Tag: malware

AI, Cloud Talk, Programming, Security, Tech

Social Pain Points

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Monk 1: I have been reading on this site called “Scriptingthewhy,” they seem on the level.
Monk 2: How!? We don’t have internet in the temple.
Monk 1: Oh yes we do, I’ve seen your browser history.
Photo by Nishant Aneja, please support by following @pexel.com

Since the dawn of time, the one thing humans enjoy doing is communicating with one another. Just try to think of a day when you didn’t have a social interaction with someone. You can’t, but if you can then you may be something more to worry about than a serial killer.

Serial killers may do not-so-great things to people but at least they socialize. Anyhow moving along, we’re social creatures, it’s how we’re built, how we live together in not-so-perfect harmony, and it’s how we exploit each other. How?

Well, if you’re using these two apps on your phone or computer, you should watch out for some sneaky stuff going on while you’re logged in. In this we’re going to be looking at what kind of attack this is, who is using it, its effects upon release, and what are some ways to communicate with your fellowman securely.

Trish: I feel like I fell in love with a scammer.
Dave: Hm, that’s funny because you catfished me Cougarlove6tothe9 at yahoo.
Photo by Polina Zimmerman, please support by following @pexel.com

The Attack

If you are familiar with the following two applications, Slacker and Discord, then you might want to monitor for some activity in the days to come and if you don’t use these applications then still monitor anyway as this is one of the security best practices.

The Slacker application is a software tool that allows users to communicate and collaborate with each other in real-time. It can be used for various purposes, such as project management, team chat, file sharing, video conferencing, and more.

The Slacker application aims to improve productivity, efficiency, and creativity among its users. Slacker can also be a land of confusion because another trait of most humans working jobs they’re not too thrilled about is disorganization. Discord application is another popular platform for online communication and collaboration.

Discord allows users to create and join servers, channels, and voice chats, where they can share text, images, audio, and video. Discord also supports bots, which can provide various functions and features to enhance the user experience.

Discord is widely used by gamers, streamers, educators, and communities of various interests and topics. However, while these applications offer good, cybercriminals use them to distribute malicious links that appear to be legitimate or to embed Discord functionality into their malware to control or steal data from infected devices.

Cougarlove6tothe9 just joined your Slacker and Discord? Who the heck is this?
Photo by Andrea Piacquadio, please support by following @pexel.com

Who Can It Be Now

Are you wondering who has been using this kind of attack? Well, when it comes to attacks like this, most of the time no one individual or group has been appointed for using phishing attacks.

The reason for this is that the perpetrators of phishing attacks are often unknown and untraceable, as they use various techniques to hide their identity and location.

Phishing attacks are not attributed to any specific person or group, as they can be carried out by anyone with malicious intent and some technical skills. Therefore, there is no definitive answer to the question of who is behind phishing attacks, as they can originate from anywhere and anyone.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Sarah: Z-Daddy is saying that anyone of us could be the hacker.
Beth: Just blame it on Tom, he’s the one in front of the computer. They’re going to let him go in a week anyway.
Photo by Edmond Dantes, please support by following @pexel.com

That Sinking Feeling

So how would something like this work? For those who never had those interesting emails saying you won some type of giveaway, or your prince or princess is waiting for you, we’ll explain.

In a phishing campaign, the email or message is sent with the intent to trick the victim into interacting with the malicious link. Once the link is clicked and depending on the payload code, a number of things can happen.

This ranges from creating a backdoor to stealing information from the machine, the attacker coming, and going as pleased without the victim knowing, and/or impersonating you completely.

These attacks can target individuals, organizations, or even governments. Discord has become a handy mechanism for cybercriminals. With growing frequency, they’re being used to serve up malware to victims in the form of a link that looks trustworthy.

In other cases, hackers have integrated Discord into their malware to remotely control their code running on infected machines, and even to steal data from victims. This leads to a real “How could you!?” moment.

Nope, not falling for this again. Cougarlove6tothe9 I’m changing all my passwords, and you are blocked from contacting me.
Photo by Karolina Grabowska, please support by following @pexel.com

The Prevention

There is nothing wrong with the applications themselves however, when interacting with individuals online it is better to be on guard as phishing attacks can take many forms, such as fake emails, websites, phone calls, or text messages that appear to come from legitimate sources.

To prevent phishing attacks, users should be careful and vigilant when interacting with any online communication that asks for sensitive information. Some tips to prevent phishing attacks are, do not click on links or open attachments from unknown or suspicious senders.

Verify the identity and authenticity of the sender before responding to any request for information. Use strong and unique passwords for different accounts and change them regularly.

Enable two-factor authentication whenever possible to add an extra layer of security. Install and update antivirus software and firewall on your devices. Report any suspicious or fraudulent activity to the appropriate authorities or organizations. But for a better and more solid outcome, just do not engage the email or message.

So, this is why you guys Scriptingthewhy so much? Ok, we’ll add it to our standup meetings.
Photo by Jopwell, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on phishing? Script a comment below.

Security, Tech

Updating Google, We’re Tring…

Dude, how’d your account go to zero? We just got paid.
Photo by Visual Tag Mx, please support by following @pexel.com

Brokewell = Not Well

One thing is insanely clear if you spend enough time on the internet. Hackers, threat actors, bad actors, whatever you want to call them. They want your money, there’s no better way we can address this. And the insane thing is, just as you work hard for your money, there’s someone, somewhere, working just as hard to take it.

Why? Well, at the heart of it all, we all have bills to pay. And bills never ask where’d the money came from. We’re heading back to Google because Google is turning out to be a “download and find out” mess. A new malware is making its rounds dressed as a brand we all know and might be losing trust.

