Weekly Cybersecurity Recap April 15
Table of Contents
- By Steven
- Published: Apr 15, 2022
- Last Updated: May 18, 2022
The week has gone by and had its fair share of digital attacks. Search Google's News section for "digital attacks" or "cyber-attacks" in the previous week, and you will find at least one story of a digital attack published nearly every single hour of the day going back several months.
The moral of this story is that a business or other organization that does not have the latest digital security protections in place should add them as soon as possible. It is only a matter of time until businesses of every type are targeted, regardless of their industry and niche. Let's look at some of the most notable cyber-attacks of the week.
Tarrask Malware
Microsoft is dishing the details on a new form of malware called Tarrask. The new malware stems from Chinese hackers. To be more specific, Microsoft insists the Hafnium hacking crew sponsored by the Chinese government masterminded the malware. Tarrask targets computers with Windows operating systems. Tarrask has zeroed in on businesses in the telecommunication, internet service, and data services industries.
Microsoft states the attacks started this past summer, quickly converting to zero-day exploitations of Microsoft Exchange Servers. The malware abuses scheduled tasks while sidestepping digital safeguards to compromise the Windows operating system's subsystems.
Android Phone and Banking Hack
Google is sounding the alarm regarding a new hack that seizes control of Android phones and bank accounts accessed through those phones. The attack is advanced to the point that it can obtain access to the phone and bank account in less than 10 seconds. Anyone who owns an Android phone with outdated apps that have not been updated in a year or longer is vulnerable to the attack.
The attack makes it appear as though the Android phone is off, causing the screen to go blank to hide the criminal activity. The attack even disables notifications to create the impression that the phone is perfectly fine. The hackers then take control of the phone, taking confidential information such as passwords, PINs, banking account login credentials, and more.
FFDroider and Lightning Malware
Cybersecurity specialists are highlighting FFDroider and Lightning malware. These forms of malware steal targets' information, setting the stage to implement attacks. The attack is disguised as a Telegram messaging app. The stealers planted on target devices proceed to gather web browser cookies, keystrokes, screen captures, files, and more, sending them to a remote attacker-controlled domain for exploitation.
BlackCat Ransomware Pounces on Victims
BlackCat ransomware sank its teeth into Florida International University and a Nigerian betting business called Bet9ja. The ransomware attack stole confidential information from the targets and posted it to a darknet website. The ransomware attack prevented Bet9ja clients from accessing their accounts for an extended period of time. The attack also stole the social security numbers and other personal information of Florida International University students, professors, administrators, and others.
BlackCat uses Fender to steal sensitive information from targets. The hackers then demand that a ransom be paid to prevent the publication of the stolen information on the darknet site. BlackCat ransomware attacks have also victimized several other academic institutions. However, as of the time of this publication, representatives from the compromised institutions have not stated whether they have met the BlackCat ransomware hackers' financial demands.