Labs report: summer ushers in unprecedented season of breaches

In this edition of the Malwarebytes Cybercrime Tactics and Techniques report, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. We also observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams. Categories: Malwarebytes news Tags: 3rd quarterandroid malwareastrumbreachcerbercybercrimecybercrime tactics and techniquesemotetEquifaxexploit kitfrancophonefruitflyglobeimposterLockymac malwaremalicious spammalspamMalwarebytesmalwarebytes labsnational health serviceNHSoceanlotusq3 2017reportRIGsmartscreensonictech support scamstrickbottrojan.clicker.hyjwhole foods (Read more...) The post Labs report: summer ushers in unprecedented season of breaches appeared first on Malwarebytes Labs.
Read more

Fast-Food Chain Sonic Investigates Potentially Large Credit Card Breach

Sonic Drive-In, a fast-food chain with more than 3,500 restaurants across 45 U.S. states, is reportedly investigating a potential security breach on its payment systems that might have exposed millions of credit card. The company was informed about unusual activity on credit cards used at its locations by its payment processor. The scope of the..
Read more

Android malware on the rise

Recently, a friend of mine encountered an interesting phishing attempt:Don't often see this delivery method #phising #mobile #malware #apk pic.twitter.com/HgqtCUAox6— Cristian Iankovszky (@cizky) January 31, 2017The message reads:DHL has attempted to deliver the parcel no.: 1993747, but nobody was available. Please arrange re-delivery using our mobile app: http://dhl-trackingonline/app.apkIn this blog post, we'll analyse the malware in question (Marcher, banking trojan) and provide disinfection and prevention advice. Click on any of the relevant links below according to your needs:AnalysisDisinfectionPreventionConclusionResourcesAnalysisWhen you visit the link, a file called app.apk gets downloaded with the following characteristics:MD580c797acf9bdbe225e877520275e15f5SHA1f255de54ffbff87067cfa7bc30d6d87a00aded8fSHA256fcd18a2b174a9ef22cd74bb3b727a11b4c072fcef316aefbb989267d21d8bf7dPackage nameijrtc.jwieuvxpjavuklczxdqecvhrjcvuhoThe application presents itself as 'DHL Express Mobile' while being installed and will ask for device administrator rights:Figure 1 - System serviceBasically, the app can do anything it desires:Figure 2 - Permissions; this includes & reading text messagesFigure 3 - Permissions; note the 'modify system settings'The payload, or the actual malware that is installed, is the Marcher banking trojan. Recently, it has been masquerading...
Read more