ESET Security Professionals warn that the malware is being distributed through torrents. In addition to Angry Birds, cybercriminals have disguised OSX/CoinThief as various popular Mac OS X apps such as BBEdit, Pixelmator, and Delicious Library. "There is clearly strong evidence that the trojan was specifically designed to profit from the current Bitcoin craze and fluctuating exchange rates," security expert Graham Cluley stated on ESET's WeLiveSecurity blog.
Once the malware is executed, OSX/CoinThief installs a web browser extension and monitors the victim's web traffic. An additional component that runs in the background checks for wallet login credentials and sends the information to the attackers. The malicious web extension is called "Pop-Up Blocker." If this extension is present on your Mac Internet browser, you're probably infected. Another way to find out if you're infected with OSX/CoinThief is to open Activity Monitor in the Utilities Folder and look for a process called com.google.softwareUpdateAgent. This process is created by OSX/CoinThief.
Image ©Angry Birds
McAfee predicts that virtual currencies will fuel malware attacks globally in 2014. In general, growth in virtual currencies benefits and promotes economic activity. However, this has also provides cybercriminals with an anonymous payment infrastructure that they use to collect money from their victims.
Ransomware attacks, such as CryptoLocker, will continue to flourish as long as these attacks remain profitable. Furthermore, we may see new ransomware attacks aimed at enterprises.
The good news is that thought the ransomware payload is unique, the methods cybercriminals use to distribute ransomware (spam, drive-by downloads, infected apps) are not. Therefore, keeping systems current and practicing good security practices will keep you relatively safe from these threats.
Finally, the emergence of virtual currencies and its anonymous transaction infrastructure has led to the development of a number of "Deep Web" marketplace sites that specialize in retail distribution of illegal products and services. The largest of these sites was Silk Road, which was shut down by the FBI on October 2013. Although the closure of Silk Road was a huge win for law enforcement, there are many of these Deep Web marketplaces operating globally. This issue is not going away anytime soon.
Image ©Phil Williams
On the first day of 2014, more than 4.5 million Snapchat user names and phone numbers were leaked online and made available for download. The hacker group responsible for the leak claims they had notified Snapchat of the vulnerability but Snapchat never responded.
SnapchatDB.info, the now suspended website, housed the leaked account information. On the site, the hacker group stated they censored the last two phone number digits to minimize spam and abuse but may release the digits under certain circumstances. The group explained their motivation was to raise awareness and stated "companies we trust with our information should be more careful in dealing with it."
Jeff Taylor, McAfee Consumer Operations Project Manager had this to say about the issue:"The key privacy impact with this break seems to be in the data relationships... The best-kept secret related to privacy relates to PII (personally identifiable information) data relationships, so fundamental advice may include [using] unique user names and secondary email addresses for all social media accounts. Public profiles can be tied together otherwise, and data breaches become more damaging without such steps."
Irfan Asrar, McAfee Mobile Malware Researcher, warns about malicious websites claiming to have the capability of verifying if you're one of the victims of the hack. These sites are setup to farm/harvest information by asking you to enter your number and attempt to do a partial match of the data that was released by the hackers.
LinkedIn is one of the top social media platforms for job seekers and cybercriminals are finding ways to exploit the site by posing as recruiters. According to the Better Business Bureau (BBB), scammers create fake profiles disguising themselves as recruiters and then send messages with links to malicious sites that steal your personal information. The legit looking websites often ask for your bank information, Social Security number, etc., and scammers use this information to access your bank accounts and attempt to steal your identity. Business professionals who use LinkedIn within their corporate network should also be alarmed as cybercriminals use these same methods to infect computer systems with malware.
BBB makes the following recommendations and reminders:
- Legitimate recruiters will never ask for your personal data such as banking information.
- Always research a "recruiter" who contacts you before providing your sensitive information.
- Most employers won't ask for a Social Security number until they actually provide you with a job offer.
- Don't just add anyone to LinkedIn. Do your due diligence and research their profile and connections prior to adding them.
- You should NEVER be asked to pay for a legitimate job. If a "recruiter" asks you to pay for training, block them immediately.
- Work-at-home jobs are scarce, so be cautious of these postings.
Finally, ask the "recruiters" if you can call them. If they avoid to speak with you, then you should probably block them.
A fake PayPal email, claiming that you have limited access to your PayPal account due to unauthorized access attempts, is circulating rapidly. To gain full access, the email encourages you to click on a link and go through the login process to confirm your identity. The email appears to be targeting PayPal customers in the UK, but people from other countries may fall victim to this scam as well. The message is well-written and contains the PayPal logo, making it appear legitimate. However, some of the red flags include spoofed sender's email address, generic greeting, and recipients are asked to provide information by clicking on an embedded link.
