Reading Time: 3 minutes
Comodo Threat Research Labs (CTRL) has announced that it has detected a new family of financial malware dubbed as “Gugi/Fanta/Lime”. It is a sophisticated Banking Trojan that can bypass the standard security protocols of an Android operating system (version 6), and take over the operating system. The financial malware seeks system privileges and user credentials, and once it gains them it acquires complete control of the Android device.
CTRL has detected the malware to be active in Russia. This Trojan places an authentic looking counterfeit interface program layer over a genuine application such as the Google Play Store or other mobile banking apps. It tricks users and makes them believe that the interface is genuine and makes them reveal their login credentials and other sensitive information such as credit card and debit card details.
How The Malware Infection Takes Place
Cybercriminals employ social engineering and phishing to initiate the infection. They send out spam messages that contain a hyperlink. If the user is not wary enough and clicks on the hyperlink then the user is taken to a malicious website and is asked to click on another link. Clicking initiates download of Trojan-Banker.AndroidOS.Gugi.c onto the user’s device.
The “Gugi/Fanta/Lime” Trojan now seeks the user’s permission – as from Android version 6 explicit permission of the device user/owner is required for certain permissions for apps as well as for superimposing screens/windows over other apps. If the user grants permission then the Trojan overlays the interface of authentic Google Play Store apps and other mobile banking applications with phishing windows for stealing user credentials.
The malware actually “forces” the user to grant all the needed permissions. While the message on the screen seeks seemingly authentic permission requests, actually the Trojan seeks permissions for app overlay, device administrator rights; send, view and receive SMS and MMS; make calls, read and write contacts, and all other rights it desires. The Fanta Trojan also requests permission for BuildConfig, HindeKeybroad, and ContextThemeWrapper. The malware acquires phone details such as the IMEI (International Mobile Equipment Identity), IMSI (International Mobile Subscriber identity), SubscriberId, SimOperatorName and SimCountryIso.
If the user denies permission at any time then the “Gugi/Fanta/Lime” Trojan will completely block the infected device. To regain access to the device, the user has no other option other than to reboot in safe mode and then try to remove/uninstall the Trojan using security solutions.
The Trojan sends an SMS to a Command and Control (CnC) server to establish contact. It uses the WebSocket protocol for interacting with its CnC servers. The malware now overlays authentic app screens with phishing windows and steals all information that is entered on the screens – this includes login credentials and card details.
The “Gugi/Fanta/Lime” Trojan has been mainly used to attack users in Russia till now, and considering its potency, it can be expected to be used worldwide in the future.
How to stay protected?
- User/employee education on cyber security
- Users must not click on links in SMS from unknown sources or open attachments from unknown sources.
- It would be safer not to click on any links in any SMS. The true expansion of the hyperlink can be verified and then opened.
- Be wary of providing permissions.
- If an app asks for privileged access then be extra wary before providing the permissions.
- Phishing SMS and mails may come from spoofed genuine IDs. Be conscious and wary about such attempts.
Huobi expands fiat gateway to support AUD, GBP and EUR through Banxa
Huobi Global, the world’s leading digital asset exchange, today announced support for the Australian dollar (AUD), British pound sterling (GPB), and Euro (EUR) through Banxa, an internationally compliant fiat-to-crypto gateway solution. The partnership allows users in Australia, UK, and the European Union to purchase cryptocurrencies with their official fiat currencies.
By integrating with Banxa’s payment solutions, Huobi is able to provide users with more flexibility and choice in payment methods, while also enabling a seamless user experience. Users can access the new fiat-to-crypto gateway directly from the Huobi OTC site and deposit AUD, GBP, or EUR to begin trading cryptocurrencies in just a few clicks. Funds can be instantly added to a user’s account using bank transfers, debit/credit card, and other preferred payment methods with zero fees.
“Our partnership with Banxa allows us to support three of the world’s most widely-used fiat currencies, marking a significant milestone in our global expansion,” said Ciara Sun, Vice President, Global Markets at Huobi Group. “With our newly expanded fiat gateway, we want to help accelerate crypto adoption by making digital assets much more easily accessible to the masses. This integration introduces a new point of access for users in Australia, UK, and the European Union looking to enter the crypto market.”
Domenic Carcosa, founder and Non-Executive Chairman of Banxa said. “Huobi is a first mover heavyweight, with some of the most innovative products and services in the industry. As digital assets become mainstream and move toward mass adoption, regulation and transparency are key to building trust. That is why we’ve chosen to partner with Huobi.”
