Here’s a review of last week’s posts on Malwarebytes Unpacked:
- SocialBlade.com compromised, starts redirection chain to Nuclear Pack exploit kit (Exploits) Known YouTube stats tracker site appeared to exhibit symptoms of maliciousness similar to what was observed from the compromised AskMen.com site. Visitors were led to Nuclear Pack exploit kit infection. Senior security researcher Jérôme Segura explained this campaign in detail.
- Mobile Top-Up Credit Sharing Scams in Circulation (Mobile Security) Customers of Globe Telecom, one of the biggest telcos in the Philippines, were the subject of the scammer/s in a local campaign enticing them to refund a certain amount but actually tops up a number that belongs to the scammer/s.
- “Enter Details Here to Enable Your Account” (Fraud/Scam Alert) The latest Facebook phishing campaign baited users with a warning about their profiles getting disabled. The method scammers had concocted to move users to enable their accounts is to give out information involving email and credit card details.
- Fiesta exploit kit does the splits (Exploits) Segura homed in on the Fiesta exploit kit, discovering a double payload.
- Fake Private Videos Offer Surveys, EXEs and .XPI Installs (Fraud/Scam Alert) Security researcher Chris Boyd encountered clips on YouTube with the string “private video” on them and, digging deeper, found that these offer scams and install potentially malicious binaries.
- Avoid This Fake MH17 Missile Video Page (Fraud/Scam Alert) Boyd found an active campaign on Facebook banking on the latest Malaysian Airlines disaster.
Top news stories:
- Almost 1 in 10 Android apps are now malware. Researchers from Cheetah Mobile published research that include five major mobile security trends and events that had happened within the mobile landscape from the past six months. (Source: Help Net Security)
- Hackers Can Control Your Phone Using a Tool That’s Already Built Into It. And they can do this via the device’s own management tool, which is used for configuration. (Source: Wired)
- USB Has a Fundamental Security Flaw That You Can’t Detect. Attackers found a way to exploit the way a USB device works when introduced to a computer. (Source: Gizmodo)
- Hackers seed Amazon cloud with potent denial-of-service bots. Because of Backdoor.Linux.Ganiw.a, attackers would be able to turn a cloud service, in this case Amazon, into a DoS medium. (Source: Ars Technica)
- Hacker crack squad hitting the video game industry with IP-stealing attacks. “A hacker group, codenamed Threat Group-3279 (TG-3279), is hitting the video games industry with a wave of advanced cyber attacks designed to steal source code, according to Dell SecureWorks.” (Source: V3)
- Using Instagram on public Wi-Fi poses risk of an account hijack, researcher says. A self-confessed “hacker at large” from London revealed that his tool, Instasheep (after Firesheep), can compromise Instagram accounts. (Source: CSO)
The Malwarebytes Labs Team