We've rounded up the most important cybersecurity news of the week.
- Specialists have discovered a targeted on Android OS, a malware that steals the data of cryptocurrency owners.
- Cloudflare spoke about a record DDoS attack.
- BeanVPN users' data leaked to the network.
Researchers have found an Android malware that bypasses 2FA and steals the data of cryptocurrency holders
F5 Labs has discovered a new variant of MaliBot malware that targets Android users and is capable of bypassing two-factor authentication and stealing credentials.
. @F5 researchers led by @DorNizar have analyzed a new Android banking trojan, and it’s a doozy. It bypasses MFA, steals cryptocurrency from wallets, and allows for complete remote control. Read more https://t.co/P6fKlAuVOz pic.twitter.com/9bn9FLN9PR
— F5 Labs (@F5Labs) June 15, 2022
MaliBot masquerades as mining apps Mining X and The CryptoApp. The malware aims to steal data from crypto wallets and bank accounts, personal information, and also specializes in attacks on financial institutions in Italy and Spain.
MaliBot control servers are located in Russia and seem to be the same servers that were used for distribution of Sality malware, noted in F5 Labs.
Media: US authorities increased funding for VPN developers to help Russian citizens bypass censorship
Since the beginning of the war in Ukraine, the US government has increased funding for three VPN companies to help Russian citizens bypass censorship and gain access to the media, Reuters writes.
According to sources, we are talking about nthLink, Psiphon and Lantern . Since the beginning of the war and the subsequent large-scale blocking of social networks, services and media in Russia, the share of VPN users has increased significantly, the newspaper notes. The increased funding is aimed at helping companies in connection with the influx of users from the Russian Federation.
Earlier, the US State Department called for Russia not to be disconnected from the Internet so that residents of the country could receive independent information.
Last week, Cloudflare automatically detected and mitigated a 26 million request per second DDoS attack — the largest HTTPS DDoS attack on record. https://t.co/cnOhlXhqkp
— Cloudflare (@Cloudflare) June 14, 2022
One of Cloudflare's free plan clients has been attacked. Behind it was a botnet consisting of 5067 devices.
New Chrome extension will hide the location of users better than VPN
Vytal extension for Google Chrome browser will not allow using the API for location detection, writes Bleeping Computer.
Vytal allows you to select an arbitrary location from a list of pre-filled places, change data in according to IP address or own geolocation.
Apple CEO worried about the consequences of losing the privacy of Internet users
Apple CEO Tim Cook told Time he's worried people will start thinking and behaving differently as they lose their sense of privacy in a world where digital devices and technology increasingly track their activities.
“I'm very afraid of losing my privacy. When we feel like we are constantly being watched, our behavior changes. We are starting to do less, think less and change the way we think. In a world where we hold ourselves back, society changes a lot,” he said.
BeanVPN user data leaked to the network
Specialists discovered a database with information from users of the free BeanVPN VPN service.
The database is 18, 5 GB contains more than 25 million records, including device IDs, IP addresses and other data.
Media: Cisco finally leaves the Russian Federation
Network equipment manufacturer Cisco will finally leave the Russian market, writes CNews, citing sources.
According to media reports, the company is preparing to announce this at the end of June, after which it will lay off all employees. Cisco will finally complete its operations in the Russian Federation by the beginning of July.
Earlier, the largest manufacturer and supplier of hardware and software, IBM, announced the complete cessation of work in Russia due to its invasion of Ukraine.
< p>Also on ForkLog:
- Vulnerability discovered in older versions of the MetaMask wallet.
- Binance will restrict deposits and withdrawals of Litecoin using a privacy feature.
- A hacker stole about $1.2 million in an attack on the Inverse Finance landing project.
What to read on the weekend?
Amid increasing blocking and censorship, help implement the right to free access to information can VPN services. ForkLog compiled a quick guide to the most popular ones:
Through the iron curtain: which VPN service to choose
Read ForkLog bitcoin news in our Telegram — cryptocurrency news, rates and analytics.