Legitimate online services, such as PayPal, will address you by name and not with a generic greeting such as 'Dear Customer' or 'Dear Valued Member.' If you receive an email claiming to be from PayPal with these characteristics, don't click on the embedded link. Clicking on the link will direct you to a spoofed PayPal login page that will record your login credentials. After your credentials are recorded, you will be directed to another phishing page where you're asked to enter your contact and credit card information. This data is then forwarded to the cybercriminals who will have the information needed for identity theft, credit card fraud, and PayPal account hijacking attacks.
To be safe, always login to your PayPal account by entering PayPal's address into your browser's address bar.
The excitement of the holiday season and the ease of online shopping have many cybercriminals looking for opportunities to steal your personal information while you shop online. Follow these tips to help you keep safe from cyber scammers:
- Always shop from reputable e-commerce sites. Stay away from sites you're not familiar with, and always look for a lock symbol and "https" at the beginning of the URL to confirm that the site uses encryption.
- As described in the 12 Cyber Scams of Christmas, avoid deals that seem too good to be true because they usually are. Look for signs that an email or website may not be legitimate, such as the use of poor grammar, odd links, and low resolution images.
- Don't click on email links from senders you don't know. These links may redirect you to malicious websites.
- Always use a trusted antivirus solution, such as McAfee LiveSafe.
Image ©Leigh Langston
Recent Android malware outbreaks have exploited Android devices in a variety of ways. On November 13, 2013, McAfee and Samsung announced that McAfee VirusScan will come pre-installed on all Samsung HomeSync boxes. McAfee VirusScan will provide users with a secure, in-home digital entertainment experience and will protect users from the latest Android malware threats at no extra cost. This is a great add-on, especially with the rise of online scams due to the holidays.
McAfee VirusScan is an anti-malware application that protects your device from viruses, worms, Trojans, and other malicious attacks. With VirusScan, Samsung HomeSync users will enjoy their entertainment and TV experience in a secure environment. In addition to the fee VirusScan app, HomeSync will provide consumers with an option to upgrade to McAfee's comprehensive mobile solution, McAfee Mobile Security, at $29.99 for a 12-month subscription.
CorporateCarOnline, a limousine software company, has been hacked and nearly 1 million customer data has been breached. Stolen data includes credit card numbers, expiration dates, and names and addresses associated with the credit cards. Some of these cards belong to politicians and celebrities and contain high- to no credit limit.
The stolen files included detailed pick-up and drop-off information, such as:
- Donald Trump -- request for a new car with clear front seat
- LeBron James -- pick-up at athlete entrance at Thomas & Mack sports arena
- Tom Hanks -- No cell/radio use with passenger
The stolen files also include embarrassing information of what took place in the vehicles, including sex, vomiting, and illegal drug use.
CorporateCarOnline's website uses ColdFusion, an outdated web application development platform which has been heavily targeted by cybercriminals.
McAfee's Chief Technology Officer, Raj Samani, emphasized the vulnerability of customer information even when practicing strong username and password usage. "You can do anything you want, but in many cases you entrust your data with multiple third parties, and it's out of your hands," he said.
Image ©R. J. Smith
Securing your Android mobile device from security threats can be a little overwhelming. You first must decide if you want to purchase an antivirus application or if you want to download a free alternative. If you're uncertain if you want to buy or download a free security app, I recommend ESET Mobile Security as it offers both a free version and a premium version.
ESET Mobile Security for Android is a must-have for anyone who owns an Android device. ESET Mobile Security provides protection and enhancements in the following categories:
- SMS & Call Filter
- Usability Improvements and Tablet Support
ESET Mobile Security Free Version includes Antivirus and Anti-Theft protection. For more information on the free version, click here.
ESET Mobile Security Premium provides all features included with the free version. In addition, the premium version includes Anti-Phishing and SMS & Call Feature protection. To learn more about the premium version, click here.
Depending on your security needs, ESET Mobile Security will keep you Android device safe from malware threats. If you're looking for a PC security solution, you have options between regular antivirus programs and Internet security applications.
With malware threats on the rise, you must ensure your PC is safe from the latest malware trends. Threats are abundant with information systems. One nasty virus can cripple your machine, steal your personal information, and infect other devices. Protecting your computer from malware is perhaps the most important aspect of computer ownership. If you're looking for a solid antivirus solution, F-Secure has two options to consider:
- F-Secure Anti-Virus -- provides real-time protection against the latest malware threats, including viruses, spyware, and infected e-mail attachments. For more information on F-Secure Antivirus, click here.
- F-Secure Internet Security 20014 -- provides everything included with F-Secure Anti-Virus. Additional features include browsing protection, banking protection, content blocker, browsing time limits, safe search, and safe profile. To learn more about F-Secure Internet Security, click here.
Depending on your security needs, F-Secure is a proven solution that will keep your PC safe from malware threats. If you're looking for mobile device security solutions, you have options between free and premium applications.