Google Chrome has been used in an attack on Internet users. Cybercriminals have been convincing users to install Chrome Web Store extensions that promise free movies.

Installing such an extension involves a risk: instead of movies, the victim is redirected to a fake site that displays malicious ads (malvertising).

Malicious ads display false information about the device being infected. By clicking on the provided link, the user downloads a program that alerts them of nonexistent viruses; however, a payment is required in order to remove them.

Malicious ads can also be used to infect the victim’s computer with ransomware or use its processing power to mine cryptocurrency.


Cybercriminals are impersonating the Polish division of TNT Express Worldwide. The company’s clients have been receiving e-mails containing an electronic invoice for a completed transport of equipment from Walter Kompressortechnik Polska.

The cybercriminals are counting on the assumption that TNT Express provides services to clients of Walter Kompressortechnik.

According to AVLab, the e-mail is sent from Sweden and passes through an improperly secured SMTP server. The information is sent from a nazwa.pl server.

It is best to delete this e-mail immediately without opening the attached file, as it will most likely infect your device.


Jailbreaking experts have found a vulnerability in iOS apps that allows hackers to run malicious code. However, no details as to how the bug can be exploited have been released so far.

In order for malicious code to be run in an app, the device has to be connected to a WiFi network controlled by a hacker.
The vulnerability may lie in the ZipArchive utility; however, this has not yet been confirmed by the Pangu team. A list of potentially infected apps has been published, including Instagram, Pandora and Dropbox.

Apple has not officially confirmed the existence of the security bug. The issue may also affect Android apps, as many of them have the same bug.


The internet security experts from ESET company have discovered a new version of the BackSwap banking trojan. So far, the malware has been targeting the clients of five Polish banks: PKO Bank Polski, Bank Zachodni WBK S.A., mBank, ING, and Pekao.

However, due to its effectiveness, the researchers are convinced that the new trojan is bound to spread to other banking systems in the upcoming future.

The new strain is considered to be highly dangerous because it implements a new technique to steal money from bank customers. In short, the BackSwap Trojan can change the account numbers in online transfers system. The entire operation is done without the account holder’s knowledge.

This is a seemingly simple trick that neverthele


The G DATA's security experts have calculated that a new piece of Android malware is discovered every 10 seconds!

This unfavourable statistic is reflected by the appearance of 25 new malicious applications in the Google Play store. According to the SophosLabs all the apps contained a dangerous malware, identified as Andr/Guerilla-D, and were designed to pass as innocent-looking photo editors.

A full list of malicious applications can be found here.

It is disturbing that - yet another - malware has made it past Google’s Android app review process and were succes


The WhatsApp users are being warned about new “text bomb” messages that can cause their iOS and Android handsets to break down and stop working properly.

According to the security experts, the phones receiving the “text bomb” message are unable to open it properly, leading the app to shut down. The dangerous messages are being spread in two varieties. The first one contains a laughing emoji, and a “Read more” text. The second one features a black dot followed by the words “if you touch the black point then your WhatsApp will hang”. Tapping on the “Read more” or the black dot causes the phone to freeze and, eventually, to shut down entirely.

In order to prevent any unforeseen future problems, anyone who has received the “t


A new piece of ransomware locks the files of infected computers until its victims play a round of the popular battle-royale shooter, PlayerUnknown’s Battlegrounds (PUBG).

The malware, called "PUBG Ransomware", was first discovered by MalwareHunterTeam. Like other types of ransomware, it works by encrypting the user’s files to make them inaccessible until the victim does something that will decrypt them. Unlike other types of ransomware, this one does not involve the extortion of money, but simply wants the victim to play PUBG for an hour.

According to the MalwareHunterTeam, PUBG ransomware works by scanning the computer’s running processes for the “TslGame.exe” process, which assumedly triggers whenever the  PUBG g


The AdGuard Research reports that over 20 million of Chrome browser users have unwarily infected their devices by installing a fake adbloker apps (freeware software designed to block unwanted/annoying advertisements).

The victims were tricked into downloading the fraudulent software after it was hosted on the Chrome Web Store.

The AdGuard security researchers has spotted five malicious ad blockers extension in the Google Chrome Store: AdRemover for Google Chrome (10 million users), uBlock Plus (8 million users), Adblock Pro (2 million users), HD for YouTube (400,000 users) and Webutation (30 million users).

