Rising Mobile Phishing Threats in Healthcare
A recent report by Zimperium’s zLabs Global Mobile Threat has revealed a significant increase in mobile phishing attacks in 2024, with the healthcare sector emerging as a primary target. The report highlights that many attacks are directed at employees’ mobile devices, as staff often use their phones for both professional and personal activities, including browsing, shopping, and dating.
Crypto Drainer Malware Discovered on Google Play
Research from Check Point has uncovered the presence of crypto-draining malware on the Google Play Store, affecting users for the past four to five months. Various apps, including WalletConnect, have been masquerading as legitimate platforms for storing digital currencies, while actually siphoning off assets like Bitcoin and Monero. So far, approximately $70,000 in cryptocurrency has been stolen from unsuspecting victims, and the number continues to rise. Despite efforts from Google to combat this malware, these fraudulent apps are posing as legitimate products linked to actual companies, orchestrated by malicious hacking groups.
Data Breach Exposes Millions of Records in France
An unsecured Elasticsearch server containing sensitive information of over 97 million French citizens has been discovered for sale on the dark web. Security researchers suggest that this leak may stem from data gathered through at least 17 separate breaches. The exposed data includes phone numbers, email addresses, payment information, full names, physical addresses, and IP addresses, which could facilitate phishing scams and identity theft.
AI-Powered Malware Development Identified by HP Threat Intelligence
Researchers at HP Threat Intelligence have found that cybercriminals are leveraging artificial intelligence to create malware. This approach not only saves time and resources but also enables the development of sophisticated malicious software capable of evading antivirus detection. Such AI-driven malware can be easily customized for various attacks, including ransomware and data deletion.
US Treasury Bans Two Russian Cryptocurrency Exchanges
The US Treasury Department’s Office of Foreign Assets Control has imposed sanctions on two Russian cryptocurrency exchanges, Cryptex and PM2BTC, for their roles in laundering ransom payments. Evidence suggests these exchanges were involved in laundering over $720 million in funds associated with online fraud, malware distribution, mixing services, and vishing scams.
Microsoft Reports Ransomware Threats in Hybrid Clouds
Microsoft has released a report detailing how the threat actor known as Storm-0501 is exploiting hybrid cloud environments to deploy ransomware. This includes the migration of data and applications between on-premises and cloud systems, leading to risks such as credential theft, data exfiltration, manipulation, persistent backdoor access, and double extortion.