From the ‘Buy Crypto’ page on Huobi OTC, users can select the digital asset they’d like to purchase, choose their fiat currency, and enter the fiat value or asset quantity for purchase. After selecting their preferred payment method, which includes Visa and Mastercard transactions, users can purchase up to $20,000 USD worth of digital assets in a single transaction. The daily purchase limit is $15,000 and the monthly purchase limit is $60,000.
Users are also required to submit a one-time identity verification as part of the transaction process. Once completed and the payment approved, users can access their assets in their exchange account within a few minutes. From there, users can immediately select a trading pair and start crypto-to-crypto trading.
Sun added, “As we bolster our global presence and expand into new markets, we will continue adding new fiat on-ramps to give all users a frictionless onboarding experience. We recently set out on an ambitious new goal to empower 100 million households worldwide to own digital assets, so we want to ensure we make it faster, easier, and more secure for new users to get started.”
Australian Cyber Week 2020 showcases vibrant, growing sector
Today, the Federal Minister for Industry, Science and Technology, The Hon Karen Andrews MP, launched the fourth annual Australian Cyber Week, a week-long series of events and activities nationally coordinated by AustCyber – the Australian Cyber Security Growth Network.
The official launch event, featuring Minister Andrews, Innes Willox of the Australian Industry Group, Chris Painter of the Global Forum on Cybersecurity Expertise, industry heavyweight David Thodey and AustCyber’s CEO Michelle Price, will highlight the shift to digital through the COVID-19 pandemic and how it is accelerating the economy – a theme that will be explored further throughout the week through almost 30 events spanning the full breadth of the cyber security landscape for those within the sector, but also well beyond.
Held from 26-30 October, Australian Cyber Week 2020 provides opportunities for Australian cyber security and related organisations to showcase their capabilities and network with peers, potential investors and customers. It also provides an excellent way for cyber curious individuals and organisations to better understand what cyber security can do and mean for them.
“Cyber Week 2020 is one of AustCyber’s key programs under our mission to grow a globally competitive cyber security sector,” said Michelle Price, CEO of AustCyber. “The events during Australia’s Cyber Week connect Australian cyber capabilities with key domestic and international stakeholders who are contributing to the growth and success of the sector and creates further opportunities to enhance future economic growth.”
Australian Cyber Week has traditionally featured in-person events and activities at various locations across Australia. In 2020, AustCyber is debuting a new virtual conference platform which features 100% Australian technology. The 3D ‘circuit board city’ is the gateway to daily live events, a networking hub and exhibition hall showcasing booths which feature sovereign products and services. Online events will be complemented by in-person events in South Australia and Western Australia, facilitated through AustCyber’s National Network of Cyber Security Innovation Nodes.
“Each day, Australian Cyber Week has a feature event to demonstrate our globally completive cyber security ecosystem,” said Ms. Price. “The range of speakers is broad – ranging from CEOs of large corporates and venture capital investors, to ethical hackers, school students with a keen interest in cyber, and those with disabilities working within the sector.”
Later today, AustCyber in partnership with Cynch Security, Deakin University and RMIT University, will explore small business attitudes towards cyber security. While small businesses have had to fight for survival during the COVID-19 crisis, the unprecedented period of digital adoption has left many exposed to threats they are unprepared for. As Australia looks towards the future again, there has never been a more important time than now to understand the challenges this sector faces. This event will provide paths forward for building cyber fitness in the most vulnerable businesses.
AustCyber has partnered with CISO Lens and cyber security accelerator CyRise to host Sky’s the Limit on Tuesday 27 October. This event will feature ten Australian cyber security companies delivering short pitches to executives from ASX listed companies from key Australian sectors including advanced manufacturing, health, consumer services, mining and financial services.
To underline the importance of digital trust in keeping our digital activity secure and resilient, during an event on 28 October, AustCyber will simulate a significant cyber-attack on Australia through a hypothetical situation. Experts from the Australian Energy Market, Siemens Digital Industries Australia, TOLL Group and cohealth come together to examine the impact on critical infrastructure, crucial parts of our society and how it would impact almost all of us.
The National Missing Persons Hackathon 2020, held on 29 October, is one of the most innovative events to be held in Australia this year and is being held in partnership with the Australian Federal Police, National Missing Persons Coordination Centre and Trace Labs.
This event will see the gathering of ethical hackers and investigators using online investigative techniques within the bounds of the law to find new leads on 12 real missing persons cases in Australia. Contestants will be using their cyber skills to gather open source intelligence (OSINT) on long-term and current missing persons using only information that is publicly available on the internet. The goal of this is to generate new leads on cases that can aid the relevant Australian policing jurisdictions in their investigations.
