Abhishekh Singh Chauhan’s Post

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam... Good one , lets review it Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu Pratapagiri researcher said in a new report. "As part of their fraudulent hiring process, the phishing campaign tricks victims into downloading a malicious application that acts as a dropper, eventually installing the updated variant of Antidot Banker in the victim's device." The new version of the Android malware has been codenamed AppLite Banker by the mobile security company, highlighting its abilities to siphon unlock PIN (or pattern or password) and remotely take control of infected devices, a feature recently also observed in TrickMo. The attacks employ a variety of social engineering strategies, often luring targets with the prospect of a job opportunity that claims to offer a "competitive hourly rate of $25" and excellent career advancement options. In a September 2024 post identified by The Hacker News on Reddit, several users said they received emails from a Canadian company named Teximus Technologies about a job offer for a remote customer service agent. Should the victim engage with the purported recruiter, they are directed to download a malicious Android app from a phishing page as part of the recruitment process, which then acts as a first-stage responsible for facilitating the deployment of the main malware on the device. Zimperium said it discovered a network of phony domains that are used to distribute the malware-laced APK files that masquerade as employee-customer relationship management (CRM) apps....... for more details lets click below https://lnkd.in/dBwgXeyM

Job Seekers Targeted in Mobile Phishing Campaign - https://lnkd.in/dKxfREk3 #cryptocurrency #bitcoin #news #affiliateprogram #remotework #work #DigitalMarketing #Technology #money #job #investing A sophisticated mobile phishing campaign targeting job seekers intended to install dangerous malicious software on their phones was revealed Tuesday by security researchers. The campaign discovered by Zimperium zLabs targets Android mobile phones and aims to distribute a variant of the Antidot banking trojan that the researchers have dubbed AppLite Banker. “The AppLite banking trojan’s ability to steal credentials from critical applications like banking and cryptocurrency makes this scam highly dangerous,” said Jason Soroko, a senior fellow at Sectigo, a certificate lifecycle management provider in Scottsdale, Ariz. “As mobile phishing continues to rise, it’s crucial for individuals to remain vigilant about unsolicited job offers and always verify the legitimacy of links before clicking,” he told TechNewsWorld. “The AppLite banking trojan requires permissions through the phone’s accessibility features,” added James McQuiggan, a security awareness advocate at KnowBe4, a security awareness training provider in Clearwater, Fla. “If the user is unaware,” he told TechNewsWorld, “they can allow full control over their device, making personal data, GPS location, and other information available for the cybercriminals.” ‘Pig Butchering’ Tactic In a blog on Zimperium’s website, researcher Vishnu Pratapagiri explained that attackers present themselves as recruiters, luring unsuspecting victims with job offers. As part of their fraudulent hiring process, he continued, the phishing campaign tricks victims into downloading a malicious application that acts as a dropper, eventually installing AppLite. “The attackers behind this phishing campaign demonstrated a remarkable level of adaptability, leveraging diverse and sophisticated social engineering strategies to target their victims,” Pratapagiri wrote. A key tactic employed by the attackers involves masquerading as a job recruiter or HR representatives from well-known organizations, he continued. Victims are enticed to respond to fraudulent emails, carefully crafted to resemble authentic job offers or requests for additional information. “People are desperate to get a job, so when they see remote work, good pay, good benefits, they text back,” noted Steve Levy, principal talent advisor with DHI Group, a career marketplace for candidates seeking technology-focused roles and employers looking to hire tech talent globally, in Centennial, Colo. “That starts the snowball rolling,” he told TechNewsWorld. “It’s called pig butchering. Farmers will fatten a pig little by little, so when it’s time to cook it, they’re really big and juicy.” After the initial communication, Prat

Cybersecurity experts have exposed a deceptive mobile phishing operation designed to deliver an enhanced version of the Antidot banking trojan, now rebranded as AppLite Banker. Posing as recruiters, the attackers bait victims with enticing but fraudulent job offers boasting competitive pay and promising career advancement. Once victims engage, they are manipulated into downloading a malicious app disguised as a legitimate business tool. This app acts as a gateway, installing the malware onto the victim’s device. AppLite Banker is highly sophisticated, capable of stealing unlock credentials such as PINs and passwords, taking remote control of devices, and misusing Accessibility Services permissions to execute harmful actions like overlaying screens and granting itself additional permissions. The operation employs elaborate social engineering tactics, including fake websites and phishing emails, to distribute apps masquerading as customer relationship management tools. Victims are tricked into enabling risky settings by presenting the malware as a necessary security update. This trojan is packed with advanced features, from displaying fake banking login pages to intercepting SMS messages, blocking specific calls, and even hiding its presence on the device. With the ability to target users in multiple languages and exploit devices in various ways, this campaign underscores the importance of strong cybersecurity measures to protect against such multifaceted threats. #ChelseaTech #ChelseaTechnologies #cybercrime #cyberprotection #cyber #cybersecurity #technologysolutions #cyberattack #cyberdefense #cybernews #technologynews #technology

