Introduction
Welcome everyone. In this edition of our security news review, we'll cover articles that are about the following:
- Malware
- Online scams and extortion
Let's begin.
Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware
This article shows the level that threat actors are willing to go to to compromise your computer system. So, be careful, and only download updates from the official vendor's website. Speaking of the latter, always double-check the address bar before clicking on the supposed download link.
The following excerpt from the article is what the threat actors hope to achieve from this:
BitRAT is a feature-rich RAT that allows attackers to harvest data, mine cryptocurrency, download more binaries, and remotely commandeer the infected hosts. Lumma Stealer, a commodity stealer malware available for $250 to $1,000 per month since August 2022, offers the ability to capture information from web browsers, crypto wallets, and other sensitive details.
Researchers Show How Malware Could Steal Windows Recall Data
The first time I saw the headlines about this feature Windows Recall, the only time I thought was the privacy implications if the data got into the wrong hands. What's more, it could make the job of malware authors more easy. I mean, everything the user is doing on the system in a single database? Write a malware that can grab that and it could be a horror show for whoever is affected.
Luckily, Microsoft has bowed to pressure and the Windows Recall will now be off by default. Still, the excerpt below highlights the job of two researchers and how they manage to get the data captured by Windows Recall.
Researcher Marc-André Moreau showed how a remote desktop manager password collected by Recall can easily be recovered from a local unencrypted SQLite database, making it easy for information-stealing malware to obtain.
Another cybersecurity expert, Alexander Hagenah, has made available an open source tool, named TotalRecall, that can easily extract and display data from the Recall database.
The job hunter’s guide: Separating genuine offers from scams
If it's too good to be through, you'll lose nothing by walking away. That's candid advice that I'll give myself and anyone else that's hunting for a job. Moreover, as discussed in the article, be wary of what you post on your social media accounts, especially LinkedIn.
Here is an excerpt from the article:
As outlined in a previous WeLiveSecurity blog by Daniel Cunha Barbosa, people often reveal too much about themselves online, especially on sites such as LinkedIn, which serves both as a professional social media service and as a job board. This can make it easier for crooks to harvest data – be it by purchasing leaked account credentials or by doing a bit of web scraping.
New Gitloker attacks wipe GitHub repos in extortion scheme
Try your best and back up your GitHub repository. This ensures that you are safe from this type of attack. What's more, the perpetrator behind this ultimately asks the victim to communicate via Telegram.
No excerpt can capture the essence of the article, so, have fun reading.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.