Here’s a review of last week’s posts on Malwarebytes Unpacked:
- Spammy Tumblr Apps and Stalker Hunting (Fraud/Scam Alert) “Who is Viewing Your Profile” reared its ugly head on Tumblr once more after seeing it last some time in February of this year.
- PUPS are Persistent (Malvertising) Security Researcher Jean Taggart discussed what are potentially unwanted programs, or PUPs, adding Malwarebytes’ stance on such software and sharing his eye-opening discussion with a friend.
- Fake Facebook Mails Lead to Pharma Spam (Fraud/Scam Alert) Spam claiming to be a Facebook reminder dropped in inboxes, notifying recipients that their messages will be deleted.
- Personalized News Service Used as Launchpad for Spammy Content (Online Security) CReAte Your Own Newspaper (CRAYON), a free online editor that has been in around since 1995, was found to exploited in order to house spammy content and link users to potentially risky sites.
- Justin Bieber themed 419 Mails are Heartbreakers (Fraud/Scam Alert) Spammer pretends to be a famous teen pop star giving away money, but unfortunately, his mother won’t let him.
- Philippine Government Site Infected with Spam Code (Hacking) The official website of the Department of Agriculture of the Philippines was suspected to be hacked as a piece of Blackhat SEO spam code was found.
- Android Features Used Maliciously (Mobile Security) Security researcher Armando Orozco discussed a couple of features in Android that miscreants can misuse for their malicious intent.
Top news stories:
- Don’t look, Snowden: Security biz chases Tails with zero-day flaws alert. Tails, Edward Snowden’s favourite OS, was found to contain several vulnerabilities that may be used to de-anonymize whoever its user is; however, the flaws will never be revealed by Exodus Intelligence, the outfit that found them. (Source: The Register)
- New banking malware ‘Kronos’ advertised on underground forums. After ZeuS, an infamous banking Trojan, came Kronos, which is capable of stealing information from highly popular Internet browsers: Internet Explorer, Firefox, and Chrome. (Source: CSO)
- Hackers abuse Bitly API in novel attack, reports Websense. Shortened URLs used in public by trusted online news outlets, such as MSNBC and NBC News, were used by criminals to exploit user trust on the brands, leading them to potentially harmful third-party sites. (Source: Computer Weekly)
Stay safe!
The Malwarebytes Labs Team