This Week’s Top 5 Cybersecurity News Stories April 2024 | 03

Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small, as we look at threats from espionage to security flaws in every day devices:

1. Police bust global cyber gang accused of industrial-scale fraud

Police have dismantled a gang operating LabHost, a service that enabled criminals to send fraudulent text messages and direct victims to counterfeit websites, leading to the theft of personal data including 480,000 card numbers. The operation, spanning 17 countries, resulted in 37 arrests and the seizure of numerous assets. LabHost reportedly earned nearly £1 million in profits from providing these “phishing” tools. This crackdown is part of a larger effort to combat online scams, which have surged in complexity and scale. For more about this story click here

 

2. New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks

A new Android trojan named SoumniBot is targeting South Korean users, employing advanced obfuscation techniques to evade detection. According to Kaspersky’s Dmitry Kalinin, the malware manipulates the Android manifest’s parsing, using methods such as invalid compression and oversized file declarations. SoumniBot is capable of stealing sensitive data like SMS messages and digital certificates used in online banking, and employs tactics to complicate its removal from infected devices. The complexity of its evasion methods showcases an evolving threat landscape in mobile malware.
For more about this story click here

 

3. Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

A new malvertising campaign exploits Google Ads and typosquatting to spread a sophisticated backdoor named MadMxShell, mimicking legitimate IP scanner software. Zscaler ThreatLabz researchers identified 45 domains posing as trusted tools, using these to deliver malware that compromises Windows systems. The campaign uses multi-stage DLL side-loading and DNS tunneling for stealthy command-and-control, complicating detection and analysis by security solutions. This method shows an evolved technique in cybercriminal strategies, using the financial loophole of Google Ads threshold accounts. For more about this story click here

 

4. R00TK1T Claims that They have Acquired Confidential Data from Nestle

The hacker group R00TK1T claims to have breached Nestle, the world’s largest food and beverage company, and stolen confidential data. This announcement was made via social media and has garnered significant attention from cybersecurity communities and corporate observers. Details about the data and the scope of the breach remain undisclosed. Nestle is conducting an internal investigation and emphasizes that safeguarding customer data is their top priority. This incident underscores the critical need for robust cybersecurity measures in major corporations. For more about this story click here

 

5. TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks

The threat actor TA558 has been using steganography to obscure a variety of malware, including Agent Tesla and LokiBot, within images and text files, according to Positive Technologies. Dubbed SteganoAmor, this campaign primarily targets sectors like industrial and construction in Latin America, with some attacks in Russia, Romania, and Turkey. The attacks start with phishing emails that exploit old security vulnerabilities to download malware. This method helps bypass email gateways and enhances the stealthiness of their operations. For more about this story click here

Here at DIESEC, we have experts on hand waiting to help you with all of your cybersecurity needs, from ensuring your system is safe and secure to teaching your employees how not to fall victim to social engineering ploys.

For more information please contact us now!