A Week in Security (Apr 05 - 11)
News

A Week in Security (May 10 – May 16)

Posted: May 18, 2015 by Malwarebytes Labs

It’s been a busy week on the blog, with many different angles of attack covered.

First off, we looked at a compromised .gov website sending visitors to an Apple ID phishing scam. From there, we examined the website of Jamie Oliver which had been compromised for a third – and hopefully final – time, landing unfortunate visitors with a password stealer.

In PUP land, we took a deep dive into a program called WinYahoo, which was able to modify Google Chrome’s secure preferences without the browser detecting said changes. It also installed an additional extension which was capable of injecting Javascript into webpages.

An alarming message recently appeared on PCs via an advertising network which bore the cryptic message “Payload tested“. We examined what went on, and attempted to get to the bottom of the mystery.

Malware tried to sink its teeth into the modding World of GTA V, forcing owners of the game to be on their guard against fake files bearing gifts – and not the good kind.

Notable news stories and security related happenings:

  • A Concentration Camp Memorial Website was compromised and offered up illegal images to visitors right at a time when the site was likely to experience an increase in traffic (Source: The Register)
  • The latest Microsoft Security Intelligence Report offers fresh statistics which may nudge some die-hard users of Windows XP in the general direction of a newer OS (Source: SC Magazine)
  • Google continues to clamp down on the possibility of rogue Chrome extensions by announcing that all extensions will need to be hosted on the Chrome Web Store (Source: Help Net Security)
  • Ransomware on a man’s PC convinced him that the Police knew of his dubious porn habits, and as a result he turned himself in to Law Enforcement – who knew absolutely nothing about it (Source: News & Star)
  • Hackers making planes “fly sideways“? At this stage, it’s hard to separate fact from fiction so it’s better to take a wait and see approach (Source: InfoSecurity Magazine)
  • If you’re attempting to sell your car on Craigslist you may want to keep an eye out for signs of a very organised scam currently in circulation, which has so far affected around 100 people already – there’s surely more to come. (Source: CNN – Money)

Safe surfing, everyone!

The Malwarebytes Labs Team

RELATED ARTICLES

Fishing in a lake
Cybercrime

Law enforcement reels in phishing-as-a-service whopper

April 18, 2024 - A major international law enforcement effort has disrupted the notorious LabHost phishing-as-a-service platform.

CONTINUE READING 0 Comments
Cerebral logo
News | Privacy

Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million

April 18, 2024 - The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data.

CONTINUE READING 0 Comments
JuicyFields investment scam
News | Scams

Cannabis investment scam JuicyFields ends in 9 arrests

April 18, 2024 - JuicyFields was an investment scam that urged victims to invest in cannabis production.

CONTINUE READING 0 Comments
A mobile phone in the hands of a young woman in a dark colored t-shirt.
Privacy

Should you share your location with your partner?

April 17, 2024 - Location sharing is popular among couples. But is it something you want in your own relationship?

CONTINUE READING 0 Comments
Giant Tiger logo
News | Personal

Giant Tiger breach sees 2.8 million records leaked

April 16, 2024 - A threat actor claims to be in possession of 2.8 million records originating from a hack at Canadian retail chain Giant Tiger

CONTINUE READING 0 Comments

ABOUT THE AUTHOR

Malwarebytes Labs

Malwarebytes Labs

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams