The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.

Mac Backdoor Just Discovered, Active For Years

Researchers have only recently discovered a previously undetectable backdoor for Mac® computers that has been active for several years. The infection itself remains silent while working to gain control of everything on the system, from webcams to the keyboard and mouse, Fruitfly has been found throughout. Unfortunately, researchers are still unclear on the actual intentions of the malware, as it continues to be updated for use on the latest MacOS versions, though in a lower capacity.

Banking Trojans Ramp up Sophistication

Recently, a new banking Trojan variant has been found with enhanced capabilities for determining whether it is being run by a regular user, or within a virtualized testing sandbox. By monitoring the mouse movements, this variant can detect if a person is actually interacting with the machine, or simply analyzing malicious samples. Another unusual feature of this latest variant: it focused more on Mozilla Thunderbird user data than on actual banking credentials, leaving researchers scratching their heads about what its next steps may be.

Third Party Android Chock Full of Malware

Over the past few months, a Turkish Android™ app store has come under fire for distributing malware with every app download. The app store,, has been redirecting users to a malicious download page that offers Adobe Flash Player, which has been unused by Android since 2012. Fortunately, the issue has been resolved by the app store itself, after receiving hundreds of reports for the misleading app downloads.

Italian Bank Faces Largest Financial Data Breach

Officials have been working tirelessly throughout the last month to resolve a data breach that affected nearly 400,000 Italian banking customers. These accounts were accessed illicitly via a third-party provider, and contain the affected customers’ full account details. This breach is a follow-up to the one that occurred last fall, spurring even further security efforts to prevent similar breaches in future. The bank is also undertaking changes among partners who haven’t adopted higher security standards.

Scottish IDs for Sale on Dark Web

Over 100,000 unique credentials have been posted for sale on the Dark Web, mainly those of Scottish citizens residing in Edinburgh. While the source of these credentials is still unknown, officials are warning anyone who feels they may be at risk of identity theft to contact local authorities. Included in the stolen data are email addresses, passwords, and credit card information. To make matters worse, the seller is offering a money-back guarantee that at least 80% of the data is accurate and usable, adding further enticement to anyone in the market to buy.

The post Cyber News Rundown: Edition 7/28/17 appeared first on Webroot Threat Blog.