Our service, like many others, uses cookies (ie. Cookies) to work better. 
Sign in  
  1. Home
  2. Blog
  3. Post

Friday 3 February 2017, Poradnik bezpieczeństwa

Damage caused by malware

Lost24

Malware campaign was disclosed , by using the gaps in store software, the malicious javascript code "was injected" to subpages of the shop. 


Among victims was one of American shops of Republican party which volume of visitors estimates to 350 000 visits monthly and data of credit cards of customers was transmitted to Russia. The profit of criminals is estimated for about 600 000 dollars. 


According to the sekurak portal almost 6 thousand shops are skimmed for a lot of months, there are also domains from Poland. 

Trekker Sport shop, which was also affected by this problem, conducted the analysis in the testing environment. Basing on the analysis, the shop states that "injected" script did not redirect and the damage could touch upon only the shops which gather data on their side and then the customer is redirected to the payment. 


Svpeng Trojan stealing information concerning bank cards and personal data, infected 318 000 users of Android devices. It all happened due to the error in the Google Chrome browser which was used by  cybercriminals. 

Apart from thefts of data from bank cards, the Trojan also collects the history of our connections, text messages or contacts. At the moment, the victims of the attack were Russian-speaking countries. Experts from Kaspersky Lab inform  that the Trojan makes use of an AdSense platform, in order to show infected commercials. 


How does Trojan get to our mobile devices? 


Cybercriminals have found the gap in security features of the Chrome browser for Android systems. The browser each time shows the warning about detecting the dangerous object, also while downloading the file via the outside www reference mark. Cybercriminals used the breach in the protection.  In case of downloading the APK file, such notification was not  shown. 

Trojan is downloaded onto our Android device  when we use the Chrome browser to visit website with infected advertisement. Next,  Svpeng fakes the update for example of our browser in order to force us to approve the installation. When Trojan installs itself on our device, it asks us to grant the rights of the administrator. 


Fortunately for the users of Chrome browser, experts from Kaspersky Lab reported the detected problem to Google company which subsequently prepared the update removing the  gap in the browser.