Researchers discovered a new malware, named Xbash, targeting servers of various platforms, with four different versions seen in the wild actively seeking unprotected services, exploiting vulnerabilities, and deleting databases in modern OS systems.

A newly discovered malware was reported to have combined ransomware, coinminer, botnet and worm feature together.

The malware attacks both Windows and Linux systems in different ways. It deletes database on Linux while mines for cryptocurrency on Windows.

Generally, Xbash malware is likely to attack the system that is protected with a weak password or running with unpatched known vulnerabilities. On Linux, researcher found that Xbash malware is clearly instructed to delete the vic

According to a information given by the US Federal Bureau of Investigation the Automated Teller Machine (ATM) around the world are at risk of an imminent cyber attack.

A confidential FBI alert sent to banks stated that the scheme, known as an “ATM cash-out”, could take place in a matter of days.

“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global ATM cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’.”

The ‘unlimited operation’ that the FBI is concerned about is when the cybercriminals deploy malware to obtain bank customer card information and network access in a way

The Eurogamer’s cybersecurity experts have recently detected a new game (published on Steam gaming platform) accused of mining cryptocurrency without user consent.

The game is called Abstractism and presents itself as a minimalist platformer title. Multiple players have left negative reviews with screenshots showing evidence the game installs a Trojan virus disguised as a steam.exe process along with malware under the name "abstractism launcher". According to the Eurogamer’s report the viruses are likely installing cryptocurrency mining software, which presents a huge risk for the players.

The cryptocurrency mining malwares are known to damage computer performance, increase electricity bills, and even infect cloud infrastructure.

A fake BZWBK bank application for Android systems has recently appeared in the Google Play store. As reported by the Niebezpiecznik portal, the application's task is to steal login details and intercept the text messages.

The application was displayed under the name BZWBK light, and even though it was available just for one day, the fake app was installed more than 1000 times. Such a large number of downloads is most likely connected with the launching of a wide advertising campaign, which allowed to popularize the app on various websites, like for example Wykop.pl.

The fake application has been removed from the Google Play store, however, it is still available in other, unofficial app stores.

Cyb

A while ago, Microsoft Corporation has encountered a rapidly spreading cryptocurrency-mining malware, dubbed Dofoil, aka Smoke Loader, that infected hundred of thousands of computers within just several hours.

According to the Microsoft internet security experts, Dofoil includes a resource-draining cryptocurrency-mining payload. It connects to a remote site and downloads and executes arbitrary files, which can also download and run other malware.

Cryptocurrency-mining malware, or just cryptomining malware, is a relatively new term that refers to software programs and malware components developed to take over a computer's resources and use them for cryptocurrency mining without a user's explicit permission.

Besides the crypto

Cybercriminals have taken control of the NEO24.pl online store by sending out messages about a false special offer.

The customers have received SMS messages informing about a 30% discount on all items in the store. The message contained a link redirecting to mistrzostwa.neo24.pl. NEONET appeared as the sender of the message on the users' devices.

As per the information from the Next portal, where the press office has sent its statement, the NEO24.pl company has undertaken all necessary steps in order to minimize the results of the operation of the hackers, shutting down the mistrzostwa.neo24,pl domain and the server which was the target of the attack.

The mBank warns smart phone owners with the Android system of a new malicious application. The device may get infected by using authorized application stores or links sent in an SMS message, which may redirect to the Google Play Store or to an unauthorized store.

The malicious application simulates the smart phone's operating system update which results in infecting the device. When an attempt to log into the mBank application is made, the user sees a so-called overlay - an additional window where you normally enter the ID and password to log into the mobile banking system. The above data is transferred to the cybercriminals.

The application's permissions allow to take over control of SMS

Cryptocurrency has made a number of profits for the holders, and it attracts hacker to mine for the money in the past time. These days, it was revealed that hackers use so called “clipboard hijack attack” to change the users’ bitcoin addresses and replace the address with their own to get the cryptocurrency.

