Cybersecurity

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

Dec 11, 2023NewsroomData Security / Mobile Security Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. “Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while […]

Cybersecurity

Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack

Dec 05, 2023NewsroomMobile Security / Spyware A new “post-exploitation tampering technique” can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it’s actually not and carry out covert attacks. The novel method, detailed by Jamf Threat Labs in a report shared with […]

Cybersecurity

Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale

Nov 24, 2023NewsroomThreat Analysis / Dark Web More details have emerged about a malicious Telegram bot called Telekopye that’s used by threat actors to pull off large-scale phishing scams. “Telekopye can craft phishing websites, emails, SMS messages, and more,” ESET security researcher Radek Jizba said in a new analysis. The threat actors behind the operation […]

Cybersecurity

ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil

Our investigations on potential security threats uncovered a malicious Google Chrome extension that we named “ParaSiteSnatcher.” The ParaSiteSnatcher framework allows threat actors to monitor, manipulate, and exfiltrate highly sensitive information from multiple sources. ParaSiteSnatcher also utilizes the powerful Chrome Browser API to intercept and exfiltrate all POST requests containing sensitive account and financial information before […]

Cybersecurity

Chess.com Faces Second Data Leak: 476,000 Scraped User Records Leaked

Earlier, Chess.com confirmed to Hackread.com that malicious threat actors exploited the “find friends” feature in the platform’s API to extract publically available user data. On November 10th, 2023, Hackread.com exclusively reported that threat actors had disclosed a scraped database containing information from Chess.com users. The database, containing approximately 828,327 users, was leaked on the notorious […]