Hackers' new malware scheme uses fake data breach notes, which was caught by Google Alerts. According to Bleeping Computer's latest report, hackers distribute scams and malware by starting to push fake data breach notifications for big company names.
Cyber attackers directed victims to be dangerous and malicious locations by combining Google Sites, spam pages, and black SEO. The fake notifications were spread, with the help of Google Alerts, disguised as the service monitors search results for user-defined keywords. Hackers used well-known brands to create used comprised of websites or pages.
The security researchers of BleepingComputer were able to identify fake breach notifications for companies like EA, Chegg, Dropbox, Canva, Hulu, Shein, PayPal, Ceridian, Target, Mojang, Hautelook, Houz, and InterContinental Hotels Group. It was reported that these companies have already suffered a data breach at one point in the past.
The victims ended up landing on pages or websites with fake download offers for unwanted extensions and malware, or fake giveaways, after they followed any of the malicious links picked up by Google Alerts. Users will see a text specifically created to promote a fake data breach or a "page not found" message.
Malware deployed by fake breach notifs: Google Alerts identified fake compromised websites created by scammers
Users will face a very different experience compared to going directly on the original page if they use a search engine or Google Alerts link to arrive at one of the fake data breach sites. When the victims clicked on the Google link, they are redirected through multiple addresses until they reach the final site; what is known or its content depends on the location of the users.
The security researchers discovered that the scammers forced unwanted search-related extensions, most of the time. Users were also victimized by fake Adobe Flash update notifications, which are very common, that trick users to install the latest version of the player if they want to access the promised content before the redirect. Mozilla Firefox and Google Chrome web browsers are both vulnerable to the fake alert pop-ups. The report confirmed that in the default configuration, the current versions will no longer support the Flash Player and will be deprecated in December.
On the other hand, a report stated that Asia Pacific's developing markets are affected by malware and ransomware encounters. According to Microsoft's latest report, the findings from the latest edition of its Security Endpoint Threat Report 2019 include 8 trillion threat signals, which were analyzed by Microsoft each day, in 12 months coverage starting from January to December 2019.
The study showed a significant difference between developed and developing countries in terms of exposure to cyber threats and other malicious attacks: developing countries remained vulnerable to threats, in encounter rates across the regions, despite the overall decrease.
"As security defenses evolve and attackers rely on new techniques, Microsoft's unique access to billions of threat signals every day enables us to gather data and insights to inform our response to cyberattacks," said the Assistant General Counsel, Microsoft Digital Crimes Unit, Microsoft Asia, Mary Jo Schrade.
