Category: antivirus

This move has been coming for a long time.

The Biden administration on Thursday said it’s banning the company from selling its products to new US-based customers starting on July 20, with the company only allowed to provide software updates to existing customers through September 29. The ban—­the first such action under authorities given to the Commerce Department in 2019­—follows years of warnings from the US intelligence community about Kaspersky being a national security threat because Moscow could allegedly commandeer its all-seeing antivirus software to spy on its customers.

In recent times, the landscape of cyber threats has taken a new turn, with cybercriminals employing sophisticated tactics to disseminate malware through counterfeit antivirus websites. This revelation comes from researchers at Trellix, shedding light on a concerning trend where malicious actors not only aim to pilfer sensitive data but also engage in double or triple extortion schemes.

What’s particularly alarming is that this malware distribution isn’t confined to Windows devices alone; it’s also infiltrating the vast ecosystem of Android devices, with the user base surpassing the 2 billion mark as of March 2023.

The scale of this threat becomes evident when considering the sheer volume of successful incursions facilitated by fraudulent websites engineered by cybercriminals. Among the notable imitated sites are Malwarebytes, Avast, and Bitdefender, serving as conduits for malware deployment. The malicious payloads include the likes of StealC Malware, Lumma Malware, Trojans, CodeRed, SpyNote, and potentially ransomware-capable binaries.

Security analysts caution that these malware strains possess the capability to exfiltrate a myriad of sensitive data from mobile devices, encompassing photos, videos, SMS messages, call logs, screenshots, and more.

The propagation of such malware is orchestrated through techniques like SEO poisoning, strategically elevating the visibility of nefarious websites in search engine results. This ensures prolonged exposure before detection by malware scanning services employed by platforms like Google and Bing.

Mitigating these threats demands heightened vigilance from online users. Adopting practices such as refraining from clicking on suspicious pop-ups, meticulously scrutinizing URL spellings, and verifying the authenticity of sources can significantly bolster defense mechanisms against such threats. Moreover, exercising caution while downloading software, opting for reputable sources like official websites and app stores, remains paramount in safeguarding against malware infiltration.

The post Fake Antivirus websites now delivering malware appeared first on Cybersecurity Insiders.

This is one way of ensuring that IT keeps up with patches:

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by alleged Iranian hackers.

Prosecutors said the five IT officials of the public administration department had failed to check the security of the system and update it with the most recent antivirus software.

The next step would be to arrest managers at software companies for not releasing patches fast enough. And maybe programmers for writing buggy code. I don’t know where this line of thinking ends.