Cloud Security News: Week in Review is our blog series, grabbing the more interesting cloud security scoops from the web. Sit back, relax, and catch up on all you should know about this week.
Malware, ransomware, and… some more ransomware. According to Forbes, a new malware targeting Android phones has achieved what is said to be the biggest theft of Google accounts to date. If you’re an Android user, you might want to read more below. In other malware news, the San Francisco train system was hit by a ransomware attack last Saturday, leading to the city’s transportation agency showing some unexpected generosity to its riders. Last but not least, a new ransomware is incorporating tech support scams into its plan of attack. Tech support calls can be a tad frustrating at times, but this puts a whole different spin on things. Read below for more in-depth details.
By Thomas Fox-Brewster (@iblametom)
Beware Android users, there’s a new type of malware in town that’s doing some serious damage. Introducing: “Gooligan” – cleverly named, and unfortunately, very successful. According to Forbes, an estimated 1.3 million Android phones have been infected by Gooligan since August. Wondering how it works? Android users are exposed to an advertising fraud scheme that forces them to download third-party apps and then give fake reviews on Google Play once the malware takes full control of their phone. Meanwhile, the hackers are making an estimated hundreds of thousands of dollars every month for each app download and ad click.
By Elizabeth Weise (@eweise)
Live in the City by the Bay? If you do, you might have enjoyed some free train rides this past Saturday, due to a ransomware attack on the San Francisco Municipal Transportation Agency (SFMTA, aka “Muni”). The cybercriminals behind the attack took control over the light rail ticket machines, demanding approximately $73,000 worth of Bitcoins in exchange for ceasing disruption. Luckily, the attack did not stop the physical running of the train system, so instead of shutting it down, Muni decided to give its users a special post-Thanksgiving gift of some free rides.
By Charlie Osborne (@SecurityCharlie)
Yet another variety of ransomware has been discovered. This time, involving technician support scammers. Unlike typical ransomware demanding payment be made in Bitcoin, this ‘Vindows Locker’ ransomware demands the victim to pay up by calling a Microsoft technician. Unbeknownst to the caller, the tech support specialist that picks up is a fraud, and though they may promise to decrypt the encoded files, they have no intention of doing so.