Stagefright Bug
A vulnerability is found on Android devices affecting almost 95% of its users. Attackers can exploit this bug through MMS (a type of message which can include text, sound, images and video) which allows them to take control of such devices.
Tips to prevent being attacked:
- Ensure you have the latest Android upgrade/patch installed
- Disable auto-retrieval of MMS
Ransomware
1. What is ransomware?
Ransomware is a type of malicious software designed to block access to a victim's computer or files and locks it/them until a sum of money is paid (hence the name ransomware).
A well-known variant of ransomware is called WannaCry (aka WCry) that presents itself through a large-scale cyberattack. It targets vulnerable Microsoft Windows systems and encrypt data files on infected computers. Users are demanded to pay a US$300 ransom in bitcoin to decrypt their files. The ransom amount is doubled after three days. If payment is not made after seven days, the encrypted files will be deleted.
2. How do you get infected:
You can be infected when you unknowingly download ransomware from compromised websites, spammed emails or other malware.
3. Best practices to avoid malware infection:
- Always exercise caution when visiting new or unfamiliar websites.
- Never download an App that hasn't been verified by an official store, and read reviews before installing programs.
- Be cautious when you receive an email with an attachment from unknown senders that contain suspicious subjects. Be careful when opening files such as MS Word and Adobe PDF as they may not be real documents but malware.
4. Protect your data:
Having a regularly updated backup is an effective control to mitigate the loss of data due to ransomware.
DYRE Malware
A new variant of malware known as 'DYRE' is targeting online banking customers. The malware started from phishing emails. Hence, please do not respond or click on any hyperlink in an email to access to your Online Banking websites. Phishing email aims to steal your Online Banking User ID and Password.
These may be some of the signs that your computer could be infected by ‘DYRE’:
- You are prompted to enter your User ID and Password repeatedly
- Your computer seems to be running very slowly compared to the usual
- Unfamiliar screen after you login to your Online Banking site
Dridex Malware
Dridex operates by first arriving on a user's computer as a malicious spam email with a Microsoft Word document attached to the email. If the user opens the document, a macro embedded in the document will trigger a download of the Dridex banking malware, enabling it to first steal banking credentials and then attempt to generate fraudulent financial transactions.
Bad Rabbit Ransomware
A new strain of ransomware dubbed 'Bad Rabbit' is spreading across Europe and Russia.
The ransomware is said to use Adobe Flash player installer updates (install_flash_player.exe) to disguise itself, tricking victims into installing these updates. Once the machine is infected, it will encrypt Windows files and operating system. The user subsequently receives a ransom note to unlock and decrypt the files and machine. An infected system is used to continue spreading the ransomware through the network and infect other workstations.