Security Alerts & News
by Tymoteusz A. Góral

History
#661 RuMMS: The latest family of Android malware attacking users in Russia via SMS phishing
Recently we observed an Android malware family being used to attack users in Russia. The malware samples were mainly distributed through a series of malicious subdomains registered under a legitimate domain belonging to a well-known shared hosting service provider in Russia. Because all the URLs used in this campaign have the form of hxxp://yyyyyyyy[.]XXXX.ru/mms.apk (where XXXX.ru represents the hosting provider’s domain), we named this malware family RuMMS.

To lure the victims to download the malware, threat actors use SMS phishing – sending a short SMS message containing a malicious URL to the potential victims. Unwary users who click the seemingly innocuous link will have their device infected with RuMMS malware. Figure 1 describes this infection process and the main behaviors of RuMMS.
Read more
#665 7 million unsalted MD5 passwords leaked by Minecraft community Lifeboat
#664 Steam patches broken crypto in wake of replay, padding Oracle attacks
#663 Firefox 46 patches critical memory vulnerabilities
#662 Cisco: Tuto4PC utilities silently install 12M mackdoors
#661 RuMMS: The latest family of Android malware attacking users in Russia via SMS phishing
#660 Hundreds of Spotify credentials appear online – users report accounts hacked
#659 Hacking group “PLATINUM” used Windows’ own patching system against it
#658 If you use Waze, hackers can stalk you
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12