Blackberry Mobile Website Hacked To Mine Cryptocurrency

 The huge explosion of cryptocurrency price has attracted new investors into the crypto world who hope to grab a piece of the cake. As this profitable niche attracts legit investors, so does the ones with illicit motives.

 A Reddit user has revealed that the official website of Blackberry Mobile was using its visitors CPU power to mine Monero digital coins.

According to Rundvleeskroket, the discovery was made by their friend who pointed out that the mobile site was using Coinhive's cryptocureency code to mine for Monero.

 Over the past months, cryptocurrency owners and exchange have suffered attacks by hackers whose aim is to steal their crypto coins. While others launch direct attack on crypto owners wallet, some prefer to hijack popular websites to mine for crypto coins. The Blacberrymobile.com domain is a trading name used by TCL Communications to sell Blackberry branded devices around the world, and its heavy traffic on site attracted the hacker.

Coinhive, the company that provides provides cryptocurrency miners the code to mine the crypto coins legally, revealed that the Blackberry Mobile site was compromised by a Coinhive user who took advantage of the critical security flaw in Magento webshop software. The same user also hacked several other sites and used the same code to mine Monero illegally, and as a result Coinhive terminated the users account.

"We're sorry to hear that our service has been misused. This specific user seems to have exploited a security flaw issue in the Magento webshop software (and possibly others) and hacked a number of different sites. We have terminated the account in question for violating our terms of service now," Coinhive said.

As at the time of this report, the malicious code had already been removed from the site

This Malicious Telegram App Is Infecting Android Users With Malware

 A Security researcher at Symantec have identified a fake Telegram Messenger app in the Google Play Store which has been infecting Android devices with malware and spamming them with ads.

Also Read: Netherlands Teen Hackers punishes 7 Indian embassies for ignoring security flaws

 According to the threat Intelligence researcher, John Hou, the malicious app which is called 'Teligram [New version updated]' masquerades as an update to the original Telegram app, and infecting unsuspecting Android users with malware and as well, spamming them with ads.

The maker replaces the 'e' in the Telegram with an 'i' and then changed the theme colour from blue to black so as to convince unsuspecting users that the app is really an update. The fake app makes money for the creator by spamming users with ads.

John Hou explained that the malware (Trojan.Gen.2) in the Teligram app is built using the open source Telegram code which is distributed to third party stores. The fake app executes the malware the moment that it is installed. The malware in turn ends up installing an ad clicker or a backdoor.

 The researcher, however believes that the main motive of the person(s) behind this scam is to make money and not steal users data, though the possibility of the attacker(s) implementing features that may steal users data and perform other malicious activities in the future can not be dismissed.

Home to over 3.5 million Android apps, the Google Play Store has always been a hub where hackers sneak in malicious apps, beating Google security check. Unsuspecting Android users who believes that Google security check can't be bypassed, download most of these apps with full confidence of being secured.

As at the time of this writing, the fake Teligram app was kicked off from the Play Store

Google Kicks 60 Malware Infested Apps Serving P0rn Ads From The Play Store

Google has removed over 60 games from the Play Store after security firm Check Point announced that the apps were ridden with malware, and also serving p0rn ads.

The AdultSwine malware was found to be in a number of games, most of which had been download millions of times. Apart from displaying p0rn ads to those who download it, the malware also used trickish means to make users into installing fake security tools, and also encouraged them to register for expensive premium services. Check Point claimed that the games were targeted towards children but Google disagreed the claim.

According to Check Point security, the mode of operation of the AdultSwine is similar to other Android malware. Once the user installs an infected app, the malicious code phones home to  a command and control server for further instructions.

 In other to avoid suspicion, the instructions decides the type of ads to show, and on which apps and then makes it difficult for the user to uninstall the app by hiding the icon.

"It is interesting to note that the server however forbids ads to be displayed over certain apps such as browsers and social networks, in order to avoid suspicion," Check Point said.

"The malicious code then verifies certain conditions regarding the device's status and checks which app is currently running on screen. Once all its terms are met, it begins to display the illegitimate ads outside of the app's context. if it embedded inside a web browser app the ads will be displayed inside that browser, if only they will be displayed inside a designated web view.

