This Week in Security News: LokiBot Impersonates Popular Game Launcher and DRBControl Espionage Operation Hits Gambling, Betting Companies

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 21 Feb 2020 13:45:26 +0000

week in security

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a variant of LokiBot that has been discovered impersonating a popular game launcher, known for Fortnite, to trick users into executing it on their machines. Also, read about how an advanced threat actor has been targeting gambling and betting companies with malware linked to two Chinese hacker groups.

Read on: 

LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File

LokiBot, which can harvest sensitive data such as passwords and cryptocurrency information, has been discovered impersonating game launcher Epic Games—the company behind games such as Fortnite–to trick users into executing it on their machines. Further analysis revealed that a sample of this variant employs a quirky, installation routine that involves dropping a compiled C# code file.

DRBControl Espionage Operation Hits Gambling, Betting Companies

An advanced threat actor has been targeting gambling and betting companies with malware that links to two Chinese hacker groups. The mission — named “DRBControl” by security researchers — appears to be cyberespionage and includes stealing databases and source code from the targets. Researchers at Trend Micro painted a larger picture of DRBControl’s activities after analyzing a backdoor used by the group against a company in the Philippines.

Uncovering Risks in Ordinary Places: A Look at the IoT Threat Landscape

As the IoT continues to become more integrated into enterprises and homes, the threat landscape also expands. In this blog, Trend Micro looks at the most significant threats and vulnerabilities in IoT devices on the edge of the network, within the network itself, and on the cloud; as well as gains insights from the cybercriminal underground.

Newly Discovered Vulnerability Can Let Hackers Impersonate LTE Mobile Device Users, Researchers Say

German researchers have found a new vulnerability on 4G/LTE mobile devices that could allow hackers to impersonate the phone’s owner. In this article, Mark Nunnikhoven, vice president of cloud research for cybersecurity firm Trend Micro, discusses the threat level of this vulnerability and its risks, which include  running up a person’s bill by making international calls or using premium services offered by the victim’s provider, like a TV streaming service.

Fake Dating Apps Found as Top Source of Malware in Africa

According to research from Kaspersky, 7,734 attacks from 1,486 threats were detected, affecting 2,548 mobile users from the continent. The countries with the most recorded attacks were South Africa with 58%, as Kenya (10%) and Nigeria (4%) trail behind.

US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to all industries operating critical infrastructures about a new ransomware in response to a cyberattack targeting an unnamed natural gas compression company’s internal network, encrypting critical data and knocking servers out of operation for almost two days. 

Plugin Leaves Nearly 100,000 WordPress Sites Vulnerable to Compromise

According to a report by WebARX, a vulnerability in a plugin for WordPress themes allows remote attack execution, gives full administrator rights, and can possibly even wipe out the entire website database. The vulnerability was discovered in ThemeGrill Demo Importer, a plugin that offers demo options for themes, widgets, and other content that can help customize websites.

MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer

A hacking forum this week published personal details of more than 10.6 million guests who stayed at MGM Resorts, the result of a breach due to unauthorized access to a cloud server that occurred at the famous Las Vegas hotel and casino last summer. Those guests included celebrities, tech CEOs, reporters, government officials, and employees at some of the world’s largest tech companies.

Stolen Credit Card Data Concealed through Fake Club Membership Cards

Stolen credit card data has been disguised through counterfeit club membership cards, as revealed by the U.S. Secret Service and reported by Brian Krebs. The cards, purportedly for exclusive use at name-brand retailers, had barcodes that contained the credit card information as well expiration dates and card verification values (CVVs). 

Adobe Releases Out-of-Band Patch for Critical Code Execution Vulnerabilities

Adobe has released an out-of-schedule fix to resolve two vulnerabilities that may expose user systems to code execution attacks. Users of Adobe Media Encoder and After Effects should update their software builds immediately. The tech giant thanked researcher Francis Provencher, alongside Matt Powell from Trend Micro’s Zero Day Initiative for reporting the vulnerabilities.  

Surprised by the scale of the giant MGM Grand breach? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: LokiBot Impersonates Popular Game Launcher and DRBControl Espionage Operation Hits Gambling, Betting Companies appeared first on .

http://feeds.trendmicro.com/TrendMicroSimplySecurity