In the latest tactic targeting Android users, the FakeCalls malware disguises itself as a banking app that impersonates banks when users inevitably call tech support because the app doesn’t work. In other cybersecurity news, Aethon patched hospital robot vulnerabilities that allowed attackers to take control.
Italian fashion firm suffers ransomware-based outages
Following extensive network outages at the end of 2021, Italian fashion company Ermenegildo Zegna revealed the outages were caused by a ransomware attack. They claim the attack resulted in sensitive files being leaked, as Zegna refused to pay the demanded ransom and choose to instead restore their network from backups. Upwards of 20GB of data was uploaded to the leak site of RansomEXX and has been confirmed as authentic by Zegna officials.
Aethon patches critical robot flaws
Hospital robot vendor Aethon has begun distributing a series of patches for 5 vulnerabilities that could allow attackers to illicitly take control of the robots. The flaws were first identified during a routine audit performed by a client healthcare provider and were found to only be harmful if the robots and their command center were connected to the internet, which the auditing client’s robots had not.
California healthcare provider reveals data breach
SuperCare Health has begun contacting patients affected by a July 2021 data breach that exposed a significant amount of sensitive medical data. Amongst the illicitly accessed data was social security numbers and extensive medical records that could allow the attackers to cause significant financial and identity problems for nearly 300,000 patients whose data was being stored by SuperCare Health.
Android banking users being redirected during support calls
A new variant of Android banking malware dubbed ‘FakeCalls’ has users download a disguised banking app. When users inevitably calls tech support for assistance with the unresponsive app, they are redirected to either a pre-recorded message for their specific bank or to one of the malware’s authors. While this malware has only been spotted on Korean devices, it has potential to be used by a larger audience and can dial to victim’s devices impersonating their specific financial institutions to gain additional account details and credentials.
German wind turbine manufacturer shuts down after cyber-attack
German wind turbine manufacturer Nordex Group fell victim to a cyberattack that caused the company to shut down their production and internal systems to prevent further damage. Fortunately, Nordex worked quickly to disable all remote access to their contracted turbines. They were able to stop the intruders from making detrimental changes to turbine protocols or causing the turbines to function beyond their manufacturing thresholds.
