UK malware attacks

[Maik]

Angler exploit kit targets up to 156 million UK Daily Mail readers in malvertising spree
The Angler exploit kit has compromised the Daily Mail's online domain, potentially exposing up to 156 million readers a month to malicious advertising.

Malvertising is a persistent problem for online domains who rely on advertising revenue to stay afloat. In order to increase the click-through rates of ads -- increasing revenue for domain owners -- third-party networks often tailor advertising you see based on data such as search history or topics of interest.

These advertising networks are commonly used by popular websites which reach millions of users a month, making them a potentially lucrative attack vector for cybercriminals looking to compromise your systems.

Known as malvertising, attackers will pay for adverts to be displayed on web domains which link to malicious domains. If a victim clicks through, they are potentially exposing themselves to malware payloads, PC compromise and may also be enticed to submit their sensitive data if they believe themselves to be on a legitimate website.

The malware then fired known Internet Explorer and Adobe Flash Player exploits to the victim's system.

If the victim's PC was not fully patched and up-to-date, vulnerabilities in IE and Adobe Flash player allowed the exploit kit to infect the system, which then received a nasty payload of ransomware known as CryptoWall.

http://www.zdnet.com/article/angler-targets-156-million-uk-daily-mail-readers-in-malvertising-spree/

Hackers siphon off $31 million from British bank accounts
Crime agencies from across Europe partner with the FBI to investigate and shut down the spread of Dridex banking malware.

Hackers have stolen more than £20 million ($31 million) from British online bank accounts using hostile, intrusive software that harvested user log-in details.

Once a computer has been infected with Dridex, hackers can gain access and steal the owner's bank details. Money can then be slowly siphoned out of an account on a monthly basis.

On Tuesday, the National Crime Agency warned Internet users in the UK to be vigilant, particularly people using computers running Windows software.

Only British bank accounts have been affected so far, but financial institutions all around the world have been targeted by Dridex.

Cyberattacks by professional hackers usually target individuals by tricking them into clicking a link that downloads the malicious software to their devices, often without them knowing. Attackers can then use the malware to either steal from a device, or to remotely take control of it.

http://www.cnet.com/news/hackers-siphon-off-31-million-from-british-bank-accounts/

Interestingly, Dridex doesn't rely upon any vulnerabilities or sneaky shortcuts in its quest to infect your Windows PC. Instead, the malicious hackers spam out their attacks as email attachments using social engineering lures to trick potential victims into opening, say, a poisoned Word document and enabling macros to allow the malicious code to run.

https://grahamcluley.com/2015/10/security-problem/

[Maik]

Adobe Flash is putting your computer at risk – and there’s no patch yet

Just hours after releasing its regular “Patch Tuesday” bundle of security fixes, Adobe issued another security bulletin warning about a critical vulnerability that is being actively exploited by hackers to install malware onto computers in targeted attacks.

Unfortunately for computer users, the vulnerability is present in the latest Adobe Flash Player 19.0.0.207, as well as earlier versions for Windows and Macintosh. (Sorry, Linux lovers it’s also in the Flash 11.2.202.535 and earlier for your platform too).

One step you could take is to consider completely uninstalling Flash from your computer.

That’s a decision that more people are beginning to make, but I suspect that the majority of computer users aren’t quite ready for it.

Alternatively, consider enabling “Click to Play” in your browser.

http://www.welivesecurity.com/2015/10/15/adobe-flash-zero-day/

[TonyKath]

Angler exploit kit targets up to 156 million UK Daily Mail readers in malvertising spree
The Angler exploit kit has compromised the Daily Mail's online domain, potentially exposing up to 156 million readers a month to malicious advertising.

Malvertising is a persistent problem for online domains who rely on advertising revenue to stay afloat. In order to increase the click-through rates of ads -- increasing revenue for domain owners -- third-party networks often tailor advertising you see based on data such as search history or topics of interest.

These advertising networks are commonly used by popular websites which reach millions of users a month, making them a potentially lucrative attack vector for cybercriminals looking to compromise your systems.

Known as malvertising, attackers will pay for adverts to be displayed on web domains which link to malicious domains. If a victim clicks through, they are potentially exposing themselves to malware payloads, PC compromise and may also be enticed to submit their sensitive data if they believe themselves to be on a legitimate website.

The malware then fired known Internet Explorer and Adobe Flash Player exploits to the victim's system.

If the victim's PC was not fully patched and up-to-date, vulnerabilities in IE and Adobe Flash player allowed the exploit kit to infect the system, which then received a nasty payload of ransomware known as CryptoWall.

http://www.zdnet.com/article/angler-targets-156-million-uk-daily-mail-readers-in-malvertising-spree/

Hackers siphon off $31 million from British bank accounts
Crime agencies from across Europe partner with the FBI to investigate and shut down the spread of Dridex banking malware.

Hackers have stolen more than £20 million ($31 million) from British online bank accounts using hostile, intrusive software that harvested user log-in details.

Once a computer has been infected with Dridex, hackers can gain access and steal the owner's bank details. Money can then be slowly siphoned out of an account on a monthly basis.

On Tuesday, the National Crime Agency warned Internet users in the UK to be vigilant, particularly people using computers running Windows software.

Only British bank accounts have been affected so far, but financial institutions all around the world have been targeted by Dridex.

Cyberattacks by professional hackers usually target individuals by tricking them into clicking a link that downloads the malicious software to their devices, often without them knowing. Attackers can then use the malware to either steal from a device, or to remotely take control of it.

http://www.cnet.com/news/hackers-siphon-off-31-million-from-british-bank-accounts/

Interestingly, Dridex doesn't rely upon any vulnerabilities or sneaky shortcuts in its quest to infect your Windows PC. Instead, the malicious hackers spam out their attacks as email attachments using social engineering lures to trick potential victims into opening, say, a poisoned Word document and enabling macros to allow the malicious code to run.

https://grahamcluley.com/2015/10/security-problem/

We've had emails with very dodgy looking links and one asking why we were suing him [!] with a
Word attachment which might as well have had a filename like wreckyourpc.doc.

Tony