Iranian hackers’ Android malware spies on dissidents by stealing 2FA codes

It’s no secret that some countries have spied on their citizens through innocuous-looking apps, but one effort is more extensive than usual. Check Point Research has discovered (via ) that Rampant Kitten, an Iranian hacker group that has targeted the country’s political opponents for years, has developed Android malware focused on stealing two-factor authentication codes.

The number of ransomware attacks is growing rapidly. According to the Mid-Year Threat Landscape report published by Bitdefender, the significant increase is related to the coronavirus pandemic. Cybercriminals quickly picked up on the topic's liveliness and prevailing disinformation to trick unsuspecting users into clicking suspicious links more often than usual and opening malicious email attachments.

There are many popular and dangerous "viruses" for Android devices. It can be said that a few years ago a real revolution began when people moved their e-mail, bank and other private data to smartphones. New threats became popular such as Anubis, Agent Trojans Smith, Red Alert 2.0, GM bot or Exobot.

Na mojej prywatnej skrzynce mailowej zobaczy?em wiadomo?? zatytu?owan?: „Podejrzana aktywno?? na Twoim koncie”. Wy?ej widnia?a nazwa nadawcy: Facebook. W mailu informowano: „Zauwa?yli?my podejrzan? aktywno??. Zamówienie reklamy na kwot? 375 z? zosta?o z?o?one z nowego urz?dzenia. Prosimy o potwierdzenie zamówienia”. Ostrzegamy, ?e to metoda na wy?udzenie danych.

Onet

A new phishing company has appeared on the web, the purpose of which is to steal data from victims' computers. It appears as a bogus offer and the message you send includes a link to your OneDrive where the malware is located. It comes from the AgentTesla family.

More than 3 years have passed since the famous WannaCry attack, but ransomware not only remains popular, but also remains one of cybercriminals' favorite tools. In addition, it turns out that the ransom demands made by the latter are increasingly stringent.

Another case of the SIM Swap attack in Poland is described by Polsat News: Zbigniew Kołodziej - a farmer from Świebodzin, Poland fell victim to fraudsters who took over access to his online bank accounts. In total PLN 370,000 was lost. The theft was possible because the thieves got a duplicate of the farmer's SIM card. The attack began when Zbigniew's phone suddenly stopped working.

T-Mobile warns customers against another scam. The operator does not run a competition in which you can win the Samsung Galaxy S10 and do not want PLN 15 per shipment. In fact, you can immediately recognise that this is a scam, as long as someone reads the message to the end.

Alior Bank warns against an attack in which criminals not only pretend to be courier companies, but also the fake Google Play app store.

The scam that uses fake text messages is not a new method of thieves, but it is still very popular. Justyna lost savings of PLN 20,000 through one mistake and unknowingly took a loan of PLN 16,000. The text message fraud often consists in sending a link to a fake payment gateway - we read on the "Legalnie w Sieci" web portal.