Check Point Blog

Sort blog posts by:  

New research: Mobile malware hits every business

 
Every business has experienced at least one mobile cyberattack in the past year, according to a new study published today by Check Point mobile threat researchers. The report, entitled Mobile Cyberattacks Impact Every Business, is the first study to document the volume and impact of mobile attacks across corporate and public enterprise environments. The landmark study analyzes actual threat telemetry from corporate-issued and personally-owned bring-your-own devices. Data from the research demonstrates that enterprise mobility is under constant attack, affecting all regions and industries, on both Android and iOS platforms. These threats to mobile users are often sophisticated and ...

SandBlast Mobile: The best mobile security solution just got better

 
If there’s one thing we can count on it’s the tenacity and resourcefulness of cybercriminals. SandBlast Mobile threat researchers recently identified two new trends emerging in the global hacking community. First, cybercriminals have recently begun developing mobile permutations of existing zero-day malware. One recent case involved a mobile remote access Trojan (mRAT) that was spotted on the device of the chief security officer of a major European bank. An mRAT allows an attacker to remotely access an infected device and gather information from all its sensors, such as the camera, microphone, message and call directories, and much more. mRATs are typically used to surveil mobile ...

October’s Most Wanted Malware: Cryptocurrency Mining Presents New Threat

 
Check Point’s latest Global Threat Index has revealed crypto miners were an increasingly prevalent form of malware during October as organizations were targeted with the CoinHive variant Crypto mining is emerging as a silent, yet significant, actor in the threat landscape, allowing threat actors to extract substantial profits while victims’ endpoints and networks suffer from latency and decreased performance. The emergence of Seamless and CoinHive once again highlights the breadth and depth of the challenges organizations face in securing their networks against cyber-criminals. Following up on recent Check Point research that found that cryptocurrency miners can use up to 65% of ...

Account Hijacks Affect Everybody, Even ‘Top Dogs’

 
Being “cool and smart” was the name of the game when we were at school, and it seems nothing really changes as we get older. With the ‘cool factor’ among IT professionals translating into the adoption of modern IT technology, it’s not surprising to see why today’s businesses are being pushed ever faster towards to the cloud. But of course there are other good reasons why 70% of companies (Gartner 2016) are already moving their IT infrastructure closer to the stars with cloud services. Whether it be data storage and servers or the increasing use of SaaS products, cloud computing allows businesses much greater agility and enables them to deliver applications at a fraction of ...

HomeHack: How Hackers Could Have Taken Control of LG’s IoT Home Appliances

 
The second season of award-winning TV thriller Mr. Robot premiered with a scene that sent shivers down the cybersecurity world’s spine. In uncomfortably realistic detail, hackers virtually broke into a smart home, turning the home-based IoT technology against its inhabitants. The TV and stereo started switching on and off randomly, the water temperature in the shower went from boiling to freezing with little warning, and the air conditioning brutally forced the characters to leave their homes by reaching arctic temperatures. The most unsettling part of the whole sequence isn’t that this type of cyberattack might happen. It’s unsettling because it’s already happening. Recently, ...

Bad Rabbit – A New Ransomware Outbreak Targeting Ukraine and Russia.

 
On October 14th, the Ukrainian Security Service warned that a new large scale cyber-attack, similar to notPetya, might take place sometime between October 13 and 17. The attack arrived a few days later than expected; today (October 24th, 2017) the anticipated ransomware attack broke in Europe. Ukraine was the main target for this malware, with many of its critical infrastructure such as train stations, airports and media sites suffering downtime. Other affected countries include Turkey, Russia and Bulgaria. Affected companies include the Kiev Metro (Ukrainian train services), Odessa Airport (Ukraine), the Ukrainian ministries of infrastructure and finance and Interfax (a large ...

Crypto Miners Part 2

 
As mentioned in our previous blog post, the trend of online cryptocurrency mining is gaining momentum. The potential to mine cryptocurrency on anyone’s’ browser with ease and anonymity attracts website owners as well as threat actors -- joining the fruitful mining pool of leading cryptocurrencies.   Machines all over the world mine cryptocurrencies and get nothing out of it   Over the past month, Check Point Threat Intelligence and Research organization has spotted hundreds of websites that have joined the mining trend, knowingly or not, and take advantage of their e-visitors computational power. Among hundreds of mining websites, we have found some that suggested ...

Crypto Miners – The Silent CPU Killer of 2017

 
The Pirate Bay, the world’s largest BitTorrent indexer, is a massive online source for digital content-- movies, games and software—and is among the top 100 most popular websites globally, according to Alexa. No stranger to controversy for its role in illegal downloads, a few weeks ago it was discovered that The Pirate Bay operators have begun using the website users’ computer resources to mine the Monero cryptocurrency, using a hidden JavaScript-based miner called CoinHive.   Until recently, websites that provide free services earned almost all their revenue through advertisements. Is the Pirate Bay example signaling that cryptocurrency mining may soon take over as the ...

A New IoT Botnet Storm is Coming

 
A massive Botnet is forming to create a cyber-storm that could take down the internet. An estimated million organizations have already been infected. The Botnet is recruiting IoT devices such as IP Wireless Cameras to carry out the attack. New cyber-storm clouds are gathering. Check Point Researchers have discovered of a brand new Botnet evolving and recruiting IoT devices at a far greater pace and with more potential damage than the Mirai botnet of 2016. IoT Botnets are Internet connected smart devices which have been infected by the same malware and are controlled by a threat actor from a remote location. They have been behind some of the most damaging cyberattacks against ...

Boleto: The Perfect ‘Inside Job’ Banking Malware

 
The Brazilian cyberspace is known to be a whole ecosystem of its own and, although the banking malware that originates there has traditionally been somewhat basic, recent trends have indicated new and more refined tools for attack. Subsequently, what originally started in Brazil may well be about to spread to users of online banking worldwide. In May 2017, researchers at Talos analyzed a banking Trojan that was delivered in Portuguese via a spam campaign, a common delivery method for such malware. Upon opening the email attachment, victims would be redirected to a JAR file which executes a malicious JAVA code to initiate the malware installation process. Until now, the deeper inner ...