These five malicious extensions are copycat versions of some legitimate, well-known Ad Blockers. Creators of t


The security experts from Malwarebytes Labs have observed a malware campaign delivering fake updates that infect victims computers with various malware. The campaign distributes malicious JavaScript files via compromised websites.

The compromised websites are exploited via outdated Content Management Systems (CMSs) that are vulnerable to malicious code injection. When a user visits one of the compromised sites, an injected JavaScript file loads a new template over the page claiming they are using an old version of Adobe Flash Chrome, or Firefox and starts the download of a fake update, disguised as a JavaScript file.

The JavaScript contains obfuscation maneuvers that prevent it from being detected by security programs. It collects information


A yet unknown group of scammers is abusing the Biedronka discount store brand. The offer is tempting – a voucher worth of 50 PLN for shopping in the store – which can be “easily obtained” by making one single bank transfer of 5 PLN.

The security experts from Cert Polska believe that this is one of the most dangerous phishing attacks. If the victim is tempted by the offer and enters the website www.bony-biedronka.com, he or she will be asked to make the money transfer by using a fake Dotpay service. By doing so, the victim unknowingly grants the fraudsters full access to his or hers bank account.

The fake Dotpay website is confusingly similar to the original, and also uses the SSL certificate issued by Let's Encrypt. Money lose occurs a


Under Armor – the developer of MyFitnessPal application – has recently requested (via e-mail) all the apps users to immediately: ”Change your password for any other account on which you used the same or similar information used for your MyFitnessPal account”. It further suggested to: “Review your accounts for suspicious activity and be cautious of any unsolicited communications that ask for your personal data or refer you to a web page asking for personal data”. In conjunction with the announcement of the event itself, the company assured the users that the theft of data was limited to user names, e-mail addresses and encrypted passwords.

The company became aware of it on March 25th, and deduced that unauthorized parties had access to the accounts si


The internet security experts from Kaspersky Labs have recently found a trail of a crafty malware, which has been running loose within the network for OVER SIX YEARS!

The malware was discovered by accident. The Kaspersky Labs’ team was analyzing a piece of keylogging code and decided to scan to see if it could be found elsewhere. The malware’s signature turned up in a seemingly innocent file on another computer labelled scesrv.dll.

The malware, denoted as Slingshot, is a cunning and very dangerous software, that can collect all kinds of information from compromised computers, including screenshots, passwords, keyboard data, and other information. Slingshot tries very hard to stay under the radar using a selection of advanced techniques, in


According to the IBM X-Force, the number of attacks with the TrickBot virus has recently significantly increased. The main goal of TrickBot are cryptocurrencies and cash funds accumulated on bank accounts.

The virus infection occurs by installing an application from a suspicious source or via a link received in an SMS message. The infection connects a number of Internet-connected computers into one network, establishes communication with command and control (C&C) servers, and initiate malicious activity, such as distributed denial-of-service (DDoS) attacks.

The malicious Trojan appears to be capable of extracting login information, which might allow it to hijack online banking accounts. If that is done successfully, the infection can t


The unknown group of cyber criminals, impersonating the Przelewy24 payment platform, have flooded the OLX portal with tempting offers.

The scheme is simple, the fraudsters are looking for so-called bargain hunters, offering equipment up to 80% cheaper than market prices. If the transaction takes place, the buyer/victim is asked to cover the shipping costs via the InPost company. For this purpose, the victim receives a link to the fake Przelewy24 payment panel, which is confusingly similar to the original. However, the choice of payment methods is much smaller than in the original one. The buyer can choose only from several banking login panels belonging to mBank, PKO BP, BZ WBK, Millenium and Alior Bank.

The vigilance of the victim is dormant,


If you got received a message on the Whatsapp communicator from a friend about the super promotion offered by LOT Airlines, due to their 89th birthday – watch out because it is a scam.

The message also includes a link to the page, which does not belong to LOT Airlines. According to Niebezpiecznik.pl website, a special character replacing the letter "o" was used in the website address.

In order to authenticate the entire scam, the authors of the site have placed fake positive opinions that ought to reassure the victims that they are actually able to win a free flight ticket.

If the victim clicks on the link in the message, he or she is asked to share his or her WhatsApp’s contact list. After completing this step