What is a clipboard hijack attack? A clipboard hijacking is an exploit in which the attacker gains control of the victim's clipboard and replaces its contents with their own data, such as a link to a malicious Web site.

How does the attacker steal money with the clipboard hijacker attack? To send cryptocurrency, users should use a flexible address to finish the transfer. As a result, most of them are likely to paste their addresses t

The OLX advertising portal warns against false announcements. According to the portal some of the recently added messages contain a link with infected application.

Fake messages usually refer to job offers and in some cases also to free toy giveaways. Any person who, in response to an advertisement, has sensed his or her CV receives a link allegedly leading to a new application, which the victim is asked to test.

However, in reality the application infects the victim's device with a vicious malware, capable for example of intercepting the victim's bank logging data.

The security experts from Next portal have denoted the malwares as Spy.Banker

Internet users have been receiving e-mails informing them about the possibility of claiming a tax refund. This scam is particularly dangerous considering that its victims may lose all the money from their bank accounts. This time, the scam has been targeted at clients of PKO BP.

The e-mail purports to come from the Polish Ministry of Finance. The victim is assured that they are eligible for a tax refund following the last calculations of their fiscal activity. To claim the refund, the victim needs to file a tax refund claim form, which is attached to the e-mail.

If the attachment is opened, the computer becomes infected. As a result, when the user tries to access the PKO BP website, they are redirected to its spoofed version. If the user does

Google Chrome has been used in an attack on Internet users. Cybercriminals have been convincing users to install Chrome Web Store extensions that promise free movies.

Installing such an extension involves a risk: instead of movies, the victim is redirected to a fake site that displays malicious ads (malvertising).

Malicious ads display false information about the device being infected. By clicking on the provided link, the user downloads a program that alerts them of nonexistent viruses; however, a payment is required in order to remove them.

Malicious ads can also be used to infect the victim’s computer with ransomware or use its processing power to mine cryptocurrency.

Cybercriminals are impersonating the Polish division of TNT Express Worldwide. The company’s clients have been receiving e-mails containing an electronic invoice for a completed transport of equipment from Walter Kompressortechnik Polska.

The cybercriminals are counting on the assumption that TNT Express provides services to clients of Walter Kompressortechnik.

According to AVLab, the e-mail is sent from Sweden and passes through an improperly secured SMTP server. The information is sent from a nazwa.pl server.

It is best to delete this e-mail immediately without opening the attached file, as it will most likely infect your device.

Jailbreaking experts have found a vulnerability in iOS apps that allows hackers to run malicious code. However, no details as to how the bug can be exploited have been released so far.

In order for malicious code to be run in an app, the device has to be connected to a WiFi network controlled by a hacker.
The vulnerability may lie in the ZipArchive utility; however, this has not yet been confirmed by the Pangu team. A list of potentially infected apps has been published, including Instagram, Pandora and Dropbox.

Apple has not officially confirmed the existence of the security bug. The issue may also affect Android apps, as many of them have the same bug.

The internet security experts from ESET company have discovered a new version of the BackSwap banking trojan. So far, the malware has been targeting the clients of five Polish banks: PKO Bank Polski, Bank Zachodni WBK S.A., mBank, ING, and Pekao.

However, due to its effectiveness, the researchers are convinced that the new trojan is bound to spread to other banking systems in the upcoming future.

The new strain is considered to be highly dangerous because it implements a new technique to steal money from bank customers. In short, the BackSwap Trojan can change the account numbers in online transfers system. The entire operation is done without the account holder’s knowledge.

This is a seemingly simple trick that neverthele

The G DATA's security experts have calculated that a new piece of Android malware is discovered every 10 seconds!

This unfavourable statistic is reflected by the appearance of 25 new malicious applications in the Google Play store. According to the SophosLabs all the apps contained a dangerous malware, identified as Andr/Guerilla-D, and were designed to pass as innocent-looking photo editors.

A full list of malicious applications can be found here.

It is disturbing that - yet another - malware has made it past Google’s Android app review process and were succes