mobile

SMS PVA Part 3: Countries Most Impacted by Cybercriminal Service

Posted on by Admin
SMS PVA Part 3: Countries Most Impacted by Cybercriminal Service

SMS PVA Part 3: Countries Most Impacted by Cybercriminal Service Malware In this final part, we discuss the countries most affected by SMS PVA services as well as lay out several recommendations to mitigate the risks of such threats. By: Trend Micro March 02, 2022 Read time:  ( words) Part two of our blog entry discussed the impacts and implications of SMS PVA services. The article also explored how these services work by using Carousell…

Read More

SMS PVA Part 2: Underground Service for Cybercriminals

Posted on by Admin
SMS PVA Part 2: Underground Service for Cybercriminals

In this sample, we can see an Indonesian mobile number with an “ethnically” matching photograph in Whatsapp (presumed real account of the owner), but with a Russian name in Telegram (account presumed to have been registered using SMS PVA). These are just some illustrations of the common trend we saw on smspva.net. Either the accounts have different names across different services, or the country of the mobile phone does not match the language used in…

Read More

Global Cyberattacks: How to Manage Risk in Times of Chaos

Posted on by Admin
Global Cyberattacks: How to Manage Risk in Times of Chaos

Global Cyberattacks: How to Manage Risk in Times of Chaos Cyber Threats As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices are presented to manage your cyber risk. By: Trend Micro February 24, 2022 Read time:  ( words) While it seems almost cliché now, we are living in unprecedented times. The global pandemic has forced organizations everywhere to deal not only with health and supply-chain challenges, but…

Read More

SMS PVA Part 1: Underground Service for Cybercriminals

Posted on by Admin
SMS PVA Part 1: Underground Service for Cybercriminals

SMS PVA Part 1: Underground Service for Cybercriminals Malware In this three-part blog entry, our team explored SMS PVA, a service built on top of a global bot network that compromises smartphone cybersecurity as we know it. By: Trend Micro February 22, 2022 Read time:  ( words) Smartphones have become a huge part of our daily lives. Not only do they allow us to connect with family and friends, these nifty devices let us become…

Read More

This Week in Security News – February 18, 2022

Posted on by Admin
This Week in Security News – February 18, 2022

Read on:  SMS PVA Services’ Use of Infected Android Phones Reveals Flaws in SMS Verification There has been an increase in short message service (SMS) phone-verified account (PVA) services in the last two years. SMS PVA services provide alternative mobile numbers that customers can use to register for online services and platforms. Malicious actors can register disposable accounts in bulk or create phone-verified accounts for criminal activities. In the following blog, Trend Micro shares the…

Read More

SMS PVA Services’ Use of Infected Android Phones Reveals Flaws in SMS Verification

Posted on by Admin
SMS PVA Services’ Use of Infected Android Phones Reveals Flaws in SMS Verification

Using these code snippets and C&C traffic as fingerprints, we were able to identify two more DEX files with the same functionality but different C&Cs, indicating an active development process and several versions of both the development code and production code of the Android malware. Only text messages sent by specific services and matched by the regex provided by the C&C were intercepted. This is likely to prevent the user of the Android phone from…

Read More

This Week in Security News – February 11, 2022

Posted on by Admin
This Week in Security News – February 18, 2022

Read on:  Hidden Scams in Malicious Scans: How to Use QR Codes Safely The practical approach to life after COVID-19 is for people to learn to live with it and do what they can to manage it. One of the things that is likely to remain for the foreseeable future is the need for cashless and no-contact transactions. Many businesses have responded to this need through the use of quick response (QR) codes, however threats…

Read More

This Week in Security News – January 28th, 2022

Posted on by Admin
This Week in Security News – February 18, 2022

Read on: Codex Exposed Task Automation and Response Consistency In this blog series, Trend Micro explores different aspects of Codex and assess its capabilities with a focus on the security aspects that affect not only regular developers, but also malicious users. Being able to automate tasks or programmatically execute them unsupervised is an essential part of both regular and malicious computer usage. In this series, Trend Micro explores if a tool like Codex is reliable…

Read More

TianySpy Malware Uses Smishing Disguised as Message From Telco

Posted on by Admin
TianySpy Malware Uses Smishing Disguised as Message From Telco

TianySpy Malware Uses Smishing Disguised as Message From Telco Mobile Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been designed to steal credentials associated with membership websites of major Japanese telecommunication services. By: Trend Micro January 25, 2022 Read time:  ( words) This blog was first published here: https://blog.trendmicro.co.jp/archives/29322 It has been some time since SMS or text messaging has become a means to…

Read More

This Week in Security News – January 7, 2022

Posted on by Admin
This Week in Security News – February 18, 2022

Read on: Are Endpoints at Risk for Log4Shell Attacks The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging package Apache Log4j. Exploiting Log4Shell via crafted log messages can allow an attacker to execute code on remote machines. The potential impact of this vulnerability is great enough that it scores a 10.0 rating based on CVSS version 3.x and a 9.3 rating based on CVSS…

Read More
1 2 3 4