🥸 Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam "As part of their fraudulent hiring process, the phishing campaign tricks victims into downloading a malicious application that acts as a dropper, eventually installing the updated variant of Antidot Banker in the victim's device." #recruiting #jobsearch #cybersecurity

New V3B Phishing Kit Targets Customers of 54 European Banks Adversaries have recently developed a new phishing kit, known as V3B, which is specifically designed to target customers of 54 European banks. This phishing kit is a significant threat to the financial sector and raises concerns about the security of online banking services. V3B Phishing Kit: The V3B phishing kit is a sophisticated tool that enables cybercriminals to create convincing replicas of legitimate banking websites. These fake websites are then used to trick unsuspecting bank customers into providing their login credentials and other sensitive information. The V3B kit supports various features, such as: 1. Customizable templates: Adversaries can easily create fake banking login pages for the 54 target institutions by modifying pre-built templates. 2. Credential harvesting: The phishing kit is designed to capture and store user credentials when they are entered into the fake login pages. 3. Two-factor authentication (2FA) bypass: The kit includes functionality to bypass 2FA mechanisms, making it more difficult for victims to detect the scam. 4. OTP (One-Time Password) interception: The V3B kit can intercept OTPs sent to victims via SMS or other messaging platforms, providing attackers with full access to the victim's account. Targeted Institutions: The V3B phishing kit specifically focuses on customers of 54 European banks, including well-known institutions in countries such as Germany, France, Spain, Italy, and the United Kingdom. The full list of targeted banks has not been disclosed; however, it is essential for all European financial institutions to be aware of this threat and take necessary precautions to protect their customers. Countermeasures: Financial institutions and their customers should take the following steps to mitigate the risks associated with the V3B phishing kit: 1. Security awareness training: Regularly educate employees and customers about the risks of phishing attacks and how to identify suspicious emails and websites. 2. Multi-factor authentication: Implement robust multi-factor authentication mechanisms that cannot be easily bypassed or intercepted by phishing kits. 3. Email filtering: Implement advanced email filtering systems that can detect and block phishing emails before they reach users' inboxes. 4. Regular software updates: Ensure that all systems, applications, and devices are kept up-to-date with the latest security patches and updates. 5. Monitoring and incident response: Establish a dedicated team to monitor for potential phishing attacks and respond quickly and effectively to any incidents. 6. Reporting mechanisms: Encourage employees and customers to report any suspected phishing attempts so that they can be investigated and addressed promptly. Conclusion: The V3B phishing kit poses a significant threat to European bank customers and highlights the need for increased vigilance and security measures within the financial sector.

Business email comprimise is one of the biggest threats to your business. Here are some tips on how to spot the most common types of BEC. In today's digital landscape, the threat posed by malicious emails is ever-present, with some being particularly subtle and complex. There are three primary types of email threats that pose unique challenges in detection for users, emphasizing the critical role of employees in distinguishing between legitimate interactions and potentially harmful communications. Despite the investment in advanced security infrastructures by some companies, many others overlook this crucial aspect of their defense. Compromise of Business Emails This subtle threat involves individuals impersonating legitimate members of an organization or its affiliates to solicit sensitive information, such as money or identification details. Why is it hard to detect? These emails often mimic routine communications with a sense of urgency to elicit a quick response. Mobile devices can justify typographical errors or formatting issues, enhancing their perceived legitimacy. Additionally, unfamiliarity with colleagues’ personal email addresses often leads recipients to overlook discrepancies in the email's authenticity, especially when the names in the header and signature appear correct. Conversation Hack This threat emerges after a cybercriminal gains access to an internal account, inserting themselves into an ongoing legitimate conversation by using a similar domain and removing any incriminating traces, thereby isolating the hacker and their new target. Why is it hard to detect? The existing trust between the victim and a legitimate conversation participant makes the intrusion less suspicious. The main clue might be a minor change in the email address or domain, which can easily be overlooked, especially when the recipient is using a mobile device, distracted, or not thoroughly checking the sender’s details. Identity Theft This includes service identity theft, where hackers impersonate familiar applications to steal login information, and brand hijacking, where cybercriminals use stolen domains to pose as well-known companies. Why is it hard to detect? Users are accustomed to receiving legitimate requests from popular services to re-enter their credentials, making such fraudulent requests appear trustworthy. This often leads to victims inadvertently visiting phishing sites via deceptive links without much scrutiny. Given these varying security practices, the end user is often the primary target for these criminals. Raising awareness and providing ongoing education to company employees are essential strategies in bolstering cybersecurity. Let our experts help you enhance your organization's security measures. Contact us for more information.

