A group of malicious Android Apps that collectively are being called TubeBox have not officially passed 2 million downloads on the Android store. The apps purport to pay users to watch videos when in fact they just attempt to steal financial and personal info. In other cybersecurity news, a Paris teaching hospital fell victim to a ransomware attack over the weekend.
French hospital suffers ransomware attack
Over the weekend, the André-Mignot teaching hospital near Paris fell victim to a ransomware attack that took several critical systems offline and forced dozens of patients to transfer to other medical facilities. Staff were able to quickly isolate the incident from causing additional damage, and officials have confirmed that no other healthcare facilities have been affected. It’s believed that a ransom has been demanded for the hospital to restore its normal functions, though there is no indication that officials are willing to pay it.
Group X card-skimming campaign hits 40 sites in 2022
In the year since first being identified by security researchers, the Group X payment card skimming campaign has already claimed 40 e-commerce sites as victims. They use forgotten domains to access old JavaScript libraries that can be misused to exploit unpatched vulnerabilities. Many of the compromised e-commerce sites use third-party code to run various functions but can easily be overlooked or undocumented when security protocols are created. This leaves them as unsecured attack vectors for threat actors.
Cuba Ransomware grabs attention of international law enforcement
A new report has been released that shows an extreme spike in cyberattacks by the Cuba Ransomware group in the past few months, with the group claiming over 100 victim organizations and a cumulative ransom income of $60 million. The group uses double-extortion tactics that demand a ransom for both the decryption of the victim’s files, and to stop the group from leaking any stolen data. With these tactics, they’ve found remarkable success. Cuba Ransomware chooses victims indiscriminately, as they have targeted a wide range of industries, and tend to focus on known vulnerabilities that the victim organization has neglected to patch.
TubeBox Android malware racks up 2 million downloads
Researchers have been monitoring a new group of malicious Android apps that disguise themselves as a variety of helpful utilities or apps claiming to pay users to watch videos, which have been downloaded more than 2 million times. Most of the apps provide no use or benefit but are designed to keep users engaged while displaying a stream of advertisements or attempting to steal financial or personal information from the victim’s device.
Privacy Investigation over Mercury IT cyberattack begins
The New Zealand Privacy Commissioner has recently begun an investigation into the ransomware attack that has affected the IT service provider, Mercury IT, over the past week. Officials are still working to determine the total number of organizations that may have been impacted by this incident and the overall extent of sensitive information that was compromised. The perpetrators behind this attack are still unidentified, as are the motives behind the attack and any demands being received by Mercury IT.
