Another Thursday has landed, and so too have the usual threats, bugs, glitches and updates
This week’s Threat Thursday sees Emotet return with some nasty new powers and a bundle of patches from Microsoft. Time’s a-wasting, so let’s jump right in!
Emotet Performs Wi-Fi Drive-By; Infection Rates to Go Sky-High, We’d Imply
The runner-up in our ‘Trojans That Sound Like Benevolent Egyptian Gods’ competition and one of the Worst Malwares of 2019 has returned - with a less-than welcome new trick up its sleeve.
A recent strain of the Emotet malware, discovered by analysts at Binary Defense, can now spread itself from any infected devices to nearby Wi-Fi networks. From here, the malware makes further efforts to infect anything else connected to that network. This suggests powerful new capabilities for the trojan, which enters systems via malicious spam emails and already boasts some advanced evasive manoeuvres. In some sandbox environments, it can even hide itself in the presence of virus-sniffing software.
Worryingly, this hijacking ability might only be ‘new’ to us victims. As explained in their analysis, Binary Defense discovered a timestamp on one of Emotet’s executables, dated April 2018. In other words, Emotet might well have been pulling this heist right under our nose for two years - and we’ve only just found out about it.
The good news? Emotet works on vampire logic; so long as you don’t invite it in, it can’t wreak half as much havoc. If your Wi-Fi connections are secured with adequate passwords and protections, and you’re clued up on the signs of malicious phishing emails, it’s much less likely to slip into your systems.
Anubis Would Happen: Malware Evolves with New Keylogging and Ransomware Capabilities
Overall winner of the aforementioned ‘Trojans That Sound Like a Benevolent Egyptian Gods’ Award, Anubis is now part of a new phishing campaign specifically targeting Android devices, hijacking them entirely and performing a veritable laundry list of nastiness; locking the device, encrypting files, sending, receiving and deleting text messages and recording user audio. Quite a fall from grace for the Egyptian God of the Underworld, if you ask us.
The trojan currently targets over 250 Android apps, and infection begins via – say it with me! – a provocative phishing email.
The email itself contains an app attachment which, when opened, presents a spoofed “Google Play Protect” warning message. Approving this message not only allows the malware to start infecting your Android device, but also shuts down Google Play Protect entirely.
Of the 250 apps Anubis now targets, few of them stray from its banking trojan roots and many of those affected belong to banks and financial institutions. In the UK at least, it appears that the Santander, HSBC and RBS apps are all targeted. The money-grubbing tactics don’t end there either, as Anubis also attaches itself to Amazon and eBay apps.
If you’re an Android user, we can’t stress the importance of a renowned and reputable anti-virus – not least when so many of the Play Store’s free anti-virus offerings are worse than useless. And please, people, don’t open any emails or attachments you don’t recognise. So long as you keep doing it, hackers will keep exploiting it. So there.
Forward-Thinking Folk Fix Firefox Faffs
Mozilla Firefox - the browser beloved by us tiresome elitists who wouldn’t be caught dead using Google Chrome, thank you very much – has had a raft of security updates in its latest release, Firefox 73.
As always, we recommend updating to the latest version as soon as possible. If you’re one of the smart and handsome few already using Firefox, you can check for the latest updates from the options menu within Firefox. Simply click ‘Help’, then ‘About Firefox’ to search for the latest version. But you already knew that, didn’t you?
And Now, the Monthly Patch Tuesday Updates!
Microsoft’s monthly Patch Tuesday has landed, and it’s one of their biggest yet – fixing 99 problems across several Microsoft products. Adobe, meanwhile, have a comparatively slight 42 updates releasing this week – but that doesn’t make them any less notable.
We couldn’t let such a record-breaking Patch Tuesday go by without some sort of celebration, however – so here’s a musical rundown of exactly what to expect from your latest Microsoft and Adobe patches.
Sing along, everybody! - https://www.youtube.com/watch?v=Q86nf7mpOXk
Windows 10, in a little update,
Had a lot of problems to eliminate
Remote Code Execution flaws,
And updates for new Edge, of course.
Internet Explorer, too
Had vulnerabilities, old and new
Don’t let your systems go awry;
There’s 99 Windows bugs going by
99 Windows bugs - 10 of which are critical,
87 are important
And 2 are merely moderate
Microsoft has sprung to life,
And opened up one eager eye
Another Patch Tuesday is Nigh
As 99 Windows bugs go by.
Windows 7’s aging plenty
(It was retired this 2020)
But fixes for remote code exploits
Were nonetheless, this month deployed
So long as your systems’ updated
These problems are eliminated
There’s plenty more to explore, mind,
As 99 Windows Bugs go by.
99’s a lot to get through,
So let’s look at Adobe too;
There’s new fixes for Acrobat,
And aging Flash Player, at that
Framemaker, Adobe Reader,
Haven’t escaped patching, either
42 fixes, in all
But not quite close to 99 at all.
…For more details on these updates
The patch notes for both are below.
Prevent your systems getting sickly;
Install these latest updates, quickly.
And please, let me apologise
For this awkward choice of song.
I thought it was a modern classic
Obviously, I was wrong.
And that wraps up another week of Threats, fixes, forgeries and phishers. Join us next week for yet more of the latest cyber security news!
Or maybe you’d prefer the latest updates straight to your inbox? We’ve got you covered – simply fill out a couple of very small details in the form to the right and we’ll make sure Threat Thursday is emailed directly to you each week.