Viruses & Malware
HEI Hotels has issued a notice alerting its customers about a credit card breach. The company first became aware of the issue when its bank card processor told it there was a possible security issue at play. HEI Hotels initiated what it says was an “extensive forensic investigation,” which turned up malware installed on payment processing systems at certain hotels. The current list of affected locations includes hotels under the Marriott, Hyatt, and Westin chains, among others.
New analysis of the command and control panel and attack mechanisms of the Dridex banking Trojan shows the malware is being used in a wider range of malicious campaigns -- and likely by a different set of threat actors than before.
Spain-based security vendor buguroo says it recently was able to leverage a surprisingly easy-to-exploit weakness in the C&C infrastructure of Dridex to gain unprecedented visibility into how exactly the malware is being used.
A major UK newspaper is cleaning up its website after a criminals tried to deliver ransomware to thousands of its readers.
The attack affected the blogs section of The Independent newspaper's website, Joseph C. Chen, a fraud researcher with Trend Micro, said in a blog post Tuesday.
"We have already informed The Independent about this security incident and are working with them to contain the situation," Chen wrote. "For their part, the news website staff was quick to respond and take action to mitigate the risk this event posed to the website itself and its user base."
There is a constant cat and mouse game between malware, security software companies and computer users, and the chance of one side winning the battle seems slim at best.
Malwarebytes revealed recently on Malwarebytes Unpacked how Vonteera, a malware previously classified as adware, operates.
While it may not be of interest to many how that particular malware operates, the methods that it uses to infect computer systems and remain on them may very well be as they are used by other malware as well.
Three new families of "auto-rooting adware," detailed by security researchers at Lookout, are "a worrying development in the Android ecosystem" because each can root the device and install itself as a system application, making the contamination virtually impossible to remove as the infection is designed to survive even a "factory data reset" device wipe.