Gamers beware! The Android spyware Ratel has been found disguising itself as the Hamster Kombat clicker game on an unofficial Telegram channel to deliver intrusive advertisements. Meanwhile, researchers have uncovered a new Braodo Stealer that pilfers login credentials and banking details. As per Europol’s IOCTA 2024 report, millions across the EU are at heightened risk from phishing, fraud, and digital skimming attacks, with a troubling rise in cryptocurrency-related crimes. Continue reading for more cybersecurity updates from the last 24 hours.
01
The Android spyware Ratel has been found posing as the Hamster Kombat mobile game, distributed via an unofficial Telegram channel, and targeting Android users through fake app stores that deliver unwanted advertisements.
02
Researchers identified a Vietnamese-based malware, Braodo Stealer, that leverages PowerShell commands, GitHub downloads, and Python execution to steal login credentials and banking details from victims' systems.
03
Scammers are exploiting legitimate blockchain protocols like Uniswap and Safe.global to deceive users and transfer funds from victim wallets to their own.
04
A Python malware—featuring a keylogger, screenshot grabber, and mouse logger to capture user activity and exfiltrate data—has been discovered. It also includes a self-deletion feature and appears to be in the testing phase.
05
A security bypass vulnerability CVE-2024-21412 in Microsoft Defender SmartScreen has been exploited as part of a new campaign targeting North America, Spain, and Thailand to deliver infostealers such as ACR Stealer, Lumma, and Meduza.
06
The U.K’s NCA, in collaboration with other law enforcement agencies, disrupted DigitalStress, a DDoS-for-hire service responsible for tens of thousands of cyberattacks, including DDoS and booster attacks.
07
An XSS vulnerability (CVE-2024-0981) in the Okta Browser Plugin versions 6.5.0 through 6.31.0 for Chrome, Edge, Firefox, and Safari could allow threat actors to execute arbitrary Javascript code.
08
According to Europol’s IOCTA 2024 report, millions in the EU face daily risks from phishing and fraud, attacks on SMEs, and digital skimming of e-merchants and banks, with increasing use of cryptocurrencies in crimes.
09
Linx Security, an identity security and governance solutions provider, secured $33 million in early-stage funding led by Index Ventures, Cyberstarts, Cerca Partners, and other investors.
10
Canadian cybersecurity startup Protexxa banked $10 million in Series A funding, led by Bell Ventures, Bell Canada, and Sandpiper Ventures, with additional investments from others.
