ICT Security-Sécurité PC et Internet
87.1K views | +0 today
Follow
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Google Chrome: Beware these malicious extensions that record everything you do | #Droidclub #SessionReplay #CyberThreats

Google Chrome: Beware these malicious extensions that record everything you do | #Droidclub #SessionReplay #CyberThreats | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - February 19, 2018 9:40 AM

Google has removed 89 malicious extensions from the Chrome Web Store that have been installed on over 420,000 browsers, turning them into Monero-mining slaves and loading a tool to record and replay what their owners do on every website they visit.

Researchers at Trend Micro dubbed the family of malicious extensions Droidclub and discovered they included a software library with so-called "session-replay scripts" used by online analytics firms.

Princeton's Center for Information Technology in November drew attention to the increasing use of session-replay scripts by third-party analytics firms on high-traffic websites.

The study looked at replay services from Yandex, FullStory, Hotjar, UserReplay, Smartlook, Clicktale, and SessionCam, which were found on nearly 500 popular sites.

The scripts allow a site owner to essentially shoulder-surf their visitors by recording and replaying your "keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit".

But instead of allowing a site owner to record and play back what users do on one site, Droidclub extensions allow the attacker to see what victims do on every single site they visit.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cyberespionage

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Privacy

 

https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Session-Replay+Scripts

 

Gust MEES's insight:

Google has removed 89 malicious extensions from the Chrome Web Store that have been installed on over 420,000 browsers, turning them into Monero-mining slaves and loading a tool to record and replay what their owners do on every website they visit.

Researchers at Trend Micro dubbed the family of malicious extensions Droidclub and discovered they included a software library with so-called "session-replay scripts" used by online analytics firms.

Princeton's Center for Information Technology in November drew attention to the increasing use of session-replay scripts by third-party analytics firms on high-traffic websites.

The study looked at replay services from Yandex, FullStory, Hotjar, UserReplay, Smartlook, Clicktale, and SessionCam, which were found on nearly 500 popular sites.

The scripts allow a site owner to essentially shoulder-surf their visitors by recording and replaying your "keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit".

But instead of allowing a site owner to record and play back what users do on one site, Droidclub extensions allow the attacker to see what victims do on every single site they visit.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cyberespionage

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Privacy

 

https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Session-Replay+Scripts

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Smominru! Half a million PCs hit by cryptomining botnet | #CyberSecurity #CryptoJacking #Malware #Updates #Awareness

Smominru! Half a million PCs hit by cryptomining botnet | #CyberSecurity #CryptoJacking #Malware #Updates #Awareness | ICT Security-Sécurité PC et Internet | Scoop.it
From www.tripwire.com - February 1, 2018 11:22 AM
Why go to all the bother of writing ransomware that demands victims pay a Bitcoin ransom? If all you want is cryptocurrency, why not use the infected computers to mine the crypto coins themselves?

That way you don’t have to rely on a human victim buying some Bitcoin, and nervously making their way onto the dark web to make their ransom payment.

According to security researchers at Proofpoint, that’s exactly the reasoning shown by online criminals who are moving from regular ransomware to cryptomining.

A Monero-mining botnet called Smominru is said to have infected 526,000 Windows PCs since May 2017 – mostly in Russia, India, and Taiwan – and is earning millions of dollars for its operators.

 

In fact, the biggest clue that most users will have that their computers may be affected by a cryptominer is if they found the PC is slowing down, its battery running out at a quicker rate, or the fan blowing at full blast.

 

Don’t make the mistake of thinking that this is a victimless crime. If your computers get recruited into a cryptomining botnet like Smominru, it’s your electricity and computer power that is being stolen.

 

Keep your computers up-to-date with security patches, defended with layered security solutions, and your wits about you.

 

Learn more / En savoir plus / mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Coinhive

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=cryptojacking

 

Gust MEES's insight:
Why go to all the bother of writing ransomware that demands victims pay a Bitcoin ransom? If all you want is cryptocurrency, why not use the infected computers to mine the crypto coins themselves?

That way you don’t have to rely on a human victim buying some Bitcoin, and nervously making their way onto the dark web to make their ransom payment.

According to security researchers at Proofpoint, that’s exactly the reasoning shown by online criminals who are moving from regular ransomware to cryptomining.

A Monero-mining botnet called Smominru is said to have infected 526,000 Windows PCs since May 2017 – mostly in Russia, India, and Taiwan – and is earning millions of dollars for its operators.

 

In fact, the biggest clue that most users will have that their computers may be affected by a cryptominer is if they found the PC is slowing down, its battery running out at a quicker rate, or the fan blowing at full blast.

 

Don’t make the mistake of thinking that this is a victimless crime. If your computers get recruited into a cryptomining botnet like Smominru, it’s your electricity and computer power that is being stolen.

 

Keep your computers up-to-date with security patches, defended with layered security solutions, and your wits about you.

 

Learn more / En savoir plus / mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Coinhive

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=cryptojacking

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Krypto-Mining-Malware bremst Windows-Server | #CyberSecurity #CryptoCurrency #CryptoMining #Monero #Awareness

Krypto-Mining-Malware bremst Windows-Server | #CyberSecurity #CryptoCurrency #CryptoMining #Monero #Awareness | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - February 4, 2018 10:48 AM
Sicherheitsexperten von Proofpoint untersuchten das Mining-Botnet Smominru, das auf mehr als 500.000 Windows-Maschinen die Kryptowährung Minero schürft.

Nach Erkenntnissen von Sicherheitsexperten der Firma Proofpoint missbrauchen Kriminelle die Rechenleistung von mehr als einer halben Million Windows-Systemen, um die Kryptowährung Minero zu "schürfen". Laut Proofpoint handelt es sich bei den befallenen Maschinen vor allem um Windows-Server, von denen viele in Russland, Indien, Taiwan und der Ukraine laufen. Im Beobachtungszeitraum von Mai 2017 bis Januar 2018 hätten die Angreifer Mineros im Wert von rund 3,6 Millionen US-Dollar ergattert.

Server unbrauchbar
Auf den Stromkosten bleiben die Geschädigten sitzen, außerdem vermuten die Sicherheitsforscher, dass viele der befallenen Server wegen der zusätzlichen Rechenlast nur noch eingeschränkt funktionieren.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=cryptojacking

 

 

Gust MEES's insight:
Sicherheitsexperten von Proofpoint untersuchten das Mining-Botnet Smominru, das auf mehr als 500.000 Windows-Maschinen die Kryptowährung Minero schürft.

Nach Erkenntnissen von Sicherheitsexperten der Firma Proofpoint missbrauchen Kriminelle die Rechenleistung von mehr als einer halben Million Windows-Systemen, um die Kryptowährung Minero zu "schürfen". Laut Proofpoint handelt es sich bei den befallenen Maschinen vor allem um Windows-Server, von denen viele in Russland, Indien, Taiwan und der Ukraine laufen. Im Beobachtungszeitraum von Mai 2017 bis Januar 2018 hätten die Angreifer Mineros im Wert von rund 3,6 Millionen US-Dollar ergattert.

Server unbrauchbar
Auf den Stromkosten bleiben die Geschädigten sitzen, außerdem vermuten die Sicherheitsforscher, dass viele der befallenen Server wegen der zusätzlichen Rechenlast nur noch eingeschränkt funktionieren.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=cryptojacking

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn