Cyberthreats are getting higher every year. Here are some that will get your attention.
Android Malware Steals Financial Data from 378 Financial Apps
The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research.
“The new trojan already has active distribution campaigns and is targeting 378 banking and wallet apps with overlays,” ThreatFabric’s CEO Cengiz Han Sahin said in an emailed statement. First campaigns involving ERMAC are believed to have begun in late August under the guise of the Google Chrome app.
Since then, the attacks have expanded to include a range of apps such as banking, media players, delivery services, government applications, and antivirus solutions like McAfee.
New zero-day is being exploited to compromise Macs
Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and iOS 12.
Flagged by researchers Erye Hernandez and Clément Lecigne of Google’s Threat Analysis Group and Ian Beer of Google Project Zero, the vulnerability is a type confusion issue found in XNU, the kernel of Apple’s macOS and iOS operating systems.
As usual, Apple did not share any details about the flaw and said only that it allows a malicious application to execute arbitrary code with kernel privileges.
Another Google TAG threat analyst shared that CVE-2021-30869 is being exploited in conjunction with previously known WebKit vulnerabilities, and said that more details will be released after 30 days.
2021 has broken the record for zero-day hacking attacks
A zero-day exploit—a way to launch a cyberattack via a previously unknown vulnerability—is just about the most valuable thing a hacker can possess. These exploits can carry price tags north of $1 million on the open market.
And this year, cybersecurity defenders have caught the highest number ever, according to multiple databases, researchers, and cybersecurity companies who spoke to MIT Technology Review. At least 66 zero-days have been found in use this year, according to databases such as the 0-day tracking project—almost double the total for 2020, and more than in any other year on record.
But while the record-setting number grabs attention, it can be hard to know what it tells us. Does it mean there are more zero-days being used than ever? Or are defenders better at catching the hackers they would have previously missed?
“An increase is for sure what we’re seeing,” says Eric Doerr, vice president of cloud security at Microsoft. “The interesting question is what does it mean? Is the sky falling? I’m in the camp of ‘Well, it’s nuanced.’”