New Ransomware Steals Passwords

A new update to Angler the exploit kit, allows hackers to steal users’ passwords before encrypting their files and locking users out of their own machines.

While this mostly happen on poorly secure websites, it is still very important to remain aware of this potential issue. To read more about this issue and exactly how the malware works, check it out here.

Hackers and Samsung Galaxy Voice Calls

Hackers have found a way to remotely listen to and record voice conversations had on Samsung Galaxy phones, including the S6, S6 Edge or the Note 4.

This issue has been found to actually reside in the Samsung baseband chip, which comes in Samsung handsets. This attack is known as a man-in-the-middle (MITM) attack, and users have no idea that it is occurring.

To learn more about how this hack actually happens, check it out here.

Bug Found in Android Gmail App

All Android users need to be aware of this bug that has been discovered in the gmail app. The bug allows anyone to send spoofed emails where the email looks like it was sent by someone else.

Generally, the only things the hacker needs are a working SMTP (Simple Mail Transfer Protocol) and a mailing software. However, a local researcher found she could hide her real email address and change her display name so that the receiver could not actually see who the real sender was.

There are a number of precautions users can take to try and prevent this from happening to them. To learn more about this issue and the steps to take to protect yourself, click here.

Free Ransomware Decryption Tool

Have you been infected with the CoinVault or Bitcryptor ransomware? If so, there’s good news. You may now be able to recover your encrypted files for free.

Decryption keys were obtained from the server for CoinVault originally. After a second wave of code, a second generation of CoinVault, Bitcryptor was released. However, after the arrest of two men associated with these ransomware attacks, over 14,000 decryption keys have been obtained.

With the use of these keys and following some simple steps, you may be able to recover your files.

For a list of steps to follow, as well as more information on this topic, click here.

FitBit Trackers can be Hacked in Just Ten Seconds

It has recently been found that FitBits can be hacked wirelessly. By using the open bluetooth connection of the FitBit, hackers can first infect the FitBit, and then the malware will infect any devices that are synced to that FitBit.

Once it is infected, whenever the person who owns the FitBit goes to sync their fitness data with the FitBit servers, but in addition to the normal response message, it is infected with code.

How the hack works:

Learn more about this issue here.

Malware Can Delete and Replace Google Chrome with a Lookalike Browser

Google Chrome is a browser utilized by many. It has recently been found that there is a version of malware out there that can delete a user’s Google Chrome browser and replace it with a lookalike browser that can be harmful. This lookalike browser is so similar to Google Chrome that you likely would not notice any differences while browsing.

It is called an “eFast Browser” and it works by installing itself and running in place of Google Chrome. The main concerns with this malware is that it does all kind of malicious activities including:

  • Generates pop-up, coupon, pop-under and other similar ads on your screen
  • Placing other advertisements into your web pages
  • Redirects you to malicious websites containing bogus contents
  • Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue

As a result, if this browser installs itself on a computer it can lead to serious privacy issues, and potentially even identity theft.

Learn more about this issue by clicking here.

Apple Removes Malicious Ad Blockers from iOS Stores but Doesn’t Disclose App Names

Apple has recently announced that they have removed several apps that had the capabilities to install root certificates and allow monitoring of individual’s data. While this almost makes it seem like they were lacking in monitoring and auditing, for lack of a better term, their App Store, it is good news to know they have been removed.

Aside from that however, Apple has still not released the names of these apps which they removed from the store. As a result, any individual who has already downloaded the app to their iPhone or iPad still has the chance to be affected by this malware and have their personal information compromised. What makes this even more ridiculous, is that Apple is advising its users in how to uninstall malicious apps, while not revealing the names of these apps. It is a wonder how they expect people to take advantage of their advice when they refuse to tell the public which apps this included.

To read more on this interesting issue, click here.