Published on July 13th, 2019 📆 | 2628 Views ⚑
0Agent Smith Malware Hits 25 Million Android Devices | Avast
Bad actors have pushed variants of the Agent Smith malware to users through unofficial Android app stores, infecting up to 25 million devices, Bleeping Computer reported. Security analysts identified over 360 different dropper strains of the malware, being distributed in malicious game, photo, and adult content apps for over two years.Â
The apps infect devices with Agent Smith, a malware that replaces real apps with tainted fake versions that flood the devices with ads. The malware can also monetize real ads on the device by hijacking an ad event and reporting it to an ad broker with the hackerâs own campaign ID. So far, Agent Smith has only been used to push ads, but security experts agree its bag of tricks could be applied to other criminal purposes, including credential-stealing and data theft.Â
Users lower the risk of downloading malicious apps when they use official app stores, which always have stronger security and filtering than third-party shops. âAs users we need to disable the option to install apps from untrusted sources,â warns Avast researcher Luis Corrons. âWhile itâs true there can be malware in the official stores, in unofficial app stores you can be certain there is malware in a number of apps.â
This weekâs stat
$353 million â the amount handed down in GDPR fines in two days this week by the British watchdog agency the Information Commissionerâs Office (ICO).Â
Firmware flawed in GE anesthesia machines
Two models of hospital anesthesia machines made by General Electric (GE) have flaws in their firmware which could allow potential attackers to alter device settings remotely, ZDNet reported. When connected to the same network, hackers can execute commands on the GE Aestiva and GE Aespire, versions 7100 and 7900, that can adjust gas composition, change gas density, silence alarms, and modify the timestamps inside logs.Â
In its risk analysis published on the GE Healthcare site, the company acknowledges the risks exist, but it maintains âthere is no introduction of clinical hazard or direct patient risk.â The company states that because they are âattended devices,â primary control of the machine is always in the physicianâs hands. GE advises hospitals to eliminate the risk completely by keeping the anesthesia machines offline. If they must be connected to a network, GE recommends using âsecure terminal servers.âÂ
Mac Zoom users at risk of webcam spying
A software engineer discovered a major flaw in the Mac version of the video conferencing app Zoom. Because the app uses a local web server, hackers can join calls without permission. The flaw finder told The Independent that he estimates 4 million users could be affected by the security bug. This week, Zoom released a patch that removes the local web server from a userâs Mac. Once they update, users will also get the new menu option âUninstall Zoomâ for easier deletion of the app.Â
Avast researcher Martin Hron said the incident creates potential for corporate espionage or video exfiltration â and poses risks for consumers. âThis vulnerability could result in a privacy nightmare if their work computers are used at home or for personal reasons. The reports state that any website can turn on the Zoom client with the video feed enabled, which essentially could turn a casual browsing session into a serious invasion of privacy in the home.â
This weekâs quote
âYou see a hill on the horizon, and then it approaches you, and you ride over it, and then it passes you by. You get a sense of the landscape you would not have otherwise. It is exhilarating. It is ultimate freedom.â â Avast Data Scientist Monika Seidlova on the winter sport of snowkiting, her passionÂ
U.S. Coast Guard issues cyberattack warning
The U.S. Coast Guard released a Marine Safety Alert that warns against cyberattacks and strongly recommends specific security measures. The alert referenced the cyberattack on an international shipping vessel earlier this year and cautioned âwith engines that are controlled by mouse clicks, and a growing reliance on electronic charting and navigation systems, protecting these systems with proper cybersecurity measures is as essential as controlling physical access to the ship.â
To âimprove the resilience of vessels and facilities,â the Coast Guard recommended owners and operators adopt several security measures including segmenting networks, creating per-user profiles and passwords, taking extra precautions with external media, installing antivirus suites, and patching diligently. âMaintaining effective cybersecurity is not just an IT issue,â the alert stated, âbut is rather a fundamental operational imperative in the 21st century maritime environment.â
This weekâs âmust-readâ on The Avast Blog
Hand-written espionage documents, declassified files, IoT devices, and a centuryâs worth of secret communications and never before seen artifacts can now be spied for the very first time at Top Secret: From Ciphers to Cybersecurity, a London Science Museum exhibit co-sponsored by Avast.
U.S. mayors unite against ransomware payments
At its 87th annual meeting, the U.S. Conference of Mayors issued a resolution that pronounced the organization âstands united against paying ransoms in the event of an IT security breach.â SC Magazine reported that in the resolution, the Conference of Mayors stated that paying ransoms only encourages attackers to attack more, and that municipal governments need to de-incentivize the attacks by offering no financial reward.Â
The decision comes on the heels of two Florida cities â Riviera Beach and Lake City â paying ransoms that collectively totaled over $1 million. In contrast, Atlanta and Baltimore also suffered ransomware attacks but did not pay the ransoms, and recovery fees have reached $17 million and an estimated $18 million respectively. The resolution against paying ransoms was introduced by Baltimore Mayor Jack Young.Â
Learn more about products that protect your digital life at avast.com. And get all the latest news on todayâs cyberthreats and how to beat them at blog.avast.com. Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all of your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN.
Gloss