March’s Most Wanted Malware:  Cryptomining Malware That Works Even Outside the Web Browser on the Rise

 
Check Point’s latest Global Threat Index reveals that hackers are increasingly utilizing cryptomining malware that operates without an active web browser session   Check Point recently published its monthly Global Threat Index, revealing a surge of cryptomining malware attacks throughout March – specifically, an endpoint cryptomining malware known as the XMRig variant.   First seen in the wild in May 2017, XMRig entered Check Point’s top ten most wanted malware index (8th) for the first time during March 2018, after a 70% increase in global impact. By working on the end point device rather than the web browser itself, XMRig is able to mine the Monero cryptocurrency ...

Preventing crypto-mining attacks: four key steps that’ll keep you safe

 
  We recently published an overview of the rapid rise in mining attacks, how these attacks work, and their impact on businesses around the world.   The rise of in cryptocurrency values has incentivized hackers to exploit the CPU power of their victims in order for crypto-mining operations. Our research shows that these cryptojacking attacks have reached epidemic proportions.     In our previous post we reviewed how current plague of mining attack is impacting businesses across the globe in three key ways:   Consumption of precious server resources Reduced user productivity Negative impact on company reputation and customer ...

The Check Point 2017 Global Threat Intelligence Trends Report

 
2017 was an incredible year for the cyber security industry. With attacks reaching ever higher numbers and increasing levels of innovation, there seems to be no stop to the cat and mouse game taking place between threat actors and security experts. In our H2 2017 Global Threat Intelligence Trends Report, we reveal that cyber-criminals are increasingly turning to cryptominers to develop illegal revenue streams, while ransomware and ‘malvertising’ adware continue to impact organizations worldwide. Based on data drawn from Check Point’s ThreatCloud intelligence between July and December 2017, the H2 2017 Global Threat Intelligence Trends Report gives a detailed overview of the ...

Malware Displaying Porn Ads Discovered in Game Apps on Google Play

 
In the past, cyber-criminals have targeted businesses, hospitals, and governments; today, we’ve seen them begin to focus on games and apps intended for children.   Check Point Researchers have revealed a new and nasty malicious code on Google Play Store that hides itself inside roughly 60 game apps, several of which are intended for children. According to Google Play's data, the apps have been downloaded between 3 million and 7 million times.   Dubbed ‘AdultSwine’, these malicious apps wreak havoc in three possible ways: Displaying ads from the web that are often highly inappropriate and pornographic. Attempting to trick users into installing fake ...

LightsOut: Shining a Light On Malicious Flashlight Apps on Google Play

 
Check Point researchers have detected a new type of adware roaming Google Play, the official app store of Google. The suspicious scripts overrides the user’s decision to disable ads showing outside of a legitimate context, and then, in many of the apps, hides its icon to hinder efforts to remove it. This is a purely malicious activity, as it has no other possible purpose other than eluding the user.   Dubbed ‘LightsOut’, the code hid itself in 22 different flashlight and utility apps, and reached a spread of between 1.5 million and 7.5 million downloads. Its purpose? To generate illegal ad revenue for its perpetrators at the expense of unsuspecting users.   The ...

Huawei Routers Exploited to Create New Botnet

 
A Zero-Day vulnerability in the Huawei home router HG532 has been discovered and hundreds of thousands of attempts to exploit it have already been found in the wild. The delivered payload has been identified as OKIRU/SATORI which is an updated variant of Mirai. The suspected threat actor behind the attack is an amateur nicknamed ‘Nexus Zeta’. Introduction In the last 10 years, the number of connected devices has grown to over twenty billion, and, as the years go by, they get progressively smarter. However, whereas they score high on convenience, the latest discoveries from Check Point Research shows they still have a lot of homework to do to get their security score up ...

What Lies Ahead? Cyber-Security Predictions for 2018

 
Arnold H. Glasow famously quipped that “the trouble with the future is that it usually arrives before we’re ready for it.”  The past year certainly took us by surprise when the WannaCry and Petya ransomware outbreaks hit businesses globally, causing unprecedented disruption, while serious new vulnerabilities such as BlueBorne were discovered in almost every connected device in use.   While these large-scale attacks and vulnerabilities dominated news headlines, there were other significant cybersecurity trends developing behind the scenes which also have the potential to disrupt peoples’ daily lives.   These trends are the result of our increasing reliance on ...

The Danger Behind Santa’s Beard

 
Santa’s beard is usually white, the colour of purity and innocence. However, cyber-criminals targeting online shoppers enjoying the run up to the Black Friday and Christmas holidays this year could be trying to take advantage of that innocence.   Researchers at Check Point recently discovered that criminals have a new way to trick merry online shoppers via the massively popular AliExpress shopping portal. With more than 100 million customers and $23bn in revenue worldwide, AliExpress, part of the AliBaba Group, is one of the most popular places to shop online.   After discovering the vulnerability, Check Point Researchers immediately informed AliExpress who, due to ...

October’s Most Wanted Malware: Cryptocurrency Mining Presents New Threat

 
Check Point’s latest Global Threat Index has revealed crypto miners were an increasingly prevalent form of malware during October as organizations were targeted with the CoinHive variant Crypto mining is emerging as a silent, yet significant, actor in the threat landscape, allowing threat actors to extract substantial profits while victims’ endpoints and networks suffer from latency and decreased performance. The emergence of Seamless and CoinHive once again highlights the breadth and depth of the challenges organizations face in securing their networks against cyber-criminals. Following up on recent Check Point research that found that cryptocurrency miners can use up to 65% of ...

Check Point IoT Blog Series: ‘Home, Smart Home’ – But How Secure Is It?

 
The smart home is often idealized as a domestic paradise -- your fridge orders your groceries for you, your robot vacuum cleaner zooms from room to room, and changing the thermostat is as easy as pulling up an app on your phone. But beneath the surface of this always-on, seamlessly connected exterior, however, lie significant concerns about privacy and cybersecurity. These concerns were dramatized in the Season 2 premiere of the cyber-drama ‘Mr. Robot’. The TV and stereo are switched on and off randomly; the water temperature in the shower goes from boiling to freezing, and the air conditioning is switched to Arctic temperatures. Someone hacked this fictional smart home, forcing the ...