“We are excited to be returning for 2020 and going virtual for the first time,” said Linda Cavanagh, National Network Lead at AustCyber and Founder of the National Missing Persons Hackathon. “Theoretical concepts are put aside so participants can operate in real time, with real data, for real human impact. Imagine the possibility of a missing person case being solved by the community using crowdsourced cyber skills! Helping close a case would be a great result and show the value and power of OSINT.”
How Comodo’s Auto-Containment Technology Is Helping an IT Company Provide Ransomware Protection to Clients
Reading Time: 3 minutes
The proliferation of ransomware in recent times has made many companies sit up and assess their existing IT infrastructure, especially their IT security solutions. While many of the security solutions that businesses have been using for several years now help to mitigate the threat of ransomware, they are not built to thwart these threats completely.
This is one of the main reasons the number of ransomware attacks surged during the first half of 2020. One company that realizes the need for better protection ransomware and other cyber-threats is Global Tech Solutions.
The Problem That Led the Founder of Global Tech Solutions to Comodo’s Auto Containment and Threat Detection Technology
Based in Rockville, Maryland, Global Tech Solutions provides a one-stop-shop for a wide array of first-class IT solutions specifically tailored to meet the individual needs of businesses. The company allows businesses to get the most out of their use of technology by offering a diverse range of tech services that improve profitability and growth.
The team at Global Tech Solutions looks to achieve client satisfaction through a holistic understanding of their technological needs and specifications. “For over 25 years, we have provided trusted support and innovative solutions to solve organizations’ most important Information Technology issues. We are committed to ensuring every customer finds success through technological solutions that drive results,” says Jessy Nguyen, the CEO and founder of the company.
Before founding Global Tech Solutions, Jessy Nguyen was working for a company that used Webroot and Malwarebytes as its antivirus and threat detection platform. While Nguyen was still at the company, one of the accounting teams got malware through a Word document and it infected the whole department.
As the person in charge of the company’s IT security, Nguyen was searching for a better solution than the existing one when he came across Comodo which had the auto-detection feature. At that time, ransomware was a widespread problem. Knowing this, Nguyen contacted Comodo for a demo. Thereafter, the company implemented Comodo in its IT infrastructure. Soon, all the threats were detected and contained and there was zero infection in the whole IT ecosystem.
This impressed Nguyen and when he created Global Tech Solutions, Comodo was a natural choice and preferred partner for him.
How the Partnership with Comodo Is Helping Global Tech Solutions to Provide Individualized Tech Solutions to Clients While Maintaining Top-Notch Security
Global Tech Solutions chose Comodo’s Dragon Platform with Advanced Endpoint Protection (AEP), which is a patent-pending auto containment technology with active breach protection that neutralizes ransomware, malware, and cyber-attacks.
One of the main reasons Global Tech Solutions chose Comodo was because of its auto containment and threat detection feature. The auto containment runs an unknown executable in a kernel API virtualized mode, thereby offering attack surface reduction (ASR), which neutralizes ransomware attacks.
Additionally, Comodo’s AEP utilizes a Default Deny Platform to provide complete protection against zero-day threats while having no impact on end-user experience or workflows. Lastly, Comodo’s Valkyrie gives a trusted verdict on all files related to ransomware phishing and malware. “We partnered with Comodo because we needed first-class solutions with robust features and functionality, in a simple dashboard, without high overhead cost,” remarked Nguyen.
While the advanced technology of Comodo improves the operations of Global Tech Solutions, Nguyen says that the best part about working with Comodo is its customer service. According to him, whenever he has an issue or doesn’t know how to do something, there’s always someone on the line guiding him through the whole process to help resolve any issues that he or his clients may have.
“Comodo’s Dragon platform gives us and our clients relief knowing that endpoints will not be compromised by a ransomware attack or malware. We switched some customers from Webroot to Comodo because of the flawless and proactive threat protection and the cutting-edge auto-containment features. The complete solution set, which includes AEP, RMM, Service Desk, Mobile Device Management, and Secure Internet Gateway, has enabled us to offer streamlined and extensive features and functionalities without adding a high cost to us or our customers,” says Nguyen.
Comodo’s solutions provide Nguyen and the team at Global Tech Solutions with actionable intelligence and the capacity to protect all domains of business activity and threat—from network to web to cloud—with confidence and efficacy.