"As for the ads being, they come from two main sources; the first is that of the main ad providers, which forbid such illegitimate display of their ads. The second is the malicious code's own ad library, which contains ads of an offensive nature, including p0rnographic ads. All these are displayed to children while playing the game that the app is masquerading as."

The full list of infected apps can be found on Check Point website

Taiwan Police Distributed Malware Infected Usb Drives To Cybersecurity Quiz Winners

 During a cybersecurity-related quiz hosted by the presidential Office in Taiwan, the Taiwanese police awarded the winners with malware infected USB sticks.

According to local reports, the National police ... the Criminal Investigation Bureau (CBI) awarded 250 USB drives of 8GB capacity, of which 54 of those drives were infected with a Chinese malware.

The malware which is known as XtbSeDuA.exe was designed to steal users data and send to a Polish IP address, though the IP address was shut down by Europol back in 2015 on a major crackdown on an electric fraud ring.

According to Taipei, the USB drives were purchased from contractors and made in China, though the Bureau believes that the malware wasn't part of a Chinese cyber espionage. Adding that the infection came from an infected work station at New Taipei City-based contractor Shawo Hwa Industries Co when an employee at the company used the affected computer to transfer an operating so as to test the USB drives and their capacity, thus transmitting the malware onto 54 units of the USB drives.

 About 20 units of the USB drives were retrieved after their users complained that their anti-virus software flagged the USB drives. 34 of those USB drives are still in the wild.

The National Security Officials have expressed sadness over the incident that has compromised such a high profile event, expressing concerns that it might have been a deliberate attack by a hack group.

The Bureau has apologized to the Presidential Office as well all other government agencies that took part in the event.  The Bureau has launched another probe into the incident.

27 Malware Infected Gaming Apps Found On The Play Store With Over 4 Million Downloads!

The Android OS is a beautiful mobile operating system with lots of functionality and features to make any phone lover fall in love with it. But one major duduk kasus that has been ravaging the OS is the heavy presence of malware floating around the platform.

 Another duduk kasus is the rate in which these malware apps find their way into the Play Store. Google on its own part does its best (at least that's what i think)  to take down those malware infected apps. However, sometimes they completely ignore some of those apps even when security researchers have alerted them of their malicious activities.

Also Read: GO Keyboard App Spying And Stealing Data Of Over 200 Million Android Users

Security researchers at Russian cybersecurity company Dr.Web have discovered a dangerous Android malware hidden in several gaming apps on the Play Store. This malware steals users data by conducting several phishing attacks.


According to the researchers, the malware which they dubbed as Android.RemoteCode.127.origin was found in 27 games on the Play Store, and the apps were downloaded over 4,500,000 times!

The researchers explained that the moment the malware infects a user, the malware would then discreetly open horde of malicious websites and automatically click on its content (Such as banners, links) by downloading a script from the command and control server. This part explained is to generate revenue for the criminals.

Next, the malware would then spam the user with advertisements, download other malicious apps and then perform phishing activities so as to steal the users bank and other credentials.

Just recent, Google kicked about 60 apps from the Play Store that were serving P0rn Ads to their users. Google had initiated several bounty programmes in the past, one of which is the programme that rewards security researchers for each bounty discovered in popular apps on the Play Store.

Man In Court For Launching Several Ddos Attacks On Former Employer, Police, Courts And Others

A New Mexican man has been dragged to court for launching distributed denial of service (DDoS) attacks against business competitors, public services and also the websites of his former employers.

The accused, John Kelsey Gammell, 55, who is a convicted felon that had been prohibited from possessing firearm and ammunition, pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer in the US.

 Gammell admitted to launching several DDoS attacks on websites in the US between July 2015 and March 2017.

DDoS attacks carried out by Gammell were targeted at companies that he worked for before and those that refused to hire his service. Apart from those attacks mentioned above, he also targeted law enforcement websites, his business competitors, Colleges and others.


 According to the department of justice, Gammell purchased DDoS for hire service from several DDoS companies such as Inboot, Booter.xyz, CStress, VDos to launch his attacks. To make his transactions and his location untraceable, Gammell used  IP addresses to hide his address and location whenever he hired the service of those DDoS for hire sites.

 The accused used spoofed emails to transact as well as using cryptocurrency as his form of making payments. He also used encryption and drive-cleaning tools to hide digital evidence.

