September’s Most Wanted Malware: Locky Shoots Back Up Global Rankings

 
Check Point’s latest Global Threat Index has revealed a massive increase in worldwide Locky attacks during September, with the ransomware impacting 11.5% of organizations globally over the course of the month. Locky has not appeared in our Global Threat Impact Index, which reports on the top ten most prevalent malware attacks globally every month, since November 2016. However, attacks in September were powered by the hefty Necurs botnet, which in itself was ranked at number ten in the table. These attacks shot Locky up 25 places overall, to sit just behind the Roughted malvertising campaign in pole position. Locky’s distribution began in February 2016, and it rapidly became one of ...

ExpensiveWall: A dangerous ‘packed’ malware on Google Play that will hit your wallet

 
Check Point’s mobile threat research team identified a new variant of an Android malware that sends fraudulent premium SMS messages and charges users’ accounts for fake services without their knowledge. According to Google Play data, the malware infected at least 50 apps and was downloaded between 1 million and 4.2 million times before the affected apps were removed. The new strain of malware is dubbed "ExpensiveWall," after one of the apps it uses to infect devices, "Lovely Wallpaper." ExpensiveWall is a new variant of a malware found earlier this year on Google Play. The entire malware family has now been downloaded between 5.9 million and 21.1 million times. What makes ...

Survey: Enterprise security pros doubtful they can prevent mobile breaches

 
At least once a week – usually after pounding on my iPhone to access a business document, texting a family member, and calling a colleague on another continent, all in a matter of minutes – I’m reminded how complete the shift to mobile computing has been. It’s hard imagining what it was like working without our trusted smartphones and tablets. Mobile devices are indeed critical to getting work done in 2017. They are also treasure troves of personal and business data. And there are threat actors out there who want to get their hands on that data. We learned long ago to secure our PCs from cyberattacks, but it’s puzzling why most businesses still fail to secure employees’ ...

The latest findings on Chrysaor (Pegasus for Android) are even more stealthy

 
Earlier this week Google published a research about a new sophisticated spyware tool for Android, believed to be related to the Pegasus malware for iOS, which was discovered in August 2016. As Google wrote in their blog, the malware was most likely created by the authors of Pegasus – the NSO group, and shares many common features as Pegasus. What’s the big news? Chrysaor is a fully developed spy tool for Android devices, and can allow attackers to surveil their targets’ every move. Chrysaor has implemented elaborate modules to listen in on conversations, take screenshots and surveil the device’s surroundings, steal sensitive data and read SMS messages. This malware presents a ...

Inside Nuclear’s Core: Unraveling a Ransomware-as-a-Service Infrastructure

 
The Check Point Research team has uncovered the entire operation of one of the world’s largest attack infrastructures. Exploit Kits are a major part of the Malware-as-a-Service industry, which facilitate the execution of ransomware and banking trojans, among others. Their creators rent them to cybercriminals who use them to attack unsuspecting users. Nuclear is one of the top Exploit Kits, both in complexity and in spread. We offer you the Inside Nuclear's Core: Unraveling a Malware-as-a-Service Infrastructure report, a unique, first-of-its-kind view into the heart of a cybercriminal syndicate. First, we review the Malware-as-a-Service infrastructure, created by the Exploit Kit’s ...