According to new Symantec research, attackers have disguised information-stealing malware as third-party add-ons and cheats for the online card game Hearthstone on PC.
Hearthstone players looking to gain an unfair advantage often turn online for tools to help them play better or earn more rewards.
In this case, attackers created third-party programs that promise to benefit Hearthstone players, but in reality can compromise their computers with malicious software capable of opening a back door, recording from their webcam, logging key strokes, and stealing passwords.
Symantec has recently observed Trojan.Spymel posing as a Hearthstone gold- and dust-hacking tool (which likely breaches the game’s terms of service anyway) and has mostly affected Europe, notably France.
Kaspersky discovers malware-as-a-service platform
Elsewhere in our security roundup, Kaspersky Lab has announced its discovery of Adwind – a malware-as-a-service platform which has hit more than 400,000 users and organisations across the globe.
One of the main features that distinguishes the Adwind platform from other commercial malware is that it is distributed openly in the form of a paid service, where the ‘customer’ pays a fee in return for use of the malicious program.
Based on an investigation of users’ activity on the internal message board and some other observations, Kaspersky Lab researchers estimate that there were around 1,800 users in the system by the end of 2015. This makes it one of the biggest malware platforms in existence today.
Skype snooping malware detected
A new type of malware has been identified that installs itself onto a PC and listens in on Skype calls.
The T9000 Trojan Horse has been found in email attachments including RTF files. One downloaded it installs a back door and downloads other files in order to listen in on Skype conversations.
1 in 10 teens know a cybercriminal
Research from Kaspersky Lab has also revealed that one in ten 16 to 19 year olds in the UK know someone who has engaged in a cyber activity that could be deemed illegal.
In light of the NCA’s recent finding that the average age of a cyber-criminal is now just 17 years old, Kaspersky Lab polled older teens in Britain and discovered many may unwittingly be involving themselves in the serious threats and dangers that lurk in the world of cybercrime.
A third (35 per cent) would be impressed if a friend hacked a bank’s website and replaced the homepage with a cartoon. And one in ten said they would be impressed if a friend hacked the air traffic control systems of a local airport.
Bitdefender has announced it has been named a Visionary in Gartner’s Magic Quadrant for Endpoint Protection Platforms.
Bogdan Dumitru, CTO at Bitdefender, states, “We feel Gartner’s positioning of Bitdefender as a Visionary in the industry offers powerful validation of the years of research we have put into staying at the forefront of technological advancements in endpoint security and into meeting the precise needs of businesses.”
WatchGuard Wi-Fi scheme
WatchGuard did its bit for Safer Internet Day yesterday by promoting the Friendly Wifi scheme, designed to help children stay safe online by identifying public places offering secure filtered WiFi.
Set up by the UK Government with support from the UK Council for Child Internet Safety and managed by the RDI trade organisation, the scheme means that children, parents and guardians can look for the Friendly WiFi logo to be sure that the network has been tested and verified to block pornographic and other inappropriate websites.
UK businesses spend £1.2m recovering from a cybersecurity breach
A new Risk:Value 2016 report from NTT Com Security reveals over half of all firms expect a security attack.
Most business decision makers in the UK admit that their organisation will suffer from a cyber security breach at some point. They also anticipate that to recover from a breach would cost upwards of £1.2 million on average for their organisation, the highest figure globally. This is according to a new Risk:Value 2016 report, which surveyed business decision makers in the UK, as well as US, Germany, France, Sweden, Norway and Switzerland.
While nearly half (48 per cent) of UK business decision makers say information security is ‘vital’ to their organisation and just half agree it is ‘good practice’, a fifth admit that poor information security is the ‘single greatest risk’ to the business, ahead of ‘decreasing profits’ (12 per cent), ‘competitors taking market share’ (11 per cent) and on a par with ‘lack of employee skills’ (21 per cent).
Well over half (57 per cent) agree that their organisation will suffer a data breach at some point, while a third disagree and one in ten say they do not know.
Java bug spotted
Windows computers could be susceptible to a bug that crops up in the Java SE installation process, Oracle has said.
It affects Windows users who attempt to install older versions of Java SE 6, 7 or 8. Oracle has released a patch for the bug.