An Obscurity Malware Abstract 26 Million Passwords From Windows

As per the research done a colossal accumulation of datas from 1.2TB database includes browsers autofill data, cookies information, usernames and passwords, and payment information has drawn out by anonymous malware.

“This story originally appeared on Ars Technica, a trusted source for technology news, tech policy analysis, reviews, and more. Ars is owned by WIRED’s parent company, Condé Nast.“

The purloined data carries over 2 billion browser cookies, 1.1 million email addresses, 6.6 million document case and around 26 million login testimonials. In some occasions people will store their passwords of their bank accounts or whatever it is, in the form of text files which is created using Notepad.

The cache also includes 650000 Word and PDF files, and over 1 million images.

As per the report , around 3 million computers between 2018 to 2020 were infected by the malware. It also captures screenshot and pictures using webcam after infecting the pc’s.

Probably the aggressor attempt to purloin cryptocurrencies, once it became success with the informations grabbed by him, he will vend the datas to other batch and it usher to a ransomware attack, data violation, and business spying.

Security researchers at NordLocker said, “The truth is, anyone can get their hands on custom malware. It’s cheap, customizable, and can be found all over the web. Dark web ads for these viruses uncover even more truth about this market. For instance, anyone can get their own custom malware and even learn how to use the stolen data for as little as $100.”

In order to verify whether your data is leaked or not you can explore in the website named Have I Been Pwned by entering your mail address or phone number in the search bar. The particulars of the dreadful malware is added in the website.

Malware Is Spread Via WhatsApp By A Fake Netflix App On The Google Play Store

A new day has arrived, and with it comes a new malware designed to deceive Android smartphone users and steal their personal information without their knowledge. Malware disguised as a Netflix app spread via WhatsApp message, which was found on the Google Play store.

The application was built to track the user’s WhatsApp alerts and send automated responses to the user’s incoming messages using content received from a remote command and control (C&C) server, according to a fake application called “FlixOnline” on Google Play.

According to the report, the FlixOnline app had a Netflix-like appearance to deceive users. Not only that, but it also promised users two months of free subscription via WhatsApp messages.

The app that offered a free subscription shared a connection that took users to a website that only collected their personal information, including credit card information. Many Android users mistook the fake app for Netflix and downloaded it.

The malware responds to its victims with the following message, luring them in with the promise of a free Netflix subscription:

“2 Months of Netflix Premium Free at no cost For REASON OF QUARANTINE (CORONA VIRUS)* Get 2 Months of Netflix Premium Free anywhere in the world for 60 days. Get it now HERE https://bit[.]ly/3bDmzUw.”

When the malware is downloaded and installed from the Play Store, it begins a service that demands permissions for ‘Overlay,’ ‘Battery Optimization Ignore,’ and ‘Notification.’

If the permissions are issued, the malware will be able to distribute its malicious payloads and send out auto-generated replies to incoming WhatsApp messages using the payload obtained from the C&C server.

Users that have been infected with the malware can uninstall the application and update their passwords, according to Check Point researchers.