Romance scam victims surged by more than a fifth (22%) in 2023, compared to 2022, according to new figures from Lloyds Bank. The average amount lost per incident was £6937 ($8847) last year. This was lower than in 2022, when the average loss was £8237 ($10,505). Romance scams have exploded in prominence in recent years,
Month: February 2024
Video The banking trojan, which targeted mostly Brazil, Mexico and Spain, blocked the victim’s screen, logged keystrokes, simulated mouse and keyboard activity and displayed fake pop-up windows 02 Feb 2024 This week, law enforcement in Brazil took action to disrupt the Grandoreiro banking malware in a joint effort that was also supported by the ESET
Feb 03, 2024NewsroomIntelligence Agency / Cyber Security The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and
Wizz, a growing social media app among US teenagers, was removed from the Apple App Store and the Google Play Store on January 30. Apple and Google had been contacted by the National Center on Sexual Exploitation, a US conservative anti-pornography organization, who thanked the two giants on X “for booting the Wizz app from
ESET researchers have identified twelve Android espionage apps that share the same malicious code: six were available on Google Play, and six were found on VirusTotal. All the observed applications were advertised as messaging tools apart from one that posed as a news app. In the background, these apps covertly execute remote access trojan (RAT)
Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an “aggressive” hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved
The White House’s goal of bolstering the cyber resilience of critical infrastructure is being threatened by US federal agencies’ lack of oversight of ransomware protections, according to a new Government Accountability Office (GAO) report. The GAO noted that some agencies only assess the adoption of basic cybersecurity protections and general guidance in critical sectors like
ESET Research An AI chatbot inadvertently kindles a cybercrime boom, ransomware bandits plunder organizations without deploying ransomware, and a new botnet enslaves Android TV boxes ESET Research 31 Jan 2024 • , 2 min. read In this episode of the ESET Research Podcast, we dissect the most interesting findings of the ESET Threat Report H2
Feb 01, 2024NewsroomCyber Attack / Botnet The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network. “The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications
Pawn Storm, an advanced persistent threat (APT) actor also known as APT28, has been targeting high-value entities globally, employing a range of techniques since at least 2004. Despite relying on seemingly outdated methods like decade-old phishing campaigns, the group continues to compromise thousands of email accounts. According to an advisory published today by Trend Micro
ESET has collaborated with the Federal Police of Brazil in an attempt to disrupt the Grandoreiro botnet. ESET contributed to the project by providing technical analysis, statistical information, and known command and control (C&C) server domain names and IP addresses. Due to a design flaw in Grandoreiro’s network protocol, ESET researchers were also able to
Jan 31, 2024NewsroomSoftware Security / Linux Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk.