The mBank warns smart phone owners with the Android system of a new malicious application. The device may get infected by using authorized application stores or links sent in an SMS message, which may redirect to the Google Play Store or to an unauthorized store.

The malicious application simulates the smart phone's operating system update which results in infecting the device. When an attempt to log into the mBank application is made, the user sees a so-called overlay - an additional window where you normally enter the ID and password to log into the mobile banking system. The above data is transferred to the cybercriminals.

The application's permissions allow to take over control of SMS

Cryptocurrency has made a number of profits for the holders, and it attracts hacker to mine for the money in the past time. These days, it was revealed that hackers use so called “clipboard hijack attack” to change the users’ bitcoin addresses and replace the address with their own to get the cryptocurrency.

What is a clipboard hijack attack? A clipboard hijacking is an exploit in which the attacker gains control of the victim's clipboard and replaces its contents with their own data, such as a link to a malicious Web site.

How does the attacker steal money with the clipboard hijacker attack? To send cryptocurrency, users should use a flexible address to finish the transfer. As a result, most of them are likely to paste their addresses t

The OLX advertising portal warns against false announcements. According to the portal some of the recently added messages contain a link with infected application.

Fake messages usually refer to job offers and in some cases also to free toy giveaways. Any person who, in response to an advertisement, has sensed his or her CV receives a link allegedly leading to a new application, which the victim is asked to test.

However, in reality the application infects the victim's device with a vicious malware, capable for example of intercepting the victim's bank logging data.

The security experts from Next portal have denoted the malwares as Spy.Banker

Internet users have been receiving e-mails informing them about the possibility of claiming a tax refund. This scam is particularly dangerous considering that its victims may lose all the money from their bank accounts. This time, the scam has been targeted at clients of PKO BP.

The e-mail purports to come from the Polish Ministry of Finance. The victim is assured that they are eligible for a tax refund following the last calculations of their fiscal activity. To claim the refund, the victim needs to file a tax refund claim form, which is attached to the e-mail.

If the attachment is opened, the computer becomes infected. As a result, when the user tries to access the PKO BP website, they are redirected to its spoofed version. If the user does

Google Chrome has been used in an attack on Internet users. Cybercriminals have been convincing users to install Chrome Web Store extensions that promise free movies.

Installing such an extension involves a risk: instead of movies, the victim is redirected to a fake site that displays malicious ads (malvertising).

Malicious ads display false information about the device being infected. By clicking on the provided link, the user downloads a program that alerts them of nonexistent viruses; however, a payment is required in order to remove them.

Malicious ads can also be used to infect the victim’s computer with ransomware or use its processing power to mine cryptocurrency.

Cybercriminals are impersonating the Polish division of TNT Express Worldwide. The company’s clients have been receiving e-mails containing an electronic invoice for a completed transport of equipment from Walter Kompressortechnik Polska.

The cybercriminals are counting on the assumption that TNT Express provides services to clients of Walter Kompressortechnik.

According to AVLab, the e-mail is sent from Sweden and passes through an improperly secured SMTP server. The information is sent from a nazwa.pl server.

It is best to delete this e-mail immediately without opening the attached file, as it will most likely infect your device.

Jailbreaking experts have found a vulnerability in iOS apps that allows hackers to run malicious code. However, no details as to how the bug can be exploited have been released so far.

In order for malicious code to be run in an app, the device has to be connected to a WiFi network controlled by a hacker.
The vulnerability may lie in the ZipArchive utility; however, this has not yet been confirmed by the Pangu team. A list of potentially infected apps has been published, including Instagram, Pandora and Dropbox.

Apple has not officially confirmed the existence of the security bug. The issue may also affect Android apps, as many of them have the same bug.

The internet security experts from ESET company have discovered a new version of the BackSwap banking trojan. So far, the malware has been targeting the clients of five Polish banks: PKO Bank Polski, Bank Zachodni WBK S.A., mBank, ING, and Pekao.

However, due to its effectiveness, the researchers are convinced that the new trojan is bound to spread to other banking systems in the upcoming future.

The new strain is considered to be highly dangerous because it implements a new technique to steal money from bank customers. In short, the BackSwap Trojan can change the account numbers in online transfers system. The entire operation is done without the account holder’s knowledge.

This is a seemingly simple trick that neverthele

The G DATA's security experts have calculated that a new piece of Android malware is discovered every 10 seconds!

This unfavourable statistic is reflected by the appearance of 25 new malicious applications in the Google Play store. According to the SophosLabs all the apps contained a dangerous malware, identified as Andr/Guerilla-D, and were designed to pass as innocent-looking photo editors.

A full list of malicious applications can be found here.

It is disturbing that - yet another - malware has made it past Google’s Android app review process and were succes

The WhatsApp users are being warned about new “text bomb” messages that can cause their iOS and Android handsets to break down and stop working properly.

According to the security experts, the phones receiving the “text bomb” message are unable to open it properly, leading the app to shut down. The dangerous messages are being spread in two varieties. The first one contains a laughing emoji, and a “Read more” text. The second one features a black dot followed by the words “if you touch the black point then your WhatsApp will hang”. Tapping on the “Read more” or the black dot causes the phone to freeze and, eventually, to shut down entirely.

In order to prevent any unforeseen future problems, anyone who has received the “t

A new piece of ransomware locks the files of infected computers until its victims play a round of the popular battle-royale shooter, PlayerUnknown’s Battlegrounds (PUBG).

The malware, called "PUBG Ransomware", was first discovered by MalwareHunterTeam. Like other types of ransomware, it works by encrypting the user’s files to make them inaccessible until the victim does something that will decrypt them. Unlike other types of ransomware, this one does not involve the extortion of money, but simply wants the victim to play PUBG for an hour.

According to the MalwareHunterTeam, PUBG ransomware works by scanning the computer’s running processes for the “TslGame.exe” process, which assumedly triggers whenever the  PUBG g

The AdGuard Research reports that over 20 million of Chrome browser users have unwarily infected their devices by installing a fake adbloker apps (freeware software designed to block unwanted/annoying advertisements).

The victims were tricked into downloading the fraudulent software after it was hosted on the Chrome Web Store.

The AdGuard security researchers has spotted five malicious ad blockers extension in the Google Chrome Store: AdRemover for Google Chrome (10 million users), uBlock Plus (8 million users), Adblock Pro (2 million users), HD for YouTube (400,000 users) and Webutation (30 million users).

These five malicious extensions are copycat versions of some legitimate, well-known Ad Blockers. Creators of t

The security experts from Malwarebytes Labs have observed a malware campaign delivering fake updates that infect victims computers with various malware. The campaign distributes malicious JavaScript files via compromised websites.

The compromised websites are exploited via outdated Content Management Systems (CMSs) that are vulnerable to malicious code injection. When a user visits one of the compromised sites, an injected JavaScript file loads a new template over the page claiming they are using an old version of Adobe Flash Chrome, or Firefox and starts the download of a fake update, disguised as a JavaScript file.

The JavaScript contains obfuscation maneuvers that prevent it from being detected by security programs. It collects information

A yet unknown group of scammers is abusing the Biedronka discount store brand. The offer is tempting – a voucher worth of 50 PLN for shopping in the store – which can be “easily obtained” by making one single bank transfer of 5 PLN.

The security experts from Cert Polska believe that this is one of the most dangerous phishing attacks. If the victim is tempted by the offer and enters the website www.bony-biedronka.com, he or she will be asked to make the money transfer by using a fake Dotpay service. By doing so, the victim unknowingly grants the fraudsters full access to his or hers bank account.

The fake Dotpay website is confusingly similar to the original, and also uses the SSL certificate issued by Let's Encrypt. Money lose occurs a

Under Armor – the developer of MyFitnessPal application – has recently requested (via e-mail) all the apps users to immediately: ”Change your password for any other account on which you used the same or similar information used for your MyFitnessPal account”. It further suggested to: “Review your accounts for suspicious activity and be cautious of any unsolicited communications that ask for your personal data or refer you to a web page asking for personal data”. In conjunction with the announcement of the event itself, the company assured the users that the theft of data was limited to user names, e-mail addresses and encrypted passwords.

The company became aware of it on March 25th, and deduced that unauthorized parties had access to the accounts si