AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks

Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin America-based financially motivated threat actor. The campaign has been active since at least 2021. "Lures use Mexican Social

SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks

Cybersecurity researchers have shed light on the command-and-control (C2) server workings of a known malware family called SystemBC. "SystemBC can be purchased on underground marketplaces and is supplied in an archive containing the implant, a command-and-control (C2) server, and a web administration portal written in PHP," Kroll said in an analysis published last week. The risk

Remcos RAT Spreading Through Adult Games in New Attack Wave

The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea. WebHard, short for web hard drive, is a popular online file storage system used to upload, download, and share files in the country. While webhards have been used in the past to deliver njRAT, UDP RAT, and DDoS botnet malware, the

UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware

The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. "The threat actor targets Ukrainian employees working for companies outside of Ukraine," cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099 was first

Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges

The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable. This approach not only transforms it into a threat capable of delivering "specific distributor needs," but also makes it more potent, Check Point said&

New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP and RAR," G Data malware analyst Anna Lvova said in a Monday analysis.

Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies

The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe," Uptycs security researcher Tejaswini Sandapolla said in a technical report published this week.

International Law Enforcement Takes Down Infamous NetWire Cross-Platform RAT

A coordinated international law enforcement exercise has taken down the online infrastructure associated with a cross-platform remote access trojan (RAT) known as NetWire. Coinciding with the seizure of the sales website www.worldwiredlabs[.]com, a Croatian national who is suspected to be the website's administrator has been arrested. While the suspect's name was not released, investigative

LastPass: Keylogger on home PC led to cracked corporate password vault

Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn't say which one!) on a developer's home computer.

How to Live a Digital Life Free of Spyware

Spyware is tricky. Some types notify users that they’re monitoring activity. Others function in stealth mode and use the information they collect for nefarious purposes. Spyware is a type of software that collects data about online users and reports it to a company or an individual. What just about everyone can agree on is that anonymous browsing is looking more and more appealing and is likely the way of the future.  

Here’s more about the types of spyware, which types are legal, and how you can scrub your device and live more confidently online. 

Types of Spyware 

Here are a few types of spyware and facts about each: 

 Keyloggers 

Is it legal? Definitely not! 

What is its purpose? Criminal 

Keyloggers are the most intrusive of the spyware variations. It does exactly as its name suggests: It takes note of keyboard strokes, logs them, and reports to the owner of the nefarious software. Once the cybercriminal has digitally looked over your shoulder at your online activity, they make note of your passwords, walk into your online accounts, and pilfer your private personal information. They could use this information to gain entry to your online bank accounts or steal your identity. 

Keyloggers are downloaded onto devices (cellphones, tablets, laptops, or desktop computers) without the user’s knowledge. Cybercriminals can hide them within email attachments or in malicious web pages. So, the best way to steer clear of keyloggers is to never download attachments you’re unsure about and don’t visit sites that seem unprofessional. One rule of thumb is to mostly stick to URLs that begin with https and include a lock icon. These sites are almost always secure. 

To determine if your device is infected with a keylogger, check your system’s performance. Is your device running slowly? See if there are any spikes in activity or unknown programs running in the background. This could indicate that your device is hosting a malicious program. 

Adware 

Is it legal? Sometimes 

What is its purpose? Advertising and criminal 

Adware is categorized as a type of spyware. It tracks users’ online activity and spits out targeted pop-up advertisements. If you have the pop-up blocker enabled on your browser, you’ll likely be spared from the annoyance. Additionally, pop-ups can slow your device, so that’s another reason to turn on the pop-up blocking feature. Legitimate adware often asks users to opt into targeted ads. 

Adware turns malicious (and illegal) when it contains malware. Sometimes cyber criminals hide malware within pop-ups. It’s easy to accidentally hit a link within a pop-up when you’re aiming quickly for the X to close it. 

It’s easy to spot a device with an adware infestation. First, the number of pop-ups will be out of control. Also, the device will crash often, run very slowly, and have a short battery life. An antivirus program will likely be able to identify and remove the culprit. You can also check out your system monitor and end tasks that are draining your device’s power. 

Cookies 

Is it legal? Yes 

What is its purpose? Advertising 

Cookies are delicious, especially to advertisers who use them to better target ads and make profits selling collected user data to third-party companies. Cookies are sometimes categorized as spyware, because they log the websites you visit and report them. You may notice the banners on websites that ask you to accept cookies. 

Many users today are uneasy with sharing their online activity with strangers and advertisers. Sometimes the ads that pop up on your social media feed or in sidebars seem a little too targeted and it feels like someone is listening in to your conversations and attempting to make a profit from them. 

How to Browse Free of Spyware 

To scrub cybercriminals from your devices and confuse advertisers, consider the following steps you can easily add to your daily routine: 

1. Clear your cache periodically. This is a quick way to delete all the cookies from your device. It also helps if your device is running slowly. Clearing your cache deletes your browsing history, meaning that you won’t be able to type in your usual shortcuts to your most-visited sites and the browser won’t automatically auto-fill the rest of the URL or remember your passwords. Consider making bookmarks of your favorite sites for quick access and entrust your passwords to a password manager that will remember them for you. 
2. Know how to spot phishing attempts. Cybercriminals often hide their spyware within phishing texts and emails, so it’s key to know how to spot them. Phishers trick users into acting quickly, either through scare tactics or fake exciting news, to download attachments or give up personal information. Luckily, phishing attempts usually aren’t too difficult to identify and delete immediately. Did you enter a contest lately? No? Then why would someone get in touch saying you’re a winner? Also, phishing messages are often full of typos and poor grammar. Before you click any links in an email, hover your cursor over it to see where the URL will take you. If it has typos, is filled with a long string of letters or numbers, or doesn’t match the site the message says it’ll redirect you to, delete it. 
3. Browse in incognito mode. Browser sallow users to toggle incognito mode to use the internet anonymously. Once users exit incognito mode, all of their browsing history and the cookies collected during the session are deleted. Incognito mode, though effective against cookies, does not combat keyloggers or aggressive adware.  
4. Use a VPN. A virtual private network (VPN) is even more secure than incognito mode. It completely scrambles your online data, making it impossible for a spy to hack into your device if you’re connected to a public wi-fi network. A VPN doesn’t stop cookies, but the geographic information they report may be incorrect. 
5. Sign up for antivirus software. A comprehensive online protection software suite that includes antivirus software, such as McAfee Total Protection, can boost your confidence in your online safety. It can scan your phone, tablet, or computer for viruses or malware and automatically logs you into a VPN for secure browsing. 

The post How to Live a Digital Life Free of Spyware appeared first on McAfee Blog.