article thumbnail

Screenshot-Reading Malware

Schneier on Security

Kaspersky is reporting on a new type of smartphone malware. The malware in question uses optical character recognition (OCR) to review a device’s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times.

Malware 253
article thumbnail

Fake Reddit and WeTransfer Sites are Pushing Malware

Schneier on Security

There are thousands of fake Reddit and WeTransfer webpages that are pushing malware. The ‘Download’ button leads to the Lumma Stealer payload hosted on “weighcobbweo[.]top.” They exploit people who are using search engines to search sites like Reddit. ” Boingboing post.

Malware 241
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. This particular scam usually starts with a website popup that looks something like this: This malware attack pretends to be a CAPTCHA intended to separate humans from bots.

Phishing 283
article thumbnail

Detecting Pegasus Infections

Schneier on Security

The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise.

Spyware 353
article thumbnail

Noodlophile Malware Distributed Through Bogus AI Video Generators: Who Are the Targets?

Tech Republic Security

By downloading what they believe is an AI-generated video, victims have installed malware that can steal their data or offer attackers remote access to infected devices.

Malware 133
article thumbnail

FBI warns of malicious free online document converters spreading malware

Security Affairs

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” continues the alert.

Malware 117
article thumbnail

Download a banker to track your parcel

SecureList

The attackers would then send what appeared to be the photo itself but was actually a malware installer. In reality, this was malware with no parcel-tracking functionality whatsoever. The link directed users to a phishing site offering to download Mamont for Android ( 12936056e8895e6a662731c798b27333 ).

Scams 99