At a glance.
- RAT infestation hits bitcoin users.
- Cybercriminal posts American Express accounts for free.
- Phishing scam targets Singaporean citizens.
- T-Mobile suffers yet another data breach.
RAT infestation hits bitcoin users.
Researchers at cybersecurity company Intezer have discovered a remote access Trojan (RAT) campaign targeting Bitcoin users, Hacker News reports. They're calling it "ElectroRAT," and it distributes malicious apps created on the open-source Electron app framework using the programming language Golang, making it difficult to detect with antivirus detectors. Two of the three malicious apps are disguised as cryptocurrency trading platforms and the third as a cryptocurrency poker app. The attack is unique in that the apps were created from square one for the campaign, and the RAT targets multiple operating systems including Windows, Linux, and macOS. Once the malware takes hold of the victim’s system, it can capture keystrokes and screenshots, upload and download files, and execute threat actors’ commands via a C2 server. So far an estimated 6,500 victims have been impacted.
Phishing scam targets Singaporean citizens.
TODAYonline reports a Singaporean bank phishing scam that has cybercriminals posing as officials from Singaporean government agencies. The threat actors contact victims via voice call or text message, sometimes using spoofed phone numbers to make it look as if they're calling from Singapore. They then ask the victim to verify their banking credentials in order to resolve an “issue” with their account. Singaporean police are warning the public to be vigilant, as reported cases of these types of scams have risen exponentially in the country in the past year.
Coming attractions: hacker posts American Express accounts for free.
A cybercriminal has published the credit card information for ten -thousand Mexico-based American Express account holders, reports Bleeping Computer. In what appears to be an advertisement for his (or her, or their) services, the hacker (or hackers) posted an online database including full credit card numbers, names, dates of birth, and other personally identifiable information on a hacking forum with the promise that he can acquire and is willing to sell additional data from American Express, Santander, and Banamex customers. It does appear the hacker has his limits, though; he expressed that the data should only be used for marketing spam, not for fraudulent purchases, which is likely why he withheld expiration dates and other info necessary to complete a transaction. American Express has been notified of the incident but hasn't said much beyond urging their customers to report any unusual activity.
T-Mobile suffers yet another data breach.
US wireless network operator T-Mobile disclosed to customers last week that it has experienced its fourth security breach in three years, reports ZDNet. An investigation revealed that threat actors gained access to customer phone numbers and other customer proprietary network information, but it appears no names, addresses, financial data, or other personal info were compromised. TechCrunch reports that approximately 200,000 individuals were impacted, or about .2% of the company’s base, which seems like a drop in the bucket compared to the 2 million customers compromised in 2018’s breach and 1 million in 2019. Since its merger with Sprint last year, T-Mobile is the third-largest cell phone carrier in the US.