Victims of Gammell's cyber attack includes the Minnesota State Courts, Dakota County Technical College, Washburn Computer Group, the Hennepin County Sheriff's office, and many others.

Gammell is scheduled to face sentencing at a later date.

Russian Authorities Crack Down On Gas Stations For Using Malicious Software To Defraud Customers

Russian authorities have broken up a fraud scheme employed by dozens of gas station employees to overcharge customer into paying more money for less quantity of fuel they bought.

The employees involved in the scam used software programmes on electronic gas pumps to short customers between 3 to 7 percent of gas pumped into the customer's tanks. This software was found only on gas stations located throughout the south of Russia.

According to Rosbalt and other multiple Russian media outlets, the Russian Federal Security (FBS) arrested a hacker named Denis Zayev in Stavropol, and charged him with creating several software programmes that he designed to con customers.

The FSB explained that the hacker designed the software programme and then sold them to the rogue gas station employees. However, Zayev and the gas station employees would have an agreement in which he is to receive a cut from the money overpaid by the customer. This cut earned Zayev and the gas station employees hundreds of millions of rubles.

 The malicious software made gas pumps to display false data, cash registers and also hide data sales of a station's illicit surplus gasoline.

 So strong was the malware that it was almost impossible for it to be detected by local inspectors and oil companies that monitored inventory remotely.

Though with all the software's stealth mode operation, it is still unknown what tipped the Russian authorities to the scam.

Maersk Had To Reinstall 45,000 Pcs And 4,000 Servers After Suffering Notpetya's Attack

Shipping giant Maersk has announced that they had to reinstall about 45,000 PCs, 4,000 servers and 2,500 applications after suffering from the NotPetya attack.

Maersk was one of the companies that suffered from the NotPetya attack that struck Ukraine last year in August. The company's activities were almost crippled as they were forced to temporarily shutdown critical systems infected with the ransomware.

Due to cancellations and delays during that period, a record of about $300 was lost in revenue.

Also read: Ukrainian postal service suffers 48-hour DDoS attack

Maersk chairman, Jim Hageman Snabe shared details on the attack suffered by the company during a speech  at the World Economic Forum in Davos, Switzerland.

"The impact of (NotPetya) is that we basically found that we had to re install an entire infrastructure," Snabe said. "We had to install 4,000 new servers, 45,000 new PCs, 2,500 applications.

"And that was done in a heroic effort over ten days. Normally - I come from the IT industry - I would say it's gonna take six months. It took to days."


Maersk ship docks worldwide every 15 minutes, unloading about 20,000 containers. Imagine what it would be like running such a company without no IT for 10 days.

"It's almost impossible to even imagine. And we actually overcome that duduk masalah with human resilience," Snabe said. "We had a 20 percent drop in volume, so we managed 80 percent of that volume manually ... Customers were great contributors to overcoming that."

The Maersk chair pointed out that Maersk was a victim of a state sponsored attack aimed at Ukraine government. However, he described the incident as a "very significant wake-up call" to improve in terms of cyber-security.

The Snabe also made some point on the need for collaboration between companies and law enforcement.

Millions Of Android Devices Hijacked By Cybercriminals To Mine Cryptocurrency

 Millions of Android smartphone devices have been hijacked in an aggressive cryptocurrency mining campaign.

According to Malwarebytes, millions of Android mobile users have been mining the Monero (XMR) cryptocurrency for cybercriminals unknowingly through their droid device. The security site explained that infected droid devices are been redirected to a page that would then ask the user to solve a CAPTCHA to solve to prove that they are not a bot but a human.

 This warning message appears on the droid users smartphone: "You device is showing suspicious surfing behaviour. Please prove that you are a human by solving the captcha, Until you verify yourself as human, your browser will mine the Crytocurrency Monero for us in order for us to recover the server costs incurred by bot traffic." Until a user enters the code, the smartphone or tablet continues mining Monero, damaging the device's processor.


This campaign was first observed in January 2018 and is thought to have started around November 2017.

Malwarebytes describes the mining process of this campaign as automated and doesn't need user consent as everything happens silently.

The security blog also identified five domain using the same captcha code and Coinhive key sites used for the campaign. Data shown on Malwarebytes blog shows at least two websites had more than 30 million visits per months, with the two websites combined yielding about 800,000 visits in a day.

Cybercriminals have devised different ways to perform their illicit crypto mining on all types of browser platforms. Some have employed even more sophisticated methods that might remain undetected by smartphone users. The best way to keep your device safe from this menace is to always download trusted apps from the official store of your OS so as to prevent getting unnecessary malware infection, and even with that ensure to install the No Coin extension which is available for Google Chrome, Firefox and Opera mini.

Google Boots Android Malware With Over 500,000 Download From The Play Store

 Cases of malware and other forms of malicious apps are common on the Android platform. Due to the high volume of malicious apps lurking around the platform, most Android stck and download apps only from the Google Play Store.

Google on its part has been working hard to keep the Play Store safe and free from any form of malicious apps but from time to time we hear of malicious apps still sneaking into the store.

Latest news from security firm SophosLab says that some Android apps have managed to sneak in a malware into the Play Store which then uses the users device for click-based advertising so as to earn fraudulent money for the developer(s).


 According to the security firm, a total of 7 QR code and compass apps have been seen to belong to a  new malware family called Andr/HiddnAd-Aj. This form of malware generates revenue for its creators by unleashing notifications, full screen ads, and ad-related webpages. These apps have received more than 500,000 downloads but as at the time of this post, Google had kicked them off the Store.

In its fight to make the Play Store safe for users, Google recently removed more than 700,000 bad apps from the Play Store and 100,000 malicious developers. Despite all these, SophosLab still recommend Android users to still download apps from the Play Store due to the constant check carried out.

 "Google's app vetting process is far from perfect, but the company does at least carry out some pre-acceptance checks. Many off-Market Android app repositories have no checks at all - they're open to anyone, which can be handy if you're looking for unusual or highly specialised apps that wouldn't make it into Google Play (or trying to publidh unconventional content)," Paul Ducklin of SophosLabs said in a blogpost.

World's Biggest Botnet Re-Emerges With New Ransomware Threats

Its just 13 months after the deadly Mirai malware caused a global havoc, disrupting several internet services around world with its massive DDoS attack. However, cyber security specialists are issuing out warnings of a new cyber-attack, not Mirai this time but from another Botnet called Nercurs spam.

According to security researcher(s) from Check Point, Necurs spam botnet which is putatively seen as the largest in the world is being used to spread a new ransomware threat called Scarab ransomware.

The Scarab ransomware which was first sighted in June 2017, was distributed by Necurs over 12 million times via emails in just one morning during the Thanks giving holidays in the US.

"The re-emergence of the Necurs botnet highlights how malware that may seem to be fading away doesn't always disappear or become any less of a threat," said Maya Horowitz, threat intelligence group manager at Check Point. "Despite Necurs being well known to the security community, hackers are still enjoying lots of success distributing malware with this highly effective infection vehicle."


Other malwares included in the report includes RoughTed, a malvertising aktivitas which is seen as the most wanted malware. This malware is used for performing different forms of attacks on different operating systems. The malware utilizes ad-blocker bypassing and finger printing to ensure that it delivers the most suited attack.

 Second on the list to RoughTed is Rig ek. This malware which was first seen in 2014 exploits Flash, Java, Internet explorer and silverlight. Rig ek redirects a victim to a landing page which contains a JavaScript which then scan for vulnerability so as to deliver exploits.

  Also the report were Malware for the Android Operating System. Number one on the list was Triada, a modular backdoor for Android grants superuser rights to downloaded malware. Second in place is Lokibot, an Android banking Trojan which steals user information and then locks the device while demanding for a ransom with threats of leaking the stolen information online.

Mirai Botnet Creators Pleads Guilty For Roles In Cyberattacks

Three men have pleaded guilty to federal cyber-crime charges which includes creating a botnet know as Mirai which was used to take down a huge part of the internet in 2016.

  According to documents revealed on Wednesday, Paras Jha,21, Josiah White,20, and Dalton Norman,21, admitted to one count of conspiracy in a plea agreement filed this month.

 Federal prosecutors in Alaska and New Jersey have accused the three hackers of creating and using the Mirai botnet to hijack vulnerable internet-connected devices which they used in launching several distributed denial-of-service (DDoS) attacks.

Also read: Canadian Army recruitment site hacked and redirected to Chinese Government site

 A distributed denial-of service (DDoS) attack is used to disrupt online services by sending spam traffics in their thousands, millions, billions and even terabytes so as to knock that particular service offline. This is usually conducted via a botnets of ensnared vulnerable devices such as routers, webcams and other IoTs.

  According to Jha plea agreement. The filling says the 21-year who is a former Rutgers University computer science student "conspired to conduct DDoS attacks against websites and web hosting companies located in the United States and abroad," and then demanded payment to put a stop to the attack.

Jha admitted to have release the Mirai source code to the public which was then used by cyber-criminals to conduct several DDoS attacks in 2016 on top internet services such as Netflix,Twitter, Reddit, Spotify, Theverge, BBC, Dyn, Pinterest, xbox.com and others

However, prosecutors on the case have said that they do not believe that three men were responsible for the attacks in 2016 as Jha had already posted the code to online forums which was then used by cybercriminals to cause havoc worldwide.

Also read: Liberia's entire internet attacked with Mirai Botnet14, UK threatened

Jha and Norman also pleaded guilty to a separate conspiracy charge for using another powerful botnet for a clickfraud scheme, to generate fake clicks which they used in defrauding advertisers.

 White has pleaded guilty to creating the Mirai scanner which scans vulnerable devices which are then enslaved in the botnet. Norman too has admitted to developing exploits which they built into the botnet.

  The three hackers were all a fan of Japenese anime called 'Mirai Nikki' and so named the botnet Mirai. The name Mirai Nikki means 'future diary' diary in English.

Ransomware Dominates 2017 Threat Landscape

2017 has witnessed several kinds of cyber-related attacks through out the year. These attacks which includes DDoS, Data breaches, all kinds of ransomware attacks etc have cost companies, variant organizations, government bodies etc billions of dollars.

According to Carbon Black, a security specialist with endpoint security, there have been a 328% increased attacks against endpoints between January and December 2017.

 The latest threat report from the company shows that ransomware threats dominated the attacks in 2017. The ransomware variants that topped the charts includes; Spora, CryptXXX / Exxroute, Locky, Cerber and Genasom, and their top targets includes government organizations, tech companies and law firms.


Ransomware attacks in 2017 had surged at a fast pace, costing global businesses an estimated $5 billion in 2017. The research from Carbon Black also shows that the WannaCry attack which affected most organizations and corporate businesses around the world, was the first exposure more than half the population have had in the world of ransomware.

Consumers attitudes towards companies hit by ransomware is on the negative side as 72% say they would leave their financial institution if it were to be hit by ransomware, while 70% say that they would completely stop dealing with a retailer in such events.

Of all the cyber-related attacks in 2017, 57% of these were non-malware (fileless) attacks -- these attacks, according security researchers (non-malware) pose more of a business threat than commodity malware attacks.

Everyday, cyber-criminals look for new sophisticated means of bypassing various forms of security  and getting to their targets by exploiting any kind of security flaw. "Ransomware will become more targeted by looking for certain files types and targeting specific companies such as legal, healthcare, and tax prepares rather than 'spray and pray; attacks that we largely see now," part of the report read.

Blackberry Mobile Website Hacked To Mine Cryptocurrency

 The huge explosion of cryptocurrency price has attracted new investors into the crypto world who hope to grab a piece of the cake. As this profitable niche attracts legit investors, so does the ones with illicit motives.

 A Reddit user has revealed that the official website of Blackberry Mobile was using its visitors CPU power to mine Monero digital coins.

According to Rundvleeskroket, the discovery was made by their friend who pointed out that the mobile site was using Coinhive's cryptocureency code to mine for Monero.

 Over the past months, cryptocurrency owners and exchange have suffered attacks by hackers whose aim is to steal their crypto coins. While others launch direct attack on crypto owners wallet, some prefer to hijack popular websites to mine for crypto coins. The Blacberrymobile.com domain is a trading name used by TCL Communications to sell Blackberry branded devices around the world, and its heavy traffic on site attracted the hacker.

Coinhive, the company that provides provides cryptocurrency miners the code to mine the crypto coins legally, revealed that the Blackberry Mobile site was compromised by a Coinhive user who took advantage of the critical security flaw in Magento webshop software. The same user also hacked several other sites and used the same code to mine Monero illegally, and as a result Coinhive terminated the users account.

"We're sorry to hear that our service has been misused. This specific user seems to have exploited a security flaw issue in the Magento webshop software (and possibly others) and hacked a number of different sites. We have terminated the account in question for violating our terms of service now," Coinhive said.

As at the time of this report, the malicious code had already been removed from the site

This Malicious Telegram App Is Infecting Android Users With Malware

 A Security researcher at Symantec have identified a fake Telegram Messenger app in the Google Play Store which has been infecting Android devices with malware and spamming them with ads.

Also Read: Netherlands Teen Hackers punishes 7 Indian embassies for ignoring security flaws

 According to the threat Intelligence researcher, John Hou, the malicious app which is called 'Teligram [New version updated]' masquerades as an update to the original Telegram app, and infecting unsuspecting Android users with malware and as well, spamming them with ads.

The maker replaces the 'e' in the Telegram with an 'i' and then changed the theme colour from blue to black so as to convince unsuspecting users that the app is really an update. The fake app makes money for the creator by spamming users with ads.

John Hou explained that the malware (Trojan.Gen.2) in the Teligram app is built using the open source Telegram code which is distributed to third party stores. The fake app executes the malware the moment that it is installed. The malware in turn ends up installing an ad clicker or a backdoor.

 The researcher, however believes that the main motive of the person(s) behind this scam is to make money and not steal users data, though the possibility of the attacker(s) implementing features that may steal users data and perform other malicious activities in the future can not be dismissed.

Home to over 3.5 million Android apps, the Google Play Store has always been a hub where hackers sneak in malicious apps, beating Google security check. Unsuspecting Android users who believes that Google security check can't be bypassed, download most of these apps with full confidence of being secured.

As at the time of this writing, the fake Teligram app was kicked off from the Play Store

Google Kicks 60 Malware Infested Apps Serving P0rn Ads From The Play Store

Google has removed over 60 games from the Play Store after security firm Check Point announced that the apps were ridden with malware, and also serving p0rn ads.

The AdultSwine malware was found to be in a number of games, most of which had been download millions of times. Apart from displaying p0rn ads to those who download it, the malware also used trickish means to make users into installing fake security tools, and also encouraged them to register for expensive premium services. Check Point claimed that the games were targeted towards children but Google disagreed the claim.

According to Check Point security, the mode of operation of the AdultSwine is similar to other Android malware. Once the user installs an infected app, the malicious code phones home to  a command and control server for further instructions.

 In other to avoid suspicion, the instructions decides the type of ads to show, and on which apps and then makes it difficult for the user to uninstall the app by hiding the icon.

"It is interesting to note that the server however forbids ads to be displayed over certain apps such as browsers and social networks, in order to avoid suspicion," Check Point said.

"The malicious code then verifies certain conditions regarding the device's status and checks which app is currently running on screen. Once all its terms are met, it begins to display the illegitimate ads outside of the app's context. if it embedded inside a web browser app the ads will be displayed inside that browser, if only they will be displayed inside a designated web view.

"As for the ads being, they come from two main sources; the first is that of the main ad providers, which forbid such illegitimate display of their ads. The second is the malicious code's own ad library, which contains ads of an offensive nature, including p0rnographic ads. All these are displayed to children while playing the game that the app is masquerading as."

The full list of infected apps can be found on Check Point website

Taiwan Police Distributed Malware Infected Usb Drives To Cybersecurity Quiz Winners

 During a cybersecurity-related quiz hosted by the presidential Office in Taiwan, the Taiwanese police awarded the winners with malware infected USB sticks.

According to local reports, the National police ... the Criminal Investigation Bureau (CBI) awarded 250 USB drives of 8GB capacity, of which 54 of those drives were infected with a Chinese malware.

The malware which is known as XtbSeDuA.exe was designed to steal users data and send to a Polish IP address, though the IP address was shut down by Europol back in 2015 on a major crackdown on an electric fraud ring.

According to Taipei, the USB drives were purchased from contractors and made in China, though the Bureau believes that the malware wasn't part of a Chinese cyber espionage. Adding that the infection came from an infected work station at New Taipei City-based contractor Shawo Hwa Industries Co when an employee at the company used the affected computer to transfer an operating so as to test the USB drives and their capacity, thus transmitting the malware onto 54 units of the USB drives.

 About 20 units of the USB drives were retrieved after their users complained that their anti-virus software flagged the USB drives. 34 of those USB drives are still in the wild.

The National Security Officials have expressed sadness over the incident that has compromised such a high profile event, expressing concerns that it might have been a deliberate attack by a hack group.

The Bureau has apologized to the Presidential Office as well all other government agencies that took part in the event.  The Bureau has launched another probe into the incident.

27 Malware Infected Gaming Apps Found On The Play Store With Over 4 Million Downloads!

The Android OS is a beautiful mobile operating system with lots of functionality and features to make any phone lover fall in love with it. But one major duduk kasus that has been ravaging the OS is the heavy presence of malware floating around the platform.

 Another duduk kasus is the rate in which these malware apps find their way into the Play Store. Google on its own part does its best (at least that's what i think)  to take down those malware infected apps. However, sometimes they completely ignore some of those apps even when security researchers have alerted them of their malicious activities.

Also Read: GO Keyboard App Spying And Stealing Data Of Over 200 Million Android Users

Security researchers at Russian cybersecurity company Dr.Web have discovered a dangerous Android malware hidden in several gaming apps on the Play Store. This malware steals users data by conducting several phishing attacks.


According to the researchers, the malware which they dubbed as Android.RemoteCode.127.origin was found in 27 games on the Play Store, and the apps were downloaded over 4,500,000 times!

The researchers explained that the moment the malware infects a user, the malware would then discreetly open horde of malicious websites and automatically click on its content (Such as banners, links) by downloading a script from the command and control server. This part explained is to generate revenue for the criminals.

Next, the malware would then spam the user with advertisements, download other malicious apps and then perform phishing activities so as to steal the users bank and other credentials.

Just recent, Google kicked about 60 apps from the Play Store that were serving P0rn Ads to their users. Google had initiated several bounty programmes in the past, one of which is the programme that rewards security researchers for each bounty discovered in popular apps on the Play Store.

Man In Court For Launching Several Ddos Attacks On Former Employer, Police, Courts And Others

A New Mexican man has been dragged to court for launching distributed denial of service (DDoS) attacks against business competitors, public services and also the websites of his former employers.

The accused, John Kelsey Gammell, 55, who is a convicted felon that had been prohibited from possessing firearm and ammunition, pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer in the US.

 Gammell admitted to launching several DDoS attacks on websites in the US between July 2015 and March 2017.

DDoS attacks carried out by Gammell were targeted at companies that he worked for before and those that refused to hire his service. Apart from those attacks mentioned above, he also targeted law enforcement websites, his business competitors, Colleges and others.


 According to the department of justice, Gammell purchased DDoS for hire service from several DDoS companies such as Inboot, Booter.xyz, CStress, VDos to launch his attacks. To make his transactions and his location untraceable, Gammell used  IP addresses to hide his address and location whenever he hired the service of those DDoS for hire sites.

 The accused used spoofed emails to transact as well as using cryptocurrency as his form of making payments. He also used encryption and drive-cleaning tools to hide digital evidence.

Victims of Gammell's cyber attack includes the Minnesota State Courts, Dakota County Technical College, Washburn Computer Group, the Hennepin County Sheriff's office, and many others.

Gammell is scheduled to face sentencing at a later date.

Russian Authorities Crack Down On Gas Stations For Using Malicious Software To Defraud Customers

Russian authorities have broken up a fraud scheme employed by dozens of gas station employees to overcharge customer into paying more money for less quantity of fuel they bought.

The employees involved in the scam used software programmes on electronic gas pumps to short customers between 3 to 7 percent of gas pumped into the customer's tanks. This software was found only on gas stations located throughout the south of Russia.

According to Rosbalt and other multiple Russian media outlets, the Russian Federal Security (FBS) arrested a hacker named Denis Zayev in Stavropol, and charged him with creating several software programmes that he designed to con customers.

The FSB explained that the hacker designed the software programme and then sold them to the rogue gas station employees. However, Zayev and the gas station employees would have an agreement in which he is to receive a cut from the money overpaid by the customer. This cut earned Zayev and the gas station employees hundreds of millions of rubles.

 The malicious software made gas pumps to display false data, cash registers and also hide data sales of a station's illicit surplus gasoline.

 So strong was the malware that it was almost impossible for it to be detected by local inspectors and oil companies that monitored inventory remotely.

Though with all the software's stealth mode operation, it is still unknown what tipped the Russian authorities to the scam.