Skip to main content
Welcome to the Weekly Webroot Digest!#HappyFriday

 

This is a weekly series to highlight the best articles and news stories going on in the Community. 

What was your favorite story? What topics would you like to see? Sound off in the comments! :)

 

 

Android DoubleLocker Ransomware Activates Every Time You Hit Home Button

A new ransomware targeting Android devices has been spotted in the wild. Codenamed DoubleLocker, the ransomware abuses Android's Accessibility service and reactivates itself every time the user presses the phone's Home button.

 

An infection chain usually happens when a user is tricked to install a malicious Flash Player app on his device. The app asks for access to the Accessibility service. If the user grants the app this access, the Accessibility service allows the malicious app to mimic user taps. The app abuses this feature to access the Android settings and grant itself admin rights. Below is a video showing this process, along with the DoubleLocker ransom note.

 

Get the full details and see the video for yourself!

 



Here's a Video of the Latest ATM Malware Sold on the Dark Web

A hacker or hacker group is selling a strain of ATM malware that can make ATMs spit out cash just by connecting to its USB port and running the malware.



 

The crew has launched a new website named ATMjackpot and sells the same ATM malware strain, albeit with some modifications.

 

The ATMjackpot crew posted four videos that show how someone can gain access to an ATM's USB port, connect the needed hardware, run the malware, and make the ATM spit out cash.

 

See the video for yourself!

 



Google Busy Removing More Malicious Chrome Extensions from Web Store

Google scrambled last week to remove a malicious Chrome extension from its store and users’ machines after a popular Twitter account disclosed the issue publicly. The incident ramped up again one day later when the developers were able to get two other shady plugins past Google’s defenses before those were removed.



 

The plugin had been available since at least Sept. 22 and made good use of dozens of keywords to entice users to the landing page on the Chrome Web Store.

 

Check out Threatpost for all the details!

 



A new Facebook scam allows your friend contacts to hack your account

Don’t trust messages apparently sent from any of your Facebook Friends asking for urgent help to recover their Facebook account! Researchers have spotted a new Facebook scam designed to deceive people and trick them into giving the attacker access to their Facebook accounts.



 

Below is the step-by-step procedure:


  1. You get a message from an attacker (who is using the compromised account of a Friend)

  2. The attacker asks for your help in recovering their account
  3. Then the attacker triggers the "I forgot my password" feature for your Facebook account
  4. You send the code you've just received to your "friend"
  5. The attacker can now steal your account from you
 

Read the full report and be cautious of suspicious activity!

 



Teen image sharing site reveals security breach affecting over 8 million accounts

We Heart It -- the image sharing service used by at least 40 million teenagers -- suffered a "possible security breach" several years ago. The breach affects more than 8 million accounts that were created between 2008 and November 2013.



 

In an announcement on its website, We Heart It says:

We are in the process of updating all user passwords with this additional encryption as expeditiously as possible. We are also contacting by email all users affected by the breach to inform them of the situation. We strongly recommend that you change your We Heart It password if it has not been updated since 2013. Additionally, if that password was used in any other services, we strongly recommend that you also immediately update your password in those services as well.

Make sure your teenagers change their passwords!

 

 

What was your favorite story of the week?

What stories or topics would you like to see covered next week?

 

Sound off in the comments and let us know! 

Be the first to reply!

Reply