Connect with us

Cybersecurity

WhatsApp Users Targeted By Phishing Scam

Published

on

Emails disguised as official WhatsApp messages have been targeting users of the mobile messaging service, according to Comodo Antispam Labs (CASL), which has identified a new malware in the emails. Attackers are sending emails to distribute malware when the user clicks the message, according to CASL’s blog.

Rogue email addresses are sending the phony WhatsApp messages. By inspecting the address sending the emails, recipients can see WhatsApp is not real the sender.

To distribute the malware, the emails are carrying various subject lines. These include:

  • A short vocal recording was obtained npulf
  • You have obtained a voice notification xgod
  • A sound announcement has been received sqdw
  • You have a video announcement. Eom
  • A brief audio recording has been delivered! Jsvk
  • A brief video note got delivered. Atjvqw
  • You’ve recently got a vocal message. Yop
  • An audio memo was missed. Ydkpda

Every subject line ends with random characters such as “Ydpda” and “xgod.” The random characters are likely used to encode data and identify the recipient.

A ‘Nivdort’ Variant

The attachment has a compressed file holding the executable malware. It is a “Nivdort” family variant. It typically replicates itself into different system folders and adds into an “auto-run” in the registry of the computer.

After the compressed (zip) file executes, the malware infects the computer.
CASL identified the WhatsApp email through URL, domain and IP analysis.

Fatih Orhan, director of technology at CASL and Comodo, said attackers are becoming marketers and are attempting to use creative subject lines to provide unsuspecting emails that recipients will click and spread malware. He said Comodo is working to develop technology solutions and stay ahead of the cyber attackers, secure and protect endpoints, and make IT environments safe.

Also read: Yahoo aims to disrupt instant messaging

CASL On The Case

CASL has more than 40 computer scientists, IT security professionals, engineers and ethical hackers who are filtering and analyzing spam, malware and phishing worldwide. The company has offices in the U.S., India, the Philippines, Turkey and the Ukraine. CASL analyzes more than 1 million pieces of malicious emails daily. The team protects its customers and the public at large.

Hacked reported in September that WhatsApp Web, the messaging service’s web client, suffered a vulnerability that could have allowed hackers to undermine millions of computers around the world, security researchers warned.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

3.9 stars on average, based on 8 rated postsLester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.




Feedback or Requests?

18 Comments

18 Comments

  1. Melisa Walter

    February 6, 2016 at 3:26 am

    I was able to get evidence on my cheating husband through the service of ethicalhacking76@gmail.com … I got detailed info about his secret dating, call logs, whatsapp and others and he hacked it without physical access to his phone…you can contact him too he also helped 2 others I know.

  2. Mary Martin

    February 6, 2016 at 3:27 am

    DO YOU NEED MONEY OR OTHER HACKS, contact deephacking0@gmail.com for all your hacking needs, he once

    helped me with credit card hack, which was very successful. he also does things like, bank wire hack, changing of school

    grades
    hacking and changing school grades,
    hacking into any phones and computer,
    hacking into any bank account, companies, government agencies,
    bank wire transfer, paypal hack, and many more.
    he successfully made bank wire into my account. which is a big amount i cant diclose here.
    contact him for such help regarding money and other personal hack..his email in deephacking0@gmail.com. have a good approach when messaging him and am sure he would help you. goodluck getting rich.

  3. jack

    June 1, 2016 at 9:53 pm

    Do you need a university degree?

    Do you intend to upgrade your school grade?

    Do you want to hack your cheating spouse Email, whatsapp, socail network

    Do you want to increase your credit score?

    Do you need any information concerning any database.

    you should contact this russian hacker, he is reliable.

    contact : russian.h@programmer.net

    phone : +1 646 490 1318

    • John

      August 16, 2016 at 2:20 pm

      He is the best hacker i have known that is genuine and reliable, he saved me from some jack ass that tried to blackmail me.

