Agent Smith Malware

A newly discovered piece of Android malware that replaces portions of apps with its own code has infected more than 25 million devices, according to security firm Check Point. Check Point’s researchers named the malware “Agent Smith” because of the methods it uses to attack a device and avoid detection.

The malware doesn’t steal data from a user. Instead, it hacks apps and forces them to display more ads or takes credit for the ads they already display so that the malware’s operator can profit off the fraudulent views. Check Point says the malware looks for known apps on a device, such as WhatsApp, Opera Mini, or Flipkart, then replaces portions of their code and prevents them from being updated.

Source: The Verge

How do you protect yourself?

Proper security measures must be in place to defend against Agent Smith malware and similar threats. Ensure your systems have the latest patches installed. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2019-1170

Mozilla has released security patches for vulnerabilities in Firefox. Some of these bugs showed evidence of memory corruption and is presumed that with enough effort that some of these could be exploited to run arbitrary code.

Source: Mozilla

How do you protect yourself?

Update Firefox to version 68.

eCh0raix Ransomware

A newly discovered form of ransomware is targeting network storage devices by brute-forcing weak credentials and exploiting known vulnerabilities in their systems.

Dubbed eCh0raix after a string of code, the new form of file-locking malware emerged in June and has been detailed by cybersecurity researchers at Anomali. The ransomware specifically targets QNAP network attached storage (NAS) devices produced by Taiwanese firm QNAP systems, which has offices in 16 countries and customers around the world.

The attacks are opportunistic, with the initial infection coming via unsecured, internet-facing ports and the use of brute-force attacks to bypass weak login credentials. NAS devices make appealing targets for cybercriminals dealing in ransomware, because they’re used to store critical data and backups – but despite this, the devices don’t tend to be equipped with security software.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against eCh0raix ransomware and similar threats. Ensure your systems have the latest patches installed. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.