This version of Capital One is the worst.
Photo by Nicola Barts, please support by following @pexel.com

A malware by the name of Brokewell has been discovered, and unlike most malware on the market, you don’t have much thought into what it does. It leaves you “broke” and your bank saying “Oh, well.” Remember, in the IT world, the names are never clever, they’re straight to the point.

This little “leave you in debt” collector does several things when downloaded onto a machine. This is done by masking itself as an update for Google Chrome. When Brokewell infects a machine, it prompts the user to grant access to accessibility services.

Once permission is granted by the user, Brokewell then grants itself permissions on the user’s behalf, and from there can begin installing other malicious applications, steal user credentials, and whatever other task it has programmed. For the time being, Brokewell has been caught targeting applications like Google Chrome, ID Austria, and Klarna.

This isn’t your bank account, I’m just updating the firmware…for your bank.
Photo by Sora Shimazaki, please support by following @pexel.com

Some tips to keep your money and identity safe are thoroughly checking what’s being downloaded onto your machine, combing through File Explorer to check for possibly unwanted programs (PUPs), and keeping anti-virus software up to date. This solution isn’t 100%, no security is, but keeping up with best practices won’t leave you broke.

Enjoy what you read? Why not consider subscribing for more?

Don’t forget to share.

Security, Tech

Spinning on The Play Store Could Cost

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Dear Lord, what’s not safe now?
Photo by Andrea Piacquadio, please support by following @pexel.com

Hold on tight, we don’t think the coast is clear for the Google Play Store just yet. Many times, when you visit the Google Play Store it’s to pick up a new idle game to cure the boredom of your phone.

However, certain apps are being delivered with a bit of spice added called a “trojan”. And trust us when we say this is not something you want mucking up your lifestyle.

We question the thought; could one be 100% safe when downloading apps from the marketplace? We’ll be answering that question along with covering what the attack is, how it’s used, why it’s being used and some effects since its release, and what are some ways you can protect your machine.

There’s always a surprise inside.
Photo by Dids, please support by following @pexel.com

The Attack

First for those who are not familiar with what a trojan is in the computing world. A trojan is malware that is made to look like a legitimate application.

You can think of this as dating someone, letting them move in, and later finding out that not only did they eat everything in your fridge, but they also took the liberty to empty your wallet as well.

Clearly, people in relationships tend to get hoodwinked. Now, the current threat among many plaguing the Play Store and is set as being unknowingly downloaded over 400 million times in counting is called SpinOk.

A thing to note, when it comes to naming things in IT (Information Technology), the names are typically based on their functionality. Like if you think of a Trojan virus and remember the story of the Trojan horse. Trust us though, SpinOk isn’t okay.

Herb: I bet you that guy right there hacked my phone.
Samual: How you know it’s the kid with the hoodie?
Photo by Kampus Production, please support by following @pexel.com

Who Can It Be Now

No one threat actor has been named just yet for the creation of SpinOk but it has been placed within apps on Google’s Play Store as a gaming treat.

Many times, threat actors would make use of banking applications to lure and collect information but as times change, so do cybercriminals tactics.

Detour:

Below are a few apps reported to have the trojan.

  • Macaron Match (XM Studio) – 1 million downloads
  • Macaron Boom (XM Studio) – 1 million downloads
  • Jelly Connect (Bling Game) – 1 million downloads
  • Tiler Master (Zhinuo Technology) – 1 million downloads
  • Crazy Magic Ball (XM Studio) – 1 million downloads
  • Happy 2048 (Zhinuo Technology) – 1 million downloads
  • Mega Win Slots (Jia22) – 500,000 downloads

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Trish: They explained it and now I get hacked less.
Sarah: That’s so cool, maybe I should read a few scripts.
Photo by Christina Morillo, please support by following @pexel.com

Sinking Feeling

So, to give an idea of how something like this operates, we’ll use the relationship where we were hoodwinked from earlier. You meet someone online because that’s just how our society is now thanks to technology, and things are going swell. The conversations are there, having a lot of things in common are there, and everything is more than perfect.

You think “Hey, I want to live with this person because I can see a future with them.” And so, you both agree to move in together. This is an exaggeration of picking an app but just bear with us. After a while of living together, you notice your place isn’t as clean as you used to have it.

The food seems to be dwindling and money is starting to become a bit of a problem as you don’t have as much as you used to. Surprise, this was your lover’s intent all along.

They had disguised themselves as someone you could see a life with when really, they just wanted to clean house in your bank account, and not only that but they gave all your information to other people for a price.

This is a lengthy example, but this is how the SpinOk trojan works. Most gaming apps offer pop-ups redirecting you to URLs (Uniform Resource Locator) offering “daily rewards” which is normal for mobile gaming however, while this redirection is happening a number of malicious tasks are being completed.

Such as the aggregation of directory files, photos, videos, and the collection of your personal information. All this goes back to a remote server owned by the threat actor to be either used or sold to interested parties over the Internet.

No viruses, trojans, or malware are allowed here by order of the king.
Photo by Kris Schulze, please support by following @pexel.com

The Prevention

To answer the question, we had in thought from the opening, the only way to be 100% safe is by not downloading the app at all. Other than that, keep in mind you’re taking a risk with each download.

If you have an anti-virus application on your device, make sure that is up to date along with all your applications and the operating system of your device as there will be patches to fix vulnerabilities.

And make sure you scan your device often to ensure there are no present threats and if you find one, isolate it and remove it immediately. SpinOk may have your head spinning but now knowing about it is one step to keeping you and your bank account okay.

Nice, I still have money in my account. I think I have time for one script.
Photo by Andrea Piacquadio, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on SpinOk? Script a comment below.