Reading Time: ~ 2 min.

World Health Organization Sees Rise in Cyberattacks

Officials for the World
Health Organization
(WHO) have announced that many of their sites and
servers have been under attack by unsuccessful hackers trying to capitalize on
the latest health scare. The attack stemmed from the use of several malicious
domains that attempted to gain sensitive information and credentials from WHO
employees. Thousands of other malicious domains have been created over the last
few weeks to exploit the uninformed victims of the Coronavirus outbreak.

TrickBot Sidesteps 2FA on Mobile Banking Apps

The creators of TrickBot have developed a new mobile app
called TrickMo,
that can silently circumvent two-factor authentication that is used by various
mobile banking apps. The malicious app is used mainly to intercept
authentication tokens, once it is installed on the victim’s device. Currently,
the TrickMo app is targeting German individuals and using the name “Security
Control” to disguise any ulterior motives, and even sets itself as the default
SMS app, in order to steal additional information.

Google Play Finds 56 New Malicious Apps

Over 56 new malicious apps have been spotted on the Google
Play store
, with a combined 1.7 million installations on devices across the
globe. To make matters worse, a large portion of the apps were targeted
specifically at children and used native Android functionality to imitate typical
user actions to boost ad revenue. Many of the apps took extreme measures to
avoid being uninstalled by the users, though Google itself has since removed
all of the related apps from the Play Store.

Fake Coronavirus Vaccine Sites Shutdown

A website offering fake
Coronavirus vaccine kits
that were claiming to be approved by the WHO has
been shutdown following a ruling by a federal court. The operator of the site
has been accused of committing fraud and the hosting service has received a
restraining order to stop public access to the site. The site in question,
“coronavirusmedicalkit.com” offered the fake kits with users only paying for
shipping and entering their payment card data.

Tupperware Website Breached

The main website for Tupperware
was recently hacked and used to host Magecart code to steal payment card
information. The malicious code was first discovered at the end of last week,
but was still active nearly a week later, even after multiple attempts to
contact the company. Magecart has been a wide-spread issue for online retailers
over the last couple years, and still maintains a large presence due to their
ease of use and continuing success.

The post Cyber News Rundown: WHO Under Cyberattack appeared first on Webroot Blog.