The Weekly Top 3 - ED #31.2015

By Jon Phish, Fri 31 July 2015, in category News

android, google, malware, phishing, weekly

The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to Google Drive, a Potao Trojan and a robot's Stage Fright

Google Drive Used In Phishing Attacks

Security researchers have unearthed another phishing campaign that utilizes the web forms on Google Drive to function like a fake website. The scammers use Gmail to distribute phishing e-mails that contain malicious links to web pages hosted on Google Drive. These web pages take the form of the Google login page and is used to steal the victim's login credentials. These Google accounts are valuable to the scammers because of Gmail's popularity and the amount of services offered by Google. Additionally these e-mail accounts are usually used as verification e-mail accounts for other online accounts such as Twitter and Facebook. Click the link below to read more.

http://blog.check-and-secure.com/290715-google-drive-abused-for-phishing/

Russian TrueCrypt Site Serves Up Potao Trojan

The Potao trojan malware has been used in attacks against the Ukraine for the past five years. This malware has been used in various spear-phishing campaigns to infect and exploit the computers of its victims, for the purpose of taking control or stealing information from their computers. The malware has also been linked to SMS phishing messages and pyramid-selling scheme phishing e-mails. However, security researchers at ESET have found that hackers are using a trojanized version of the popular encryption software TrueCrypt to infect computers. The purpose of this attack was to target the Ukrainian government and military because of the large number of victims' computers infected with the malware. Furthermore, this version of the software was only served to selected visitors of the Russian-based TrueCrypt site. Click the link below to read more.

http://www.infosecurity-magazine.com/news/potao-trojan-served-up-by-russian/

Android's StageFright Maybe Its Greatest Vulnerability

Earlier this week security researchers highlighted a new vulnerability in the popular Android Mobile Operating System. It affects roughly 95% of smartphones with the mobile OS. StageFright is actually the name of a media library used by Android to process several media formats. However, researchers highlighted that this library is vulnerable to memory corruption that can be exploited by hackers to unknowingly install malware on a victim's smartphone. Attackers only need a victim's phone number and the use of a specially crafted media file sent via MMS. Once the victim's phone receives the message, the embedded malicious code is executed and the phone is compromised. This allows attackers to remotely control the phone or download additional malware to the phone. Since the original message can be deleted remotely, the victim becomes none the wiser to the attack. It is not an actual phishing attack because the victim is not tricked into opening the media file in the MMS message. However, the vulnerability threatens unpatched Android phones. Android users are advised to update their phones so as to avoid this vulnerability. Click the link below to read more.

http://www.networkworld.com/article/2954617/security/the-stagefright-vulnerability-maybe-the-greatest-android-vulnerability-so-far.html