Android Malware Bypasses 2FA by Stealing One-Time Passwords

Posted by & filed under Security Alerts.

Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google’s ban on apps that access SMS and call logs without justification. Google enforced the restriction earlier this year specifically to lower the risk of sensitive permissions where they are not necessary. In theory,… Read more »

Cybercriminals Competing for Cryptocurrency Mining Foothold

Posted by & filed under Security News.

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back to September 2018 the Pacha Group has deployed undetected crypto-mining malware to infiltrate Linux servers and mine cryptocurrency without user permissions. One of the more notable observations discerned by Intezer researchers was the… Read more »

[TA] Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud

Posted by & filed under Security Alerts.

Pacha Group is a crypto-mining threat actor we at Intezer discovered and profiled in a blog post published on February 28, 2019. This threat actor targeted Linux servers dating back to September 2018 and implemented advanced evasion and persistence techniques. We have continued to monitor this threat actor and new findings show that Pacha Group… Read more »

Hackers Stole Over $40 Million Worth Of Bitcoin

Posted by & filed under Security Alerts.

Binance, one of the largest cryptocurrency exchanges in the world, confirmed today that the company lost nearly $40 million in Bitcoin in what appears to be its largest hack to date. In a statement, Binance’s CEO Changpeng Zhao said the company discovered a “large scale security breach” earlier on May 7, as a result of… Read more »