The past month of November was marked by numerous incidents and vulnerabilities in the field of security , and from ESET they have announced the most outstanding events that took place in that period.
Undoubtedly, the cryptocurrencies have been the main protagonists , since when registering historical highs the cybercriminals took advantage of to attack the electronic portfolios of the users.
Josep Albors, head of awareness and research at ESET Spain, explains that “if a cybercriminal detects that a user has one of these files used to store these electronic currencies, it is very likely that he will try to steal it in some way, such as accessing remotely to your system. ”
In addition, cybercriminals also turn to applications that are used as electronic portfoliosand cryptocurrency exchange services .
On the other hand, the executive also insists that “those web pages that undermine crypto currencies taking advantage of users’ resources without asking for their permission , are becoming a plague”.
Apart from the above, the ESET report mentions a variant of the Bankbot banking Trojan , which affected Android users and was hidden in applications such as flashlights to avoid suspicion.
Another very popular Android banking Trojan in November was the one identified as Android / TrojanDropper.Agent.BKY that tried to go unnoticed by installing its components in a modular way, in different phases.
In addition, around a million users fell into the false trap of a WhatsApp app that downloaded downloaded a second malicious application that was installed on the victim’s system without this suspecting anything.
Nor can we forget the discovery of a bug in the most recent version of MacOS High Sierra , which allowed access to the system as root, providing this user name and leaving the password space blank, pressing several times on the ” login”.
With regard to data theft, last month the data subtraction of 1.7 million users of the Imgurphoto sharing website was announced in an incident that took place in 2014.
From the ESET lab they also appreciated the presence at the top of the Google searches a fake version of Windows Movie Maker , which sought to get money from unsuspecting users.
Undoubtedly another relevant case was that of the popular streaming anime website Crunchyroll , which for a few hours was distributing malware among users who accessed their website and downloaded an alleged media player.
Finally, in Spain, the temporary deactivation of the digital signature incorporated in the National Identity Document was also news , when security breaches were discovered that allowed knowing the private key stored in the chip that carries this document.
Original article and pictures take digitalbodha.com site
Комментариев нет:
Отправить комментарий