Connect with us

TECHNOLOGY

Malware that steals credentials, credit card details abuse biggest new games 

September 15, 2022 7:19 p.m.

In the first half of 2022, Kaspersky researchers detected increased activity of cybercriminals abusing gamers. The number of users attacked by malicious software, which gathers sensitive data and spreads under the guise of some of the most popular gaming titles, has increased by 13% compared to the first half of 2021. 

In attempts to download new games from untrustworthy resources for free, players actually received malicious software, losing their gaming accounts and even money. These and other findings are part of the gaming-related threats report issued by Kaspersky. 

To assess the current landscape in gaming risks, Kaspersky experts observed the most popular PC and mobile games-related threats. Overall, between 1 July 2021 and 30 June  2022, Kaspersky security solutions detected more than 384,000 users affected by almost 92,000 malicious or unwanted unique files that mimicked 28 games or series of games.

In addition to the large number of downloaders that are able to install other unwanted programs, and adware, Kaspersky researchers even detected Trojan-Spies – a category of spyware capable of tracking any data entered on the keyboard and taking screenshots.

The research also revealed a growth in attacks made with malicious software that steals sensitive data from infected devices. It included Trojan-PSW, which gathers victims’ credentials, Trojan-Banker, that steals payment data, and Trojan-GameThief, which collects login information for gaming accounts. 

From July 1st, 2021 to June 30th, 2022 Kaspersky security solutions detected a total of 3,705 unique files distributing this malicious software under the guise of popular games or series of games. In the first half of 2022, Kaspersky researchers observed a 13 percent increase in the number of users attacked with it in comparison to the first half of 2021. The number of such unique files used to infect users also increased in the first half of 2022 by nearly a quarter, compared to the same period in 2021: 1,868 and 1,530 files, respectively.

Most often, users receive malicious files when they try to download games not from official sites, but from third-party webpages. This is especially true if a new game is quite expensive and the player wants to save money by finding a copy for free on untrustworthy sites. However, they will lose much more than if they had bought a legitimate version. For example, many malicious files steal login information for gaming accounts, banking details and even crypto wallet data by infecting devices.

Attackers purposely seek to spread threats under the guise of games that either have a huge captive audience or that have only recently been released and are constantly on gamers’ radars. Well-known games such as Roblox, FIFA or Minecraft, for example, as well as the new parts of big series of games, released during the last year – Elden Ring, Halo, and Resident Evil – were actively abused by attackers who spread RedLine malware under their guise.

RedLine is password-stealing software, which extracts sensitive data from the victim’s device such as passwords, saved bank card details, cryptocurrency wallets, and credentials for VPN services. 

From July 1, 2021 to June 30, 2022 Kaspersky solutions detected 2,362 unique users attacked with RedLine, spread under the guise of popular games, which makes it the most active threat family for the period given. Redline is usually sold for a very low price on various hacker forums, therefore, it has huge popularity among cybercriminals.

In addition to spreading malicious files, attackers continue to actively create and spread new phishing pages in the gaming sphere. For the first time Kaspersky experts discovered a new scheme of phishers attacking gamers. Mimicking the whole interface of in-game stores for CS:GO, PUBG and Warface, scammers create fraudulent pages, offering potential victims a decent arsenal of various weapons and artifacts for free. 

To receive the gift, players need to enter login data for their social network accounts, such as Facebook or Twitter. After taking over accounts, attackers are likely to search through personal messages for card details, or ask various friends of the victim for money, preying on their trust and carelessness.

https://lh6.googleusercontent.com/IzIVXFoTvAw8K7rdyTnhPlEi8Y9D60aeSk2Ox-rsiaCpfGkt4EeNgIAxHNV99GZfl7bhclATDMrmZ6wPIy5wgJoE496s2nBkqu3QgEk1Npc62ujcrWKhjPoeQXu82FEjF3f7Z88N5K56rnvbkwmVFIs

Scammers create fake in-game store mimicking the PUBG mobile interface. The scheme encourages users to log in using their social media credentials

“During the pandemic the gaming industry was greatly boosted, increasing the number of gaming fans several times over. As we can see, cybercriminals are actively abusing this trend, creating more and more new schemes and tools to attack players and steal their credit card data and even game accounts, which can contain expensive skins that can later be sold. We expect to see new types of attacks on gamers in the next year. For example, strikes on Esports, which are now gaining huge popularity around the world. That’s why it’s so important to always be protected, so you don’t lose your money, credentials, and gaming account,” comments Anton V. Ivanov, senior security researcher at Kaspersky.

Read about other gaming-related threats in 2022 in the full report on Securelist.

To stay safe while gaming, Kaspersky recommends:

  • It is safer to download your games from official stores like Steam, Apple App Store, Google Play or Amazon Appstore only. Games from these markets are not 100 % secure, but they at least are checked by store representatives and there is some kind of screening system: not every app can get into these stores.
  • If you wish to buy a game that is not available through major stores, purchase them from the official website only. Double-check the URL of the website and make sure it is authentic.
  • Beware of phishing campaigns and unfamiliar gamers. Do not open links received by email or in a game chat unless you trust the sender. Do not open files you get from strangers.
  • Do not download pirated software or any other illegal content, even if you are redirected to it from a legitimate website.
  • A strong, reliable security solution will be a great help to you, especially if it will not slow down your computer while you are playing, but at the same time, it will protect you from all possible cyberthreats. For example, Kaspersky Total Security works smoothly with Steam and other gaming services.
  • Use a robust security solution to protect yourself from malicious software and its activity on mobile devices, such as Kaspersky Internet Security for Android.

TECHNOLOGY

Ultra tough HONOR X9a 5G gets tested in an experiential launch in Philippines; priced at P16,990

January 23, 2023 3:01 p.m.

Celebrities, guests from the media, and partners have been gathered in an overnight event at Taal Vista Hotel Tagaytay to experience the toughness of the new HONOR X9a 5G.

“To see is to believe, that’s why we came up with this launch that really puts HONOR X9a 5G’s toughness to the test. Our guests have seen first-hand how durable our new phone is and we are very confident that the activities we laid out for have showcased the top-of-the-line performance of HONOR X9a 5G,” said Stephen Cheng, HONOR Philippines Vice President for Marketing.

During the afternoon festivities, guests were challenged to participate in games that highlighted HONOR X9a 5G’s top specs such as shooting its screen with a toy gun and in a paired drop test where one has to throw and the other catches. A selfie area in front of Taal also brings out the best in HONOR X9a 5G’s super triple camera capturing the crisp and accurate colors of the famous volcano. The viral phone has also withstood the outdoor badminton and smash challenges.

HONOