Reading Time: ~2 min.
Anatova Ransomware Reaches Global Market
A new ransomware
family, dubbed Anatova by researchers, has been infecting machines across
the globe. During encryption, Anatova appears to focus on small files to speed
up overall encryption times, but doesn’t append the encrypted files with a new
extension. Unexpectedly, this variant demands DASH crypto coins, rather than
using a currency with a less visible transaction ledger. It also uses several tactics
to prevent analysis in both real-world and virtual environments.
Android Malware Remains Dormant until it Detects Motion
On the Google Play store, researchers have discovered several
malicious
apps that rely on an unusual trigger to install a banking Trojan: motion
sensors. By monitoring the motion sensor in a specific mobile device, the
malware can determine if it is a real victim device or a research emulator (which
would likely remain stationary during analysis.) In particular, one of these
insidious apps was downloading the Anubis banking Trojan, which launched a fake
Android update screen to start keylogging in hopes of capturing banking
credentials.
Google Faces First Major GDPR Fine
Regulators in France have issued a fine
against Google for two separate complaints, the first being the company’s
misuse of their users’ data, the second being the legal use of that data
without providing the user enough details to give fully-informed consent. This
fine is the first issued by the CNIL, the official regulator for France, and
could cost Google up to $57 million.
ElasticSearch Database Exposes Online Gambling Bets
In the last couple days, security researchers have
discovered a database holding sensitive information on dozens of online
casino sites’ bettors. After contacting the hosting provider,
researchers verified that the database, which contained over 100 million bet
entries, had finally been secured. However, it’s still unclear whether the database’s
owner or the ISP was responsible.
Chinese Crypto Farms Get Unique Ransomware Strain
Since China houses most of the world’s cryptocurrency
mining farms, it comes as little surprise that malware authors are beginning
to focus on this lucrative market. By infecting Antminer devices, which mine
Litecoin and Bitcoin, this variant can quickly shut down the device and prevent
further mining operations. Victims must choose between paying an extremely high
ransom and allowing the infection to spread to thousands of other devices. For victims
who do not pay, this variant also threatens to shut down devices’ fans, causing
them to overheat and eventually destroy themselves.
The post Cyber News Rundown: Anatova Ransomware Infects the Globe appeared first on Webroot Blog.