According to Alan Knepfer, President and Chief Revenue Officer at Comodo, “We’re constantly expanding our product and service portfolio to help our partners gain the technological advantage and edge over their competition.”
Global Tech Switched Customers from Webroot and Malwarebytes to Comodo after Malware Infections
TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE Source: https://blog.comodo.com/comodo-news/how-comodos-auto-containment-technology-is-helping-an-it-company-provide-ransomware-protection-to-clients/
What the VR is Going on at Facebook? Accounts, Store Content and the Splits
Jay-Z announces new line of cannabis products dubbed Monogram
The Rockefeller Foundation commits USD1 billion to catalyze a green recovery from pandemic
PJM Named a Top Adoption-Friendly Company in the United States for 14th Consecutive Year
Top 10 Blockchain-as-a-Service (BaaS) Providers
Defining Value in Supplier Selection: An NSK Perspective
LBE VR: Past, Present and Post Civid Future
Do I need to Buy One Whole Bitcoin? 3 BTC Questions I’m Tired of Answering
ReneSola Power and Novergy to Form Joint Venture to Develop Solar Projects in the UK
S&P Global Platts Announces Finalists for ‘Leadership in Energy Transition Award’
Founder´s Packs now available for the first AAA blockchain game BLANKOS BLOCK PARTY
Kevin Hart Jokingly Calls Crypto “Voodoo Money” While Kanye West Takes Bitcoin Seriously on Joe Rogan’s Podcast
Lenovo to Sell Varjo’s Enterprise VR Headsets
The Virtual Arena: The Ascendance of Arena-Scale Entertainment – Part 2
ICL Agrees to Acquire Fertiláqua, a Leading Brazilian Specialty Plant Nutrition Company
How these fintech partnerships are shaking up finance
Four key storylines of BLAST Premier Fall Series
FMC Corporation Announces New Executive Role, Vice President and Chief Sustainability Officer, and Elects New Vice President of Procurement and Global Facilities
Ant Group Chairman Eric Jing: Blockchain Will be the New Standard of the Future Financial Infrastructure
Cross border payments part 1: the competition is really, really old
Decarbonization Plus Acquisition Corporation Completes Initial Public Offering
SESCO Lighting Announces new CEO
Discussing roster changes, recent tournaments, and NA teams in Europe on HLTV Confirmed S5E12 with smooya
Humic-based Biostimulants Market worth $848 million by 2025 – Exclusive Report by MarketsandMarkets™
The Carlyle Group to acquire Calastone
Tyler Jacks, founding director of MIT’s Koch Institute, to step down
How to Shiny Hunt in Dynamax Adventures in Pokémon Sword and Shield’s The Crown Tundra expansion
March joins T1’s Dota 2 roster as head coach
Huobi expands fiat gateway to support AUD, GBP and EUR through Banxa
P2P Lending Platform SeedIn Rebrands to BRDGE, Plans Expansion Into Indonesia
Malaysia Airlines Operates More Than 200 Rescue and Repatriation Flights During RMCO, CMCO
Water Treatment Chemicals Market to Surpass $85,341.8 Million Revenue by 2030: P&S Intelligence
Daqo New Energy Announces ADS Ratio Change and Further Amendment and Restatement to Deposit Agreement
How to Shiny Hunt the Regis in Pokémon Sword and Shield’s The Crown Tundra expansion
Third party tests confirm HYZON Motors’ new liquid-cooled fuel cell stack leads the world in power density
Polyethylene Furanoate Films Market Size Worth $800.9 Thousand By 2035: Grand View Research, Inc.
Elkem signs MoU with FREYR for supply of battery materials
Air Canada Adding Doha To Its Route Network With A Boeing 787-9
How to get Volcanion and Diancie in Pokémon Sword and Shield’s The Crown Tundra expansion
Woman ‘locked in’ ambulance for Doha Airport genital exam
Techcrunch1 week ago
Original Content podcast: It’s hard to resist the silliness of ‘Emily in Paris’
Blockchain6 days ago
Bitcoinnami Officially Launches on October 21, 2020
Startups1 week ago
Solve the ‘dead equity’ problem with a longer founder vesting schedule
Startups1 week ago
Three views on the future of media startups
Startups1 week ago
Pear hosted its invite-only demo day online this year; here’s what you might have missed
Startups1 week ago
VCs reload ahead of the election as unicorns power ahead
Esports1 week ago
Legendary Pokémon encountered in Sword and Shield’s Dynamax Adventures have 100-percent catch rate
Cyber Security1 week ago
TikTok Launched a Public Bug Bounty Program in Collaboration with HackerOne