ESET researchers have spotted the first-ever ransomware misusing Android accessibility services. On top of encrypting data, it also locks the device. Detected by ESET products as Android/DoubleLocker.A, the ransomware is based on the foundations of a particular banking Trojan, known for misusing accessibility services of the Android operating system. However, DoubleLocker doesn’t have the functions related … More DoubleLocker: Innovative Android Ransomware
While the world is holding its breath, wondering where notorious cybercriminal groups like Lazarus or Telebots will strike next with another destructive malware such as WannaCryptor or Petya, there are many other, less aggressive, much stealthier and often very profitable operations going on. One such operation has been going on since at least May 2017, … More Money-making machine: Monero-mining malware
The dangerous Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again, now stealthier than ever. Dubbed BankBot, the banking trojan has been evolving throughout the year, resurfacing in different versions both on and outside Google Play. The variant we discovered on Google Play on … More Bankbot trojan returns to Google Play with new tricks
ESET Ireland is warning Irish computer users to watch out for an email that pretends to come from Vodafone, but carries the Nemucod trojan. ESET Ireland has come across another widely targeted malicious email. This one pretends to be a bill from Vodafone: Clicking on the “Click here to view your bill” link downloads a … More Fake Vodafone bill spreads trojan malware
ESET Ireland warns that the nasty Nemucod malware is back as the malicious payload of a fake BT bill. At ESET Ireland we’ve been informing the public about Nemucod for a while. About a year ago it was one of the prevalent malware infections in Ireland with a 50,42% detection rate, while the global average … More Fake BT bill carries ransomware-delivering trojan
A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware. The first most Mac users will know about the security incident will be when they visit the app’s website, at https://handbrake.fr, and see a link to a “Security Alert”: Anyone who … More Malware warning for Mac users, after HandBrake mirror download server hacked
Android users were the target of another banking malware with screen locking capabilities, masquerading as a flashlight app on Google Play. Unlike other banking trojans with a static set of targeted banking apps, this trojan is able to dynamically adjust its functionality. Aside from delivering the promised flashlight functionality, this remotely controlled trojan comes with … More Turn the light on and give me your passwords!