In this news:
MassJacker malware is targeting people searching for pirated software.
Some cyber attacks begin with a dangerous email landing in your inbox, others might take a more direct, brute force approach, or exploit multiple zero-day vulnerabilities in Windows. Sometimes, however, they begin with you and your actions, such as the password reuse attack, or, as in the case of MassJacker, greed that can cost you dearly. And MassJacker attacks begin with a search for the wrong thing.
ForbesFBI Warning—Gmail, Outlook And VPN Users Need To Act NowBy Davey Winder
MassJacker Attacks Start With A Dangerous Search
Be careful what you search for, that should be the primary takeaway from this disturbing tale of malware and crypto theft that all begins with what can only be described as a less than harmless search. I’m old enough to remember when pirated software, in particular Amiga games, was distributed on floppy disc through the postal service within Jiffy bags and to people who signed up with a cracking crew on one bulletin board to another. The practice was dangerous even then, with computer viruses and even the first ransomware malware coming along for the ride. Now, of course, things are much simpler for those who would save money on their software, all it takes is a search engine and a click to get to a website where you can download the booty. Simpler, but still dangerous. Such a search for pirated software is where the MassJacker attacks begin.
MassJacker is a previously unknown strain of cryptojacking malware, discovered recently by threat analysts at CyberArk. According to Ari Novick, a malware researcher at CyberArk Labs, who authored a report into the threat, people searching for pirated software who find themselves at a site operated by the MassJacker threat actors will soon be in a whole heap of trouble. The MassJacker malware download, should a victim take the bait, “executes a cmd script followed by a PowerShell script that downloads three more executables,” Novick said. All of this in order to pull off cryptocurrency theft. “Cryptojacking works,” Novick explained, “by replacing the addresses of crypto wallets copied by the user with ones belonging to the attacker in the clipboard.” This can then lead, through further tricking of the victim, into transferring money to the attacker’s address, the attacker’s wallet. Novick warned that the CyberArk analysis had discovered at least 750,000 unique addresses that were being used by MassJacker, and one of these wallets was worth $300,000 alone.
Forbes1Password Warning—Beware Of Master Password-Reset AttackBy Davey Winder
.png)
