As a clear indication of how law enforcement views the commercial disclosure of stolen information, the FBI has seized the WeLeakInfo.com domain and international law enforcement arrested two individuals for selling subscriptions to data exposed in breaches. These accessed credentials were then used to conduct attacks in the UK, Germany, and the US.
Some fraudsters have set up a scam site claiming to be for a data protection fund created by the U.S. Federal Trading Commission (FTC) to offer financial compensation to users whose personal data appeared in information leaks. This is a reinterpretation of the classic advance-fee scam where the victim makes a small payment inebriated by the promise of getting a much larger sum in return.
The TrickBot Trojan has received an update that adds a UAC bypass targeting the Windows 10 operating system so that it infects users without displaying any visible prompts. A UAC bypass allows programs to be launched without displaying a User Account Control prompt that asks users to allow a program to run with administrative privileges. In a new TrickBot sample, Head of SentinelLabs Vitali Kremez discovered that the trojan is now using the Windows 10 Fodhelper bypass.
A ransomware with the un-snappy moniker of “5ss5c” has emerged on the scene and appears to be in active development. According to independent researcher Bart Blaze, the malware is the successor to the Satan ransomware, and its authors are still experimenting with focused targeting (China, for now) and features.
Serious vulnerabilities have recently come to light in three WordPress plugins that have been installed on a combined 400,000 websites, researchers said. InfiniteWP, WP Time Capsule, and WP Database Reset are all affected. The highest-impact flaw is an authentication bypass vulnerability in the InfiniteWP Client, a plugin installed on more than 300,000 websites. It allows administrators to manage multiple websites from a single server.
The FBI, in a change of policy, is committing to inform state officials if local election systems have been breached, federal officials said Thursday. In the past, the FBI would alert local governments about attacks on their electoral systems without automatically sharing that information with the state. That meant state officials, left in the dark, might be in a position of certifying the accuracy of election results without realizing there had been problems in individual counties.
Google has made a concerted effort in recent months to try to eliminate bad apps for its Android mobile platform on the Google Play store—something the company historically has battled. However, fleeceware apps—which trick users into paying excessive amounts of money for simple apps with functionality that’s available free elsewhere—are still getting past Google’s radar in significant numbers, according to security researchers.