Hackerzhome

hackerzhome-logo-bg
Hackerzhome-logo-sm

Cybersecurity news all over the world

HACKERZHOME NEWS

February 2, 2023

www.hackerzhome.org

Thursday

Apple App Store and Google Play are infiltrated with cryptocurrency scam apps

The administrators of “pig butchering,” or high-yield investment fraud, have discovered a way beyond the security measures in Google Play and Apple’s App Store, the official repositories for Android and iOS apps.


Scams involving the butchering of pigs have been going on for a while.They employ social engineering, deceptive advertising, and bogus websites.

Scammers can more easily win over a victim’s trust by including fake software on recognized download sites.


According to researchers at the cybersecurity firm Sophos, con artists contact their victims on Facebook or Tinder and persuade them to download fake applications and “invest” enormous sums of money into fictitious assets.


Such a campaign was seen by Sophos from the “ShaZhuPan” threat group, which is based in China. It demonstrates high organizational levels and separate teams for victim interface, finance, franchising, and money laundering.


The scammers use women’s profiles with photographs taken from other social media accounts to target male users on Facebook and Tinder.


The profiles that the con artists are in charge of were created to portray an opulent lifestyle, complete with images from upscale eateries, pricey stores, and far-flung locales.

NEWS 1
Apple App Store and Google Play are infiltrated with cryptocurrency scam apps

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

Researchers Find New Bugs in a Well-Known Image Processing Magick Tool

Two security holes in the free and open-source ImageMagick program that have the ability to cause DoS and information exposure have been identified by cybersecurity researchers.

The two problems were fixed in ImageMagick version 7.1.0-52, which was released in November 2022 and was based on issues discovered by the Latin American cybersecurity firm Metabase Q in version 7.1.0-49.

The faults are succinctly described as follows:
CVE-2022-44267- When parsing a PNG file with a single dash in the filename, a DoS flaw appears (“-“)
CVE-2022-44268 – When parsing an image, there is an information disclosure flaw that might be used to read any server-side files.

To exploit the weaknesses remotely, an attacker must be able to use ImageMagick to upload a malicious image to a website. For its part, the malicious image can be produced by injecting a text chunk with the attacker’s preferred information (e.g., “-” for the filename).

This is not the first time that ImageMagick has been shown to contain security flaws.

The software was found to contain a number of weaknesses in May 2016, one of which—dubbed ImageTragick—could have been exploited to provide remote code execution while handling user-submitted photographs.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

February 2, 2023 /

Thursday

Hackerzhome News

2

Have you heard?
Alleged League Of Legends Source Code Is Being Sold By Hackers Know more!

The hacking of Google Fi provided the opportunity for SIM switch attacks

The hacking of Google Fi provided the opportunity for SIM switch attacks

Customers of Google Fi, the company’s U.S.-only mobile internet and telecoms service, have been notified that a data breach at one of its main network providers may have exposed personal information.

Customers of Google Fi received notifications from Google this week that their phone numbers, SIM card serial numbers, account status (active or inactive), account activation date, and information about mobile service plans had been compromised.

Google made it clear that the compromised systems did not contain sensitive information such as complete names, email addresses, credit card numbers, SSNs, tax identification numbers, government identification numbers, account passwords, or the contents of phone and SMS messages.

Although Google has not disclosed the identity of the primary network provider that was compromised, it is assumed that they are referring to T-Mobile.

T-Mobile said this month that, in November 2022, an API data breach resulted in the exposure of the personal data of about 37 million members.

NEWS 3

Hackers penetrate gaming companies using the new IceBreaker software

Hackers penetrate gaming companies using the new IceBreaker software
NEWS 4

Researchers have given the backdoor IceBreaker the name because it appears to be used by hackers to attack online gaming and gambling businesses.

Customer support representatives are tricked into opening malicious screenshots that the threat actor delivers in the form of a user-facing issue as part of the compromise method.

Since at least September 2022, these assaults have been taking place. There are vague hints that lead to the origin of the group behind them, but they are yet unidentified.

Security Joes was able to respond to three further attacks before the hackers could compromise their targets thanks to data analysis from a September event.
The researchers claim that a tweet from MalwareHunterTeam in October was the only piece of publicly available proof they could locate of the IceBreaker threat actor.

The threat actor contacts the target company’s customer support pretending to be a user having trouble checking in or registering for the online service in order to deploy the backdoor.

The hackers get the customer service representative to download an image that more accurately illustrates the issue than they can.

Although they also observed it being supplied from a Dropbox storage, the researchers claim that the image is often hosted on a bogus website that impersonates a reputable provider.

Recent blog posts

The LockBit malware employs a new Conti-based encryptor and goes "Green."

The LockBit ransomware gang has resumed utilizing encryptors based on other operations; this time, they’ve chosen one based on the Conti ransomware’s leaked source code.

The LockBit operation has gone through several revisions of its encryptor since its introduction, beginning with a homemade one and progressing to LockBit 3.0 (also known as LockBit Black), which is drawn from the BlackMatter gang’s source code.

The ransomware gang is now utilizing a new encryptor termed “LockBit Green,” based on the stolen source code of the now-disbanded Conti gang, according to cybersecurity group VX-initial Underground’s revelation this week.

After a slew of embarrassing data breaches brought on by the disclosure of 170,000 internal messages and the source code for their encryptor, the Conti ransomware gang was forced to disband.

Researchers have discovered samples of the new encryptor floating around on VirusTotal and other malware-sharing websites since the news of LockBit Green became public.

The LockBit malware employs a new Conti-based encryptor and goes Green.
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

Cyberghost

Cyberghost

A Computer science Engineer, Certified Ethical hacker (CEH), Offensive Security Certified professional (OSCP), SOC Analyst & Content Creator.

Leave a Reply

Your email address will not be published. Required fields are marked *