The Telegram messaging app is used by over 200 million people around the world and has proven to be a great communication vehicle for individuals and companies. Unfortunately, Telegram is also an attractive target for bad actors looking to exploit the platform and people. From cryptocurrency stealers and miners, Telegram has seen its fair share of scams.
The world is experiencing a trying time, and every sector is impacted in some way by the COVID-19 pandemic. The unfortunate reality is that in times of crisis, hackers exploit vulnerabilities in systems...and humans: the COVID-19 pandemic is no exception. Over the last two weeks, here at PolySwarm, our malware analysts have seen a severe increase in pandemic related cyber threats--from Android ransomware to malware-laden “coronavirus map trackers”--that prey on people’s fragility and trust.
Today, PolySwarm, a threat intelligence platform used to detect new and emerging malware, releases information about a new variant of ZeroCleare (a destructive malware attributed to Iran). PolySwarm Community (free) and Enterprise users were able access to the full content of this sample before it appeared on VirusTotal.
Cybercriminals behind Emotet, one of the most prolific botnets in recent history, have ramped up a new Christmas-themed phishing attack. It lures victims to download malicious attachments related to "menus" for an upcoming Christmas party.
Ginp is a banking Trojan that is actively being used to impersonate targeted banking apps. The malware brings up a screen on the victims phone and displays a window that mimics the real banking app. First, one is prompted to login with their credentials. The second screen steals the victim's credit card details.
PolySwarm users can now download malware samples completely free; sign-up for the free “Community” plan and get 10 malware-sample downloads per month.
Do you ever see a mysterious calendar invite appear on your Google Calendar? If the answer is yes, there’s a good chance you are the victim of a calendar invite phishing scam.