  4. Amir hagay

    June 6, 2016 at 7:18 pm

    I hired thewhitehackdemon@gmail.com, to help my colleague hack her husband’s bank account and steal money to mine.Zlamir Zhirkov th thewhitehackdemon@gmail.com is 100% good at wire transfers, I made 25,000 USD after 9 days… he’s also good and fast if you want to hack your husband/boyfriend/partner/spouse iphone, icloud, phone, text messages, whats app,gmail,b.b.m amidst other etical hacks.he’s great and he’s helped me get alot of information i used in court during my divorced,clear criminal records,credit scores,And college upgrades as well.reach him out at thewhitehackdemon@gmail.com or text him +1(8283677582},he’s kinda picky though so Amir referred you.

  5. Amir hagay

    June 6, 2016 at 7:23 pm

    I hired thewhitehackdemon@gmail.com, to help my colleague hack her husband’s bank account and steal money to mine.Zlamir Zhirkov th thewhitehackdemon@gmail.com is 100% good at wire transfers, I made 25,000 USD after 9 days… he’s also good and fast if you want to hack your husband/boyfriend/partner/spouse iphone, icloud, phone, text messages, whats app,gmail,b.b.m amidst other etical hacks.he’s great and he’s helped me get alot of information i used in court during my divorced,clear criminal records,credit scores,And college upgrades as well.reach him out at thewhitehackdemon@gmail.com or text him +1(8283677582},he’s kinda picky though so Amir referred you.

  6. LaraB

    June 14, 2016 at 5:01 am

    if your spouse cheats contact besthackgame@gmail com. he helped mee hack my husband’s phone and I caught him sexting and hooking up with other women,,,the evidence

    came in very handy in the divorce .you can mention that Lara referred you for a quick response and you might probably get a discount

  7. Amir hagay

    June 14, 2016 at 12:27 pm

    Need a hacker? I was in a bit of a tough spot and didn’t know what to do until a friend recommended this guy Zhlamir Zhirkov at thewhitehackdemon@gmail.com or text him om +1(8283677582). I was pleased with his professionalism and thoroughly satisfied with how he handled it. He’s your guy if you need one,does from facebook,gmail,yahoo,hotmail,school score upgrade,bank jobs,cloning phones,credit card hacks as well as blank atm’s,make as much as $20,000 dude’s kinda picky though so make sure of the reference.Amir referred you.You’re welcome

  8. Tracy White

    July 18, 2016 at 6:12 pm

    Have you guys checked out Wayne, Contact wjitservices@gmail.com he’s just a cyber guru involved with cloning phones, hacked into my ex’s whatsapp and Facebook account, glad to know he ain’t right for me, deals on any type of hack relating to cyber issues such as
    Facebook, fb messenger, gmail, whatsapp, Instagram, mobile phone, Skype, websites, upgrading scores, database, software testing, password sniffing, DOB, SQL DB penetration, erasing of criminal records, SMTP any domain, lease penetration and lots more. You could mail him as well if you got any cyber issues, he’s discreet and professional too. He sure gave me the best and executed my project with the quickest time frame.

  9. Travis Wright

    August 11, 2016 at 8:04 am

    When people say hackers are not reliable i laugh at them. I was introduced to this Russian hacker when i had marital issues with my wife,he helped me hack into her emails. Him and his team are professional hackers and they offer other services such as clearing bad driving and criminal records, background checks, monitoring locations, locating missing people, tracking scams e.g (online dating scams, cyber frauds), bank account hacks and transfer, facebook, whatsapp,text messages, phone records, email hacks, teaching individuals on how to become pro hackers and counter hacking hackers. They offer same day services too, and of cause he provides proof of legitimacy. If you need a hacker contact Ostrovsky Belkin via his email-ostrovskyhackplanet@gmail.com, via his Kik-Ostrovskybelkin or cell line +1 240-565-0172 Him and his team saved my marriage, at least i owe him publicity. If he doesn’t respond tell him (Travis) recommended him.

  10. john Cooper

    September 23, 2016 at 1:48 am

    I know some real professional hackers who has worked for me twice in the past one month retrodataservices@gmail.com. They are very good at hacking anything concerning database, phone, social media and even credit report fixes. They offers legit services. They also helps to retrieve accouts that have been taken by hackers. Contact them if you need such service or message them at +1 480 439 6115

  11. abel reuben

    September 23, 2016 at 11:26 pm

    Do you need hackers for hire? Do you need access to keep an eye on your spouse by gaining access to their emails?, want to know what your kids do on social networks? Whatever it is, Ranging from changing grades, whatsapp hack, email hack. We can get the job done. change of grades?
    Get your WhatsApp, Email, Facebook, Criminal record erasing etc
    We are team and have great feedback. We are 100% legit. You don’t have to pay anything before we begin your job. Contact us on our email . besthackerr21@gmail.com

  12. Suzan Adama

    September 27, 2016 at 9:14 am

    I’ve just used this guy’s services and he’s a legit black hat hacker, he can handle social network hacks, emails and school grade hacks, he’s actually the real deal, I was initially skeptical as I already got scammed before but he did come through, his email is lawsonmichael33@yahoo.com and you can also text him on +1 646-652-6107

  13. Emily Brown

    September 30, 2016 at 10:32 pm

    My miracle happened when i met this hacker by the name Verenich Fedorov.He helped hack into my ex husband’s facebook,whatsapp and email when i suspected him of cheating. Even thou we broke up after i saw some very heart breaking messaages on his inbox on facebook, i still thank Verenich for his great services. If you ever need a professional hacker contact him on his Email- verenichtech@gmail.com or Kik- verenichtechnologies

  14. Philip Morgan

    September 30, 2016 at 10:34 pm

    Always do a background check on a hacker before assigning a job to him/her.
    Astrid Gervas is a well known hacker, he’s well known for breaching the net.
    I never gave him a job that he couldn’t pull off.
    He hacks almost everything from Facebook, whatsapp, emails, Instagram, Kik accounts, does background checks, accesses missing people, cellphone hacks and monitoring, legal bank transfers and so on
    You can reach him via his email; astridgervashack@gmail.com or Kik; astridgervashack
    NOTICE!! USAGE OF ASTRID’S SERVICE’S WITHOUT PRIOR USER CONSENT MAY BE AGAINST YOUR LOCAL LAWS AND YOU DO IT AT YOUR OWN RISK

  15. Daura

    October 1, 2016 at 4:18 am

    As a parent,if you want to know what your kids do on a daily
    basis on social networks (This includes facebook, twitter ,instagram,
    whatsapp, WeChat and others to make sure they’re not getting into
    trouble? Whatever it is,Ranging from Bank Jobs, Flipping cash, Criminal
    records, DMV, Taxes, Name it,he will get the job done.He’s a
    professional hacker with 20 Years+ experience.Contact him at dragonhhacker@gmail.com…Contact him and Its done.Tell him Daura referred you

  16. angela

    October 7, 2016 at 11:23 pm

    fake hackers everywhere, you guys should be aware, i know how dey works cus have been a victim twice, they took my money without doing my job, i was hurt and a friend of mine told me about mariohacker913@gmail.com who helped me hacking my cheating husbands mails, whatsaap, facebook, thanks to mariohacker913@gmail.com

  17. Jason Smith

    October 11, 2016 at 8:20 pm

    Hello, are you in need of hacking services? Then contact alienpredator0102@gmail.com, he is the best hacker. He helped me and my friends with some issues we had. If you need to
    *hack into email accounts,
    *all social media accounts,
    *school database to clear or change grades,
    *Retrieval of lost file/documents
    *DUIs
    *company records and systems,
    *bank accounts,
    he is really the best. His services are affordable. Don’t waste your time with fake hackers
    CONTACT: alienpredator0102@gmail

You must be logged in to post a comment Login

Leave a Reply

Altcoins

Monero Price Analysis: Stronger Malware to Mine Monero; XMR/USD Has Room for Another Potential Squeeze South

Published

on

  • Researchers: a stronger malware has been uncovered, which can mine Monero.
  • XMR/USD price action remains stuck in a narrowing range, subject to an imminent breakout.

The XMR/USD price has seen some upside on Saturday, holding gains of around 3% towards the latter stages of the day. Despite the press higher from the bulls, a move which has been observed across the cryptocurrency market, vulnerabilities remain. Price action has been ranging for the past nine sessions. Once again, this isn’t specifically just XMR, as this type of behavior is witnessed across the board. The narrowing in play came after the steep drop that rippled across the market on 10th January.

Price action was initially well-supported to the upside by an ascending trend line, which was in play from 15th December. This at the time was a very promising recovery, as XMR/USD had gained as much as 55%. Unfortunately, however, the bulls were unable to break down supply heading into the $60 region and were eventually dealt a big hammer blow. On 10th January, the market bears forced a heavy breach to the downside, smashing through this support. The price had dropped a big double-digits, some 20%.

Stronger Malware Mining Monero (XMR)

There is a dangerous form of malware that can bypass being detected and mine Monero (XMR) on cloud-based servers. A recent notice was put out by Palo Alto Networks’ Unit 42, an intelligence team that specializes in cyber threats, regarding a Linux mining malware. This was detailed to have been developed by Rocke group, which has the ability uninstall cloud security products. It can do this to the likes of Alibaba Cloud and Tencent Cloud, to then illegally mine Monero on compromised machines.

The two researchers from Palo Alto Networks, Xingyu Jin and Claud Xiao, detailed the findings of their studies. Once the malware is downloaded, it takes administrative control to initially uninstall all cloud security products. Shortly after, it will then then transmit code that will mine the Monero (XMR). Further within their press release, they said, “To the best of our knowledge, this is the first malware family that developed the unique capability to target and remove cloud security products.”

Technical Review – XMR/USD

XMR/USD daily chart.

Given the current range block formation, eyes should be on the key near-term technical areas. Firstly, to the downside, $43, which is the lower part of the range. A breach here will likely see a retest of the December low, $38. To the upside, resistance be observed at around the mid $46 level. Should a breakout be observed here, then a potential retest of the broken trend line will be watched.

Disclaimer: The author owns Bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 125 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Altcoins

Dash 51% Attack Fears Cooled as Core Dev Group Suggest Benevolent Miner

Published

on

Dash investors may have been starting to question the security of their holdings in light of Ethereum Classic’s (ETC) recent attack, and the subsequent fallout which revealed Dash’s own vulnerability to 51% attacks.

Three addresses, all controlled by the same user, were in control of more than 51% of the Dash mining hashrate, as reported on CCN a few days ago. On top of that, over 74% of the entire Dash hashrate was accessible via Nicehash – a cloud-mining marketplace – where it could be purchased for as little as $3,104 per hour.

Hashing Power Removed from Nicehash

As of Saturday’s statement by the Dash Core Group, the same individual still controls the majority of the Dash hashrate. However, the group pointed out that since the news concerning a 51% attack broke out earlier this week, the individual has begun to remove their hashing power from Nicehash, and spread it around separate mining pools.

The team stated clearly that they do not believe the miner in question to be malicious:

“…we don’t believe the entity in control of the wallets in question plans or wants to attack because their mining activities began at least 4 months ago and their blocks have been published for all to see.”

The group believe the sudden removal of hashing power from Nicehash – as shown above – is a signal of benevolent intentions on the part of the miner. As a major holder of Dash, they reason that the miner would want to secure the network as best they could.

“This removes the risk of a malicious party renting the hashing power via NiceHash and simultaneously signals that the entity in control of the hashing power does not have negative intent. We believe the miner behind the hashing power was made aware by the same info we discovered online and quickly moved to more protected pools as they appear to be a major stakeholder of Dash.”

Future Proof?

The announcement ends with a look to the future in the form of Dash’s upcoming ChainLocks technology. To be implemented in an as yet unspecified future update, ChainLocks will unite the mining layer with that of the Dash’s masternodes.

This means that a 51% attacker would also have to secure a majority of the blockchain’s masternodes to execute their plans. More can be read on ChainLocks here.

Dash Coin Price

Almost mid-way through the first month of 2019, Dash has recovered 26% of its value since the market lows of mid-December. That’s when one unit of DASH was valued at $58.27 – a 96% decline since December 2017.

Dash’s 26% recovery in the past month still leaves the coin 95% off its all-time high. As of Saturday the coin had settled down along with the broader market, after a sharp 17.5% decline 48 hours before.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 147 rated postsGreg Thomson is a full-time crypto writer and digital nomad. He eats ICOs for breakfast and bleeds altcoins. Wherever he lays his public key is his home.




Feedback or Requests?

Continue Reading

Cryptocurrencies

Where to Store Your Crypto?

Published

on

By

Storing crypto on virtual exchanges has some inherent security risks that have been exploited by hackers and cyber criminals. This article will touch upon this important topic and provide you with alternative methods in which to store your digital assets.

Cold and Hot Wallets

The main thing in cryptocurrency storage is the private key and who has access to it.

Cold storage wallets operate offline and without a constant internet connection. If your key is not on the Internet, then it is much more difficult to steal.

A hot storage wallet is a wallet with constant connection to the Internet.

So, all storage options can be distinguished by the following criteria:

  1. private keys are kept by you or by third parties.
  2. without internet connection or with internet connection

A cold storage wallet with a private key is considered the most reliable storage option. Such a wallet is suitable for long-term storage of large amounts. However, it is not convenient if, for example, you do trading and need access to your wallet for transferring small amounts.

Hardware Wallets

hardware wallets like Ledger, Trezor, Pi Wallet, Keepkey, Opendime, Bitlox, etc. have a flash drive within the software without an internet connection. You can connect to the Internet only when sending a transaction. You need to confirm the transaction physically, from the device itself. This is a “cold” method of storage without an internet connection (connection only at the time of the transaction). The user keeps private keys.

Paper Wallets

This method of storage will be also convenient for you if you want to conserve your funds for an extended period. In offline mode, you can generate a public and private key. For example, if you are using the service walletgenerator.net it will transfer those keys in the form of a QR-code, which can be printed and stored by you.

Physical Bitcoin Wallet

A physical bitcoin wallet has almost the same properties as a paper wallet. Encrypted bitcoins cannot be spent until the seal protecting the secret key has been broken. However, the security of the seal is not considered very reliable.

Desktop Offline Wallets.

There are also two main types of offline wallets:

  1. Wallets, where the user is the only one with the access to private keys. You can install such wallets on a personal computer as a separate program. As a rule, these are the wallets from the developers of that cryptocurrency. For example, Bitcoin Core. Litecoin Core, Mist, etc. Such wallets are also called “heavy” wallets since during installation they take up quite a lot of space (for example, you will have to free up at least 200 GB for a Bitcoin wallet in 2018). When installing such wallets on laptops flash drives that are disconnected from the Internet can also be called “cold” wallets. In general, they are also considered safe.
  2. The so-called “light” offline wallets. These are desktop wallets that allow you to store cryptocurrency without downloading its full registry to a bunch of gigabytes. Some of them give you private keys and the ability to restore a lost wallet at any time using seed phrases. There is a drawback – they do not always contain the full version of the blockchain, and sometimes won’t show up-to-date transaction information. Examples of such a wallet are Electrum and Armory.

Light wallets can be multi-currency, with a built-in internal exchange for example Exodus. Its private keys can also be restored using seed-phrases. However, inside such wallets, not only you but also developers have access to your private keys.

It is also worth to mention an essential aspect of light wallets, which are open source code. If something happens to the wallet, then it will be only possible to restore the wallet using the seed phrase only if the function is restored.

As a conclusion on cold wallets, I can say that their main advantage is reliability and security, and the main drawback is that it is difficult to move cryptocurrencies quickly. Therefore, cold wallets are suitable for long-term storage. For everyday transactions, hot wallets are the best. The exceptions are some hardware wallets that are compatible with online cryptocurrency storage and exchange services.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.9 stars on average, based on 43 rated postsVladislav Semjonov has a legal and financial background. He has been involved in crypto space since early 2017 in both ICO advising positions in several ICO consultancy firms, and as an ICO analyst for VC. He began contributing for Hacked.com in April 2017.




Feedback or Requests?

Continue Reading

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending