Connect with us

Cybersecurity

WhatsApp Users Targeted By Phishing Scam

Published

on

Emails disguised as official WhatsApp messages have been targeting users of the mobile messaging service, according to Comodo Antispam Labs (CASL), which has identified a new malware in the emails. Attackers are sending emails to distribute malware when the user clicks the message, according to CASL’s blog.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

Rogue email addresses are sending the phony WhatsApp messages. By inspecting the address sending the emails, recipients can see WhatsApp is not real the sender.

To distribute the malware, the emails are carrying various subject lines. These include:

  • A short vocal recording was obtained npulf
  • You have obtained a voice notification xgod
  • A sound announcement has been received sqdw
  • You have a video announcement. Eom
  • A brief audio recording has been delivered! Jsvk
  • A brief video note got delivered. Atjvqw
  • You’ve recently got a vocal message. Yop
  • An audio memo was missed. Ydkpda

Every subject line ends with random characters such as “Ydpda” and “xgod.” The random characters are likely used to encode data and identify the recipient.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

A ‘Nivdort’ Variant

The attachment has a compressed file holding the executable malware. It is a “Nivdort” family variant. It typically replicates itself into different system folders and adds into an “auto-run” in the registry of the computer.

After the compressed (zip) file executes, the malware infects the computer.
CASL identified the WhatsApp email through URL, domain and IP analysis.

Fatih Orhan, director of technology at CASL and Comodo, said attackers are becoming marketers and are attempting to use creative subject lines to provide unsuspecting emails that recipients will click and spread malware. He said Comodo is working to develop technology solutions and stay ahead of the cyber attackers, secure and protect endpoints, and make IT environments safe.

Also read: Yahoo aims to disrupt instant messaging

CASL On The Case

CASL has more than 40 computer scientists, IT security professionals, engineers and ethical hackers who are filtering and analyzing spam, malware and phishing worldwide. The company has offices in the U.S., India, the Philippines, Turkey and the Ukraine. CASL analyzes more than 1 million pieces of malicious emails daily. The team protects its customers and the public at large.

Hacked reported in September that WhatsApp Web, the messaging service’s web client, suffered a vulnerability that could have allowed hackers to undermine millions of computers around the world, security researchers warned.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

18 Comments

18 Comments

  1. Melisa Walter

    February 6, 2016 at 3:26 am

    I was able to get evidence on my cheating husband through the service of [email protected] … I got detailed info about his secret dating, call logs, whatsapp and others and he hacked it without physical access to his phone…you can contact him too he also helped 2 others I know.

  2. Mary Martin

    February 6, 2016 at 3:27 am

    DO YOU NEED MONEY OR OTHER HACKS, contact [email protected] for all your hacking needs, he once

    helped me with credit card hack, which was very successful. he also does things like, bank wire hack, changing of school

    grades
    hacking and changing school grades,
    hacking into any phones and computer,
    hacking into any bank account, companies, government agencies,
    bank wire transfer, paypal hack, and many more.
    he successfully made bank wire into my account. which is a big amount i cant diclose here.
    contact him for such help regarding money and other personal hack..his email in [email protected]. have a good approach when messaging him and am sure he would help you. goodluck getting rich.

  3. jack

    June 1, 2016 at 9:53 pm

    Do you need a university degree?

    Do you intend to upgrade your school grade?

    Do you want to hack your cheating spouse Email, whatsapp, socail network

    Do you want to increase your credit score?

    Do you need any information concerning any database.

    you should contact this russian hacker, he is reliable.

    contact : [email protected]

    phone : +1 646 490 1318

    • John

      August 16, 2016 at 2:20 pm

      He is the best hacker i have known that is genuine and reliable, he saved me from some jack ass that tried to blackmail me.

  4. Amir hagay

    June 6, 2016 at 7:18 pm

    I hired [email protected], to help my colleague hack her husband’s bank account and steal money to mine.Zlamir Zhirkov th [email protected] is 100% good at wire transfers, I made 25,000 USD after 9 days… he’s also good and fast if you want to hack your husband/boyfriend/partner/spouse iphone, icloud, phone, text messages, whats app,gmail,b.b.m amidst other etical hacks.he’s great and he’s helped me get alot of information i used in court during my divorced,clear criminal records,credit scores,And college upgrades as well.reach him out at [email protected] or text him +1(8283677582},he’s kinda picky though so Amir referred you.

  5. Amir hagay

    June 6, 2016 at 7:23 pm

    I hired [email protected], to help my colleague hack her husband’s bank account and steal money to mine.Zlamir Zhirkov th [email protected] is 100% good at wire transfers, I made 25,000 USD after 9 days… he’s also good and fast if you want to hack your husband/boyfriend/partner/spouse iphone, icloud, phone, text messages, whats app,gmail,b.b.m amidst other etical hacks.he’s great and he’s helped me get alot of information i used in court during my divorced,clear criminal records,credit scores,And college upgrades as well.reach him out at [email protected] or text him +1(8283677582},he’s kinda picky though so Amir referred you.

  6. LaraB

    June 14, 2016 at 5:01 am

    if your spouse cheats contact [email protected] com. he helped mee hack my husband’s phone and I caught him sexting and hooking up with other women,,,the evidence

    came in very handy in the divorce .you can mention that Lara referred you for a quick response and you might probably get a discount

  7. Amir hagay

    June 14, 2016 at 12:27 pm

    Need a hacker? I was in a bit of a tough spot and didn’t know what to do until a friend recommended this guy Zhlamir Zhirkov at [email protected] or text him om +1(8283677582). I was pleased with his professionalism and thoroughly satisfied with how he handled it. He’s your guy if you need one,does from facebook,gmail,yahoo,hotmail,school score upgrade,bank jobs,cloning phones,credit card hacks as well as blank atm’s,make as much as $20,000 dude’s kinda picky though so make sure of the reference.Amir referred you.You’re welcome

  8. Tracy White

    July 18, 2016 at 6:12 pm

    Have you guys checked out Wayne, Contact [email protected] he’s just a cyber guru involved with cloning phones, hacked into my ex’s whatsapp and Facebook account, glad to know he ain’t right for me, deals on any type of hack relating to cyber issues such as
    Facebook, fb messenger, gmail, whatsapp, Instagram, mobile phone, Skype, websites, upgrading scores, database, software testing, password sniffing, DOB, SQL DB penetration, erasing of criminal records, SMTP any domain, lease penetration and lots more. You could mail him as well if you got any cyber issues, he’s discreet and professional too. He sure gave me the best and executed my project with the quickest time frame.

  9. Travis Wright

    August 11, 2016 at 8:04 am

    When people say hackers are not reliable i laugh at them. I was introduced to this Russian hacker when i had marital issues with my wife,he helped me hack into her emails. Him and his team are professional hackers and they offer other services such as clearing bad driving and criminal records, background checks, monitoring locations, locating missing people, tracking scams e.g (online dating scams, cyber frauds), bank account hacks and transfer, facebook, whatsapp,text messages, phone records, email hacks, teaching individuals on how to become pro hackers and counter hacking hackers. They offer same day services too, and of cause he provides proof of legitimacy. If you need a hacker contact Ostrovsky Belkin via his [email protected], via his Kik-Ostrovskybelkin or cell line +1 240-565-0172 Him and his team saved my marriage, at least i owe him publicity. If he doesn’t respond tell him (Travis) recommended him.

  10. john Cooper

    September 23, 2016 at 1:48 am

    I know some real professional hackers who has worked for me twice in the past one month [email protected]. They are very good at hacking anything concerning database, phone, social media and even credit report fixes. They offers legit services. They also helps to retrieve accouts that have been taken by hackers. Contact them if you need such service or message them at +1 480 439 6115

  11. abel reuben

    September 23, 2016 at 11:26 pm

    Do you need hackers for hire? Do you need access to keep an eye on your spouse by gaining access to their emails?, want to know what your kids do on social networks? Whatever it is, Ranging from changing grades, whatsapp hack, email hack. We can get the job done. change of grades?
    Get your WhatsApp, Email, Facebook, Criminal record erasing etc
    We are team and have great feedback. We are 100% legit. You don’t have to pay anything before we begin your job. Contact us on our email . [email protected]

  12. Suzan Adama

    September 27, 2016 at 9:14 am

    I’ve just used this guy’s services and he’s a legit black hat hacker, he can handle social network hacks, emails and school grade hacks, he’s actually the real deal, I was initially skeptical as I already got scammed before but he did come through, his email is [email protected] and you can also text him on +1 646-652-6107

  13. Emily Brown

    September 30, 2016 at 10:32 pm

    My miracle happened when i met this hacker by the name Verenich Fedorov.He helped hack into my ex husband’s facebook,whatsapp and email when i suspected him of cheating. Even thou we broke up after i saw some very heart breaking messaages on his inbox on facebook, i still thank Verenich for his great services. If you ever need a professional hacker contact him on his Email- [email protected] or Kik- verenichtechnologies

  14. Philip Morgan

    September 30, 2016 at 10:34 pm

    Always do a background check on a hacker before assigning a job to him/her.
    Astrid Gervas is a well known hacker, he’s well known for breaching the net.
    I never gave him a job that he couldn’t pull off.
    He hacks almost everything from Facebook, whatsapp, emails, Instagram, Kik accounts, does background checks, accesses missing people, cellphone hacks and monitoring, legal bank transfers and so on
    You can reach him via his email; [email protected] or Kik; astridgervashack
    NOTICE!! USAGE OF ASTRID’S SERVICE’S WITHOUT PRIOR USER CONSENT MAY BE AGAINST YOUR LOCAL LAWS AND YOU DO IT AT YOUR OWN RISK

  15. Daura

    October 1, 2016 at 4:18 am

    As a parent,if you want to know what your kids do on a daily
    basis on social networks (This includes facebook, twitter ,instagram,
    whatsapp, WeChat and others to make sure they’re not getting into
    trouble? Whatever it is,Ranging from Bank Jobs, Flipping cash, Criminal
    records, DMV, Taxes, Name it,he will get the job done.He’s a
    professional hacker with 20 Years+ experience.Contact him at [email protected]…Contact him and Its done.Tell him Daura referred you

  16. angela

    October 7, 2016 at 11:23 pm

    fake hackers everywhere, you guys should be aware, i know how dey works cus have been a victim twice, they took my money without doing my job, i was hurt and a friend of mine told me about [email protected] who helped me hacking my cheating husbands mails, whatsaap, facebook, thanks to [email protected]

  17. Jason Smith

    October 11, 2016 at 8:20 pm

    Hello, are you in need of hacking services? Then contact [email protected], he is the best hacker. He helped me and my friends with some issues we had. If you need to
    *hack into email accounts,
    *all social media accounts,
    *school database to clear or change grades,
    *Retrieval of lost file/documents
    *DUIs
    *company records and systems,
    *bank accounts,
    he is really the best. His services are affordable. Don’t waste your time with fake hackers
    CONTACT: alienpredator010[email protected]l

You must be logged in to post a comment Login

Leave a Reply

Cybersecurity

The Pirate Bay is Hijacking PCs to Stealth-Mine Cryptocurrency

Published

on

For the second time in as many months, The Pirate Bay has been caught mining cryptocurrency on your computer without consent. The torrent platform was actually test-driving cryptocurrency mining in your browser – no doubt a lucrative revenue stream.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

The Pirates Are At It Again

The Pirate Bay has been caught using software called Coinhive, a JavaScript library that essentially serves as a cryptocurrency miner. It basically connects to visitors’ computers to mine Monero, one of the world’s most profitable cryptocurrencies.

The news was later confirmed by Bleeping Computer, which reported that,”The Pirate Bay, the internet’s largest torrent portal, is back at running a cryptocurrency miner after it previously ran a short test in mid-September.”

Estimates indicate that the scheme has earned the pirates a total of $43,000 over a three-week period.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Users had no way to opt their computers out of being test-driven by the torrent network. Back in September, The Pirate Bay got away by telling people it was just a test. The site’s owners cannot use the same excuse this time around.

CoinHive advises websites to let their visitors  know their browser is being used to mine cryptocurrency.

“We’re a bit saddened to see that some of our customers integrate CoinHive into their pages without disclosing to their users what’s going on, let alone asking for their permission,” the company said.

The good news is most ad-blockers and antivirus programs will block CoinHive, given its recent abuses. That means not all visitors of The Pirate Pay were being used as a conduit for mining Monero.

Monero Joins Global Crypto Rally

The value of Monero (XMR) shot up nearly 8% on Friday, and was last seen trading at $94.17. With more than 15.2 million XMR tokens in circulation, the total market cap for Monero is $1.4 billion, according to CoinMarketCap. That’s enough for ninth on the global cryptocurrency list.

Twelve cryptos have now crossed the $1 billion valuation mark. A handful of others have made their way north of $500 million.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Breaches

Ethereum Notches Two-Month High as Bitcoin Offspring Triggers Volatility

Published

on

Digital currency Ethereum climbed to a two-month high on Monday, taking some of the heat off Bitcoin and Bitcoin Cash, which have slumped since the weekend.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

Ethereum Forges Higher Path

Concerns over Bitcoin created a favourable tailwind for Ethereum (ETH/USD), which is the world’s No. 2 digital currency by total assets. Ether’s price topped $340.00 on Monday and later settled at $323.54. That was the highest since June 20.

At its peak, ether was up 10% on the day and 70% for the month of August.

The ETH/USD was last down 2.2% at $315.02, according to Bitfinex. Prices are due for a brisk recovery, based on the daily momentum indicators.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Fractured Bitcoin Community

Bitcoin and its offshoot, Bitcoin Cash, retreated on Monday following a volatile weekend. The BTC/USD slumped at the start of the week and was down more than 3% on Tuesday, with prices falling below $3,900.00. Just last week, Bitcoin was trading at new records near $4,500.00.

Bitcoin Cash, which emerged after the Aug. 1 hard fork, climbed to new records on Saturday, but has been in free-fall ever since. The BTH was down another 20% on Tuesday to $594.49, according to CoinMarketCap. Its total market value has dropped by several billion over the past two days.

Analysts say that a “fractured” Bitcoin community has made Ethereum a more attractive bet this week. The ether token has shown remarkable poise over the past seven days, despite trading well shy of a new record.

Other drivers behind Ethereum’s advance are steady demand from South Korean investors and growing confidence in a smooth upgrade for the the ETH network. The upgrade, which has been dubbed “Metropolis,” is expected in the next several weeks. Its key benefits include tighter transaction privacy and greater efficiency.

Ethereum Prices Unaffected by ICO Heist

Fin-tech developer Enigma was on the receiving end of a cyber-heist on Monday after hackers took over the company’s website, mailing list and instant messaging platforms. The hack occurred three weeks before Enigma’s planned Initial Coin Offering (ICO) for September 11.

In addition to defacing the company’s website, the hackers pushed a special “pre-sale” ahead of the ICO. While many users realized it was a scam, 1,492 ether tokens – valued at $495,000 – were directed into the hackers’ cryptocurrency wallet by unsuspecting backers.

The irony in all this is that Engima is a cryptography company that prides itself on top-notch security protocols. The company issued a statement that its servers had not been compromised.

ETH/USD (Bitfinex)

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Cybersecurity

Spotting a Well-Made Investment Scam

Published

on

For every reasonably safe investment, there are 1000 scams and 10,000 reasonably toxic investments. Self-served advertising via social media and search engines exacerbates the problem – people sometimes click ads they think were search results, or, as humans are intended to, simply consumes the content on the screen instead of paying attention to where they’re being redirected to.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

In this article we will review a recent example of a well-executed investment scam.

The intended victim, who did not actually get scammed but alerted this author to the hustle, was led to believe that the above image was redirecting to a CNN news article. This is the actual URL the link went to:

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

http://cnn.com-cat.press/anonymous-is-going-after-global-stock-market/?aref=http%3A%2F%2Ftrck.anony.trade%2Fsite%2Fredirectpage%3Fsid%3D99462%26hv%3Dgjalu5988de395a461839785307%26hid%3D264193#!

Now if you visit com-cat.press, all you see is a directory listing. This site’s entire purpose is to make people believe they are visiting legitimate .com websites, when in fact they are visiting others. It doesn’t always have to be a scam, sometimes it is simple an advertisement, but often enough it is a definite funnel to a scam. In this case, here’s where you wind up, at a place that looks an awful lot like CNN Money:

Again, this is not a real article on CNN. This is promotion for 10Markets.eu.

10Markets.eu is extremely professional looking. The platform looks to capture your details even just for demo trading. Most traders expect hurdles, so one can imagine tons of phone numbers and e-mail addresses entered:

The demo trading screen never loaded for this analyst, but the phone number is fake anyway. Took it from a coffee shop in Germany. Funnily, it appears the German exchange code is 030 in the first place, but you can’t edit that part. They also don’t allow you to visit the site at all if you’re in North America.

The tipster was clever enough to find out if 10Markets.eu was a registered broker or not. They’re not. According to ForexBrokerz.com:

10Markets is a forex and CFD broker that is headquartered in Scotland [sic] and supports the popular MetaTrader 4 platform. It is not licensed by any authority and there is not much information about the trading conditions on its website. What is worse, this broker is present in the warning lists of UK’s FCA, Australia’s ASIC and Cyprus’ CySEC, so we don’t recommend doing business with 10Markets.

There are review websites which help. Regarding 10Markets, we came up with this one.

The tipster happens to have been our own Jonas Borchgrevink. He is equipped with years of experience in website publishing, and this is why he quickly noticed that he was not reading a CNN article. The sad fact is that a high percentage of people who read that article believe it to be real, and a percentage of those people end up getting scammed. As such, here is a checklist for new trading outfits that you haven’t used or heard about before:

  • Always try to get phone support right away. Before creating an account. If no one answers or there is anything suspicious, this is a scam.
  • Always search for “[EXCHANGE NAME]” + “scam,” and read carefully any results that come up. Most scams could stop at one person if others listened to that one.
  • In the US, you can use FINRA to check the legitimacy of an exchange or broker. In the UK, you have FCA. Many countries have sites like these, and it’s important to check the one from the country where the broker does business.
  • Use ad blockers at least when legitimately searching for financial solutions.
  • Check the URL! For every legitimate exchange website, there are a few fake ones designed to steal your account information.

In The Event That You Spot A Scam

Tattle! Spread the word far and wide, not just so others don’t get scammed, but also to give authorities the jump on the thieves. Otherwise, they may exit and get away with all the money before anyone stops them.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Trending