know that your Netflix Membership has expired on Dec 31st 2019? Hackers are using these types of Phishing emails to try and gain access to your account to obtain private information and maybe watch some NETFLIX on your dime.

Some common tip-offs that an email is phony are typos, grammatical mistakes, awkward language, missing words, extra spaces, and other signs that the email was written unprofessionally. Such emails might also ask you to look at an attachment or click a link and then give your personal information on a Web page or in a form. Or the sender’s email address might look suspicious. If you hover over the links you can even see that it would not direct you to legit URL. Here Are A Few Email TIPS 

Read the rest

Hackers Use Fake Windows Update Emails to Inject Cyborg Ransomware

Hackers are using a Fake Windows Update email to inject cyborg ransomware. The email campaign has been found during the latest Windows 10 November 2019 update that was release. Users are getting fake emails regarding this update Windows update and it states that you should download the update attached. This attachment is not a Windows 10 update, it actually installs “Cyborg Ransomware” in your PC.

 

How it Happens

Users will first receive an email regarding urging them to download the updates like “Critical Microsoft Windows Update!” or “Install Latest Microsoft Windows Update Now”. With this fake email will contain an attachment which has a “.jpeg” file which is not a picture; it’s an executable file.

Once you run this file it will download another executable file called bitcoingenerator.exe, which is programmed to deliver malware in your system. This file contains the Cyborg … Read the rest


Webcam Blackmail or Sextortion Emails

It’s unbelievable how frequent people fall for the Webcam Blackmail or Sextortion emails. I have received a few and it’s quite hilarious and also rude on how they go about writing these emails. I’ll show you how fake Webcam Blackmail or Sextortion emails are. But first did you know hundreds of Millions of similar emails have been sent over and over all these years, but there seems to have been a flood of them over the past few months because more people and companies are succumbing to Data Breaches.

 

Do I Have To Be Worried?

These Scammers understand that we are all human and do human acts, simple as that. However because of these Data Breaches these hackers can obtain your email address and a password that you have used recently or in the past and this can make these Webcam Blackmail or Sextortion emails  very believable for people and … Read the rest