Web / Internet Threats


















             TrickBot malware may have hacked 250 million email accounts - TrickBot malware may have stolen
             as many as 250 million email accounts, including some belonging to governments in the US, UK and
             Canada. The malware isn't new. In fact, it's been circulating since 2016. But according to
             cybersecurity firm Deep Instinct, it has started harvesting email credentials and contacts. The
             researchers are calling this new approach TrickBooster, and they say it first hijacks accounts to send
             malicious spam emails and then deletes the sent messages from both the outbox and trash folders.
             In a recent investigation, Deep Instinct found a database containing 250 million compromised email
             accounts. The firm says millions of those belong to governments in the US and UK, as well as
             agencies in Canada. The database contained more than 25 million Gmail addresses, 19 million
             Yahoo.com addresses and 11 million Hotmail.com addresses. AOL, MSN and Yahoo.co.uk were also
             hit. As DeepInstinct points out, TrickBot could use those emails to distribute more of its own
             malware.
                    Source: https://www.engadget.com/2019/07/12/trickbot-malware-trickbooster-250-million-
                    email-accounts/



             A Chinese company has 25 million Android devices tangled in an ad fraud scheme - A malicious
             software campaign tied to a Chinese internet company has exploited known vulnerabilities in
             Android mobile phones to infect roughly 25 million devices as part of a far-reaching ad fraud
             scheme, according to findings published Wednesday by Check Point. Hundreds of apps in a third-
             party Android marketplace disguised cocktails of malicious software that researchers say leveraged a
             number of known security issues to broadcast fraudulent advertisements. It’s only the latest
             example of near-daily revelations about apps acting in ways unwitting victims could not have
             anticipated — though this malicious activity is especially innovative.
                    Source: https://www.cyberscoop.com/chinese-company-ad-fraud-android-check-point/




             Thwart the pressing threat of RDP password attacks - “In recent years, criminals deploying targeted
             ransomware like BitPaymer, Ryuk, Matrix, and SamSam have almost completely abandoned other
             methods of network ingress in favor of using RDP,” say Sophos researchers Matt Boddy, Ben Jones,
             and Mark Stockley. “Gangs like these have the choice cracking passwords themselves using tools like
             NLBrute, buying passwords cracked by others, or buying accounts on compromised RDP servers.”
                    Source: https://www.helpnetsecurity.com/2019/07/23/thwart-rdp-password-attacks/











                                                    www.accumepartners.com