#cybersecuritynews #cybersecurity #cybernews #latestcybernews #data #cybersecurityawareness #latest #cyberspace #latesttechnewstoday #cyberfraud #cyberscam #scams #cybercrime #cybercriminals #frauds #scammers #fraudsters #fraudulent 🔴 In a recent case of cyber fraud, the human resources (HR) manager of a US-based IT company was tricked into purchasing Apple gift cards worth Rs 10 lakh. Cybercriminals, impersonating the company’s CEO, managed to deceive the HR manager into believing the purchases were necessary as gifts for all employees, The Indian Express reported. 👉 The scam, known as a ‘whale phishing’ attack, led to an investigation after the HR manager reported the incident to Paud police station under Pune Rural police jurisdiction. 🔴 How was the whale phishing attack carried out? 👉 The fraudulent activity began when the HR manager received a WhatsApp message from an unknown number with a US code earlier this year. The sender claimed to be the CEO of the firm, and the message included a profile picture of the CEO, making it appear legitimate. The message explained that the CEO was busy on a conference call and did not want to be disturbed, instructing the HR manager to purchase Apple gift cards worth Rs 5,000 each for the company’s employees via Amazon. https://lnkd.in/gHNpC-m9

Recovering from a WhatsApp account compromise due to phishing involves a strategic approach to regain access and secure your digital presence: 1. Reactivate WhatsApp on Your Device Attempt to reactivate your account on your device with your phone number. This can potentially log out the attacker. 2. Contact WhatsApp Support If unable to reactivate, email support@whatsapp.com with “Lost/Stolen: Please deactivate my account” and your phone number in international format. WhatsApp will temporarily deactivate your account, preventing further misuse. 3. Inform Your Contacts Alert your contacts about the compromise to prevent the spread of the scam. 4. Secure Your Email and Other Accounts Change passwords and enable two-factor authentication on your email and any accounts linked to your phone number. 5. Regain Control of Your Phone Number Contact your mobile service provider to secure your phone number if it has been cloned or ported. 6. Reactivate and Secure Your WhatsApp Account Once your phone number is secure, reactivate your WhatsApp account. Immediately enable two-step verification for added security. 7. Review Account Security Examine and utilize security features on WhatsApp and other platforms to enhance your digital security. 8. Educate Yourself Learn about cybersecurity practices to protect yourself from future attacks and share your knowledge to help others. 9. Consider Legal Action Report the incident to law enforcement if it involved financial loss or identity theft. Quick and informed actions are crucial for mitigating damage and preventing future compromises.

A SIM Swap Scam or SIM Cloning Scam exploits a vulnerability in a two-factor authentication (2FA) system that relies on SMS messages for verification codes, where attackers aim to gain control of the victim’s mobile phone number by convincing the victim’s mobile carrier to transfer the number to a new SIM card under the attacker’s control. The attacker typically initiates the scam by acquiring the victim’s personal information, including their phone number, which can be obtained through various means, such as data breaches, social engineering attacks (e.g., phishing emails or smishing attacks), or by purchasing the information on the dark web TOM SHAW

🗞️ Fake Recruiters Unleash Banking Trojan via Malicious Apps Cyber attackers have devised a new phishing scam where they pose as recruiters, offering fake job opportunities to distribute the Antidot banking trojan on Android devices. This malware allows for remote control and credential theft. Key takeaways: 👥 Recruitment Deception: Scammers impersonate recruiters from a Canadian company named Teximus Technologies, luring victims with job offers for remote customer service positions. 📲 Malicious App Distribution: Victims are tricked into downloading a harmful Android app, disguised as part of the recruitment process, which then installs the banking trojan. 🔓 Trojan Capabilities: Antidot steals credentials and gains remote control over the device, enabling attackers to perform unauthorized actions. 🔎 Network of Fake Domains: The scam involves a phony domain network that hosts and distributes malware-laden APK files, posing as CRM apps. 🔒 Security Measures: Zimperium advises users to be cautious of unsolicited job offers and to verify app sources before installation, advocating for robust mobile security practices. 🔗 https://lnkd.in/e-STYXuk #FakeRecruitment #BankingTrojan #CyberScam #CyberSecurity #PhishingScam #MobileMalware #BankingSecurity #JobScam #kraven #KravenSecurity #adamgoss #cti #threatintelligence