Google Warns Ransomware Boom Scored Crooks $2 Million A Month

“As the ransomware scourge calms down for the summer holidays, Google has taken a retrospective at that particular pesky form of cybercrime, finding it only become massively profitable in the last year and a half.

That was largely thanks to two forms of ransomware, Locky and Cerber. They’re the illicit market’s kingpins that really came to life in 2016. With those and a handful of lesser ransomware families, criminals were making in excess of $2.5 million every month, according to the research, produced alongside researchers at University of California San Diego, New York University and blockchain analyst firm Chainalysis.

Compared to the $140,000 made by WannaCry and $10,000 by NotPetya, both of which have been deemed destructive in nature and possibly the produce of nation state hackers, the figures are astronomical. “They [WannaCry and NotPetya] were clearly not interested in cashing out the money,” noted Luca Invernizzi, research scientist in Google’s anti-abuse team.”

Read more details here.

Author: Thomas Fox-Brewster

Apple warns cyber threat could wipe out iPhones, issues fix

Apple issued a new warning after a new hacking threat. The tech giant says there is a new cyber threat, but has taken steps to thwart the attack. FOX Business Network’s Tracee Carrasco reports, “Apple has now issued a critical security patch for all iOS devices and for Mac computers against a potential hack that could come remotely via Wi-Fi.”

“The virus is being considered a potentially serious threat,” Carrasco says, so the company is urging users to install the updates to protect their devices.

The latest cyber threat is also a risk to Android device users, but Google has taken steps as well to block the virus.

“The vulnerability also has the potential to attack Android devices, but Google issued its own security patch earlier this month.””

Read more details here.

Author: Matthew Wisner

Who’s Behind the Gmail Phishing Attack?

“The Gmail phishing attack that played out across Google’s billion-user email platform Wednesday afternoon was “particularly insidious” and created by someone with considerable skill, say cybersecurity experts.

The scam involved sending users a malicious link from what looked like a familiar contact; when users clicked it and logged on, the hacker gained access to their Gmail credentials, thereby getting the keys to the kingdom for a user’s entire online life — and enabling the virus to replicate itself.

While Google says it has fixed the problem, it still remains a mystery who may have launched the worm that quickly made the rounds online.”

Read more details here.

Author: Alyssa Newcomb, NBC News

Major phishing attack targeted Google Docs users

“A widespread phishing scheme targeted people across the web on Wednesday. The sophisticated attack appeared to come from a trusted source asking you to open a Google Document. If you clicked, it took you to a page to open the “Google Docs” app with your Google (GOOG) account. This granted access to your email account and contacts.

Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, says anyone who clicked on the link should check their Google App permissions and remove the one called “Google Docs.” You can do that by clicking this link.

It’s unclear how widespread the attack was, but reporters at publications including BuzzFeed, CNN and Motherboard tweeted that they’d receiving the phishing email, as had many of their sources.”

Read more details here.

Author: Selena Larson

Google, Facebook Employees Targeted In $100M Phishing Scam

“When the Justice Department recently said that two major tech companies had paid out a total of $100 million to a scammer posing as a hardware manufacturer, it chose to not name the businesses that had been conned. But now, both Google and Facebook are confirming that they were the ones victimized by this phishing scheme.

Some background, first: According to federal officials, the scam dates back to 2013, when a Lithuanian man named Evaldas Rimašauskas allegedly used fake email addresses, invoices, and corporate stamps and pretended to be a large manufacturer that regularly did business with two companies.

He is then accused of emailing employees at the two companies and tricking them into transferring $100 million worth of payments to him.”

Read more details here.

Author: Mary Beth Quirk

Beware Google Chrome scam that could inject malware into your computer

“A Google Chrome scam that could infect your computer with malware continues to pose a threat to users, according to cybersecurity experts.

Last month security company Proofpoint warned that hackers can inject script into poorly-protected web pages. The script, which targets the Chrome browser on Windows, rewrites the compromised website on the victim’s browser to make the page unreadable and creates a fake issue for the user to resolve.

A popup, which contains the message “The ‘HoeflerText’ font wasn’t found,” urges users to download an update to their computers. The update, however, is actually a malware download.”

Read more details here. 

Author: James Rogers

This tool tells you if your Gmail account was infected with malware

“Cybersecurity Check Point discovered a new piece of Android malware called Gooligan that’s able to steal email addresses. More than 1 million Google accounts connected to older Android versions are at risk, but there’s a tool you can use to see if you’re one of them.

DON’T MISS: There’s a fix for your iPhone 6s’ serious battery drain, but you might not like it

Users who downloaded Android apps containing the Googligan malware or who clicked on links in phishing messages are at risk. The software is able to access information in Gmail, Drive, and Photos, and the hackers can use the Google accounts to buy apps on the Google Play store and leave reviews for apps.

Check Point says that devices running Android 4.0 and Android 5.0 are at risk — that’s nearly 75% of Android users. The company developed an online tool that can help you check if your phone is infected with Gooligan. All you have to do is head over to this link, enter your Gmail address, and then find out if you’ve been hacked.”

Find out if you’ve been hacked here. 

Read more details here.

Author: Chris Smith, BGR News