August’s Most Wanted Malware: Banking Trojans and Ransomware That Want Your Money

 
Check Point’s latest Global Threat Index has revealed that banking trojans were extensively used by cyber-criminals during August with three main variants appearing in the top 10. The Zeus, Ramnit and Trickbot banking trojans all appeared in the top ten. The Trojans work by identifying when the victim is visiting a banking website, and then utilizes keylogging or webinjects to harvest basic login credentials or more sensitive information such as PIN numbers. Another popular method used by tojans is re-directing victims to fake banking websites, designed to mimic legitimate ones and steal credentials that way. The Index also revealed that Globe Imposter, a ransomware disguised as a ...

Does your mobile anti-virus app protect or infect you? The truth behind DU Antivirus Security

 
With mobile attacks representing nearly 20% of all cyberattacks in the Americas during the first half of 2017, users are constantly warned to be aware of security risks affecting their data and privacy, and install security software to protect their device. But what happens when antivirus solutions can’t be trusted, and actually compromise users’ privacy? Check Point mobile threat researchers recently discovered a free mobile anti-virus app developed by the DU group, a developer of Android apps, which collects user data without the device owners’ consent. The app, called DU Antivirus Security, was distributed over Google Play, Google’s official app store, and downloaded between ...

Highlights from CEO Gil Shwed’s Quora session

 
This week, our founder and CEO Gil Shwed participated in a fascinating Q&A session on Quora. He answered the Quora community’s top questions on cyber security, mobile security and innovation. Here are our editor’s pick highlights from his session. What will the field of cybersecurity look like in the next 10 years? In the coming 10 years, nation sponsored organizations will continue to develop cyber-attack technologies for defense and offense; financially driven criminal groups will continue to seek ways to monetize cyber-attacks; hacktivists will continue to use cyber to convey their messages; terrorist groups will also shift to cyber space; and finally – people with no ...

ExpensiveWall: A dangerous ‘packed’ malware on Google Play that will hit your wallet

 
Check Point’s mobile threat research team identified a new variant of an Android malware that sends fraudulent premium SMS messages and charges users’ accounts for fake services without their knowledge. According to Google Play data, the malware infected at least 50 apps and was downloaded between 1 million and 4.2 million times before the affected apps were removed. The new strain of malware is dubbed "ExpensiveWall," after one of the apps it uses to infect devices, "Lovely Wallpaper." ExpensiveWall is a new variant of a malware found earlier this year on Google Play. The entire malware family has now been downloaded between 5.9 million and 21.1 million times. What makes ...

BlueBorne: A New Set of Bluetooth Vulnerabilities Endangering Every Connected Device

 
The IoT cybersecurity firm, Armis, has revealed eight vulnerabilities in the implementation of Bluetooth in several operating systems, including Android, Windows, Linux, and iOS, successful exploitation of which could allow hackers to take complete control of a device. Indeed, these are the most severe vulnerabilities found in Bluetooth in recent years and are worrying due to their ability to be spread over an air interface. They have been termed ‘The BlueBorne Vulnerabilities’. Airborne attacks on mobile devices date back to the Cabir worm, an attack that presented the first proof of concept of a Bluetooth malware that was spread fast and wide, and even penetrated enclosed ...

Beware of the Bashware: A New Method for Any Malware to Bypass Security Solutions

 
With a growing number of cyber-attacks and the frequent news headlines on database breaches, spyware and ransomware, quality security products have become a commodity in every business organization. Consequently a lot of thought is being invested in devising an appropriate information security strategy to combat these breaches and providing the best solutions possible. We have recently found a new and alarming method that allows any known malware to bypass even the most common security solutions, such as next generation anti-viruses, inspection tools, and anti-ransomware. This technique, dubbed Bashware, leverages a new Windows 10 feature called Subsystem for Linux (WSL), which recently ...