Be aware of ransomware: your files are still in danger
Recently, Europol announced that ransomware is the most powerful cyber threat among all. Thus, this autumn user should be prepared for data-encrypting virus attacks. One of these threats is a new version of Locky; and we are not talking about Lukitus and Ykcol variants.
In October 2017, researchers discovered Asasin – a new example of Locky that spreads via corrupted email attachments. If it finds the way into the computer, there’s no way to get back your files.
The BTCWare family also continues to grow up. At the beginning of October, BTCWare PayDay ransomware version has been noticed spreading and asking to pay the ransom. Thus, it’s time to backup to avoid possible damage.
Facebook scammers allure victims with free iPhone X
Virtual life on the biggest social network is not simple and calm. The new wave of Facebook virus spread a scam aiming at Apple fans and those who are in desperate need to get the latest iPhone model for free.
Numerous fake pages were created on Facebook and Instagram to attract users to participate in iPhone’s giveaway. Undoubtedly, no one is going to give free Apple phones. The purpose of this scam is to collect a bunch of sensitive information about users. In order to participate in such contest, people are asked to verify their Facebook accounts, enter the full name or contact details.
Scam posts might also redirect to suspicious pages and shows numerous ads. Therefore, naive users can end up on a malicious website until he or she ends up on a phishing site. Thus, this autumn you should not forget that too-good-to-be-true offers are always created by criminals.
Malvertising attacks become bigger and more sophisticated
It seems that malvertising became a new sweet spot for cyber criminals. This autumn crooks launched two massive campaigns to spread malware-laden ads. At the beginning of October, the legit Taboola advertising platform was hacked.
Malicious Taboola ads were noticed on msn.com website. They redirected to a tech support scam website that warned about “harmful virus” and asked to call a toll-free phone number to Microsoft technicians. Indeed, there’s nothing unique about this scam example.
Later KovCoreG group showed that they are capable of hacking another legit ad-services. This hackers team aimed at one of the most popular and most visited websites – Pornhub. However, this time criminals used a sophisticated attack which targeted users by their location and used browser.
People from the US, Canada, the UK and Australia who visited this porn site using Chrome or Firefox were asked to install a critical update. Meanwhile, Microsoft Edge and Internet Explorer users were tricked by fake Adobe Flash Player update. In this way, cyber criminals tricked millions of users to install Kovter click fraud adware. Thus, being careful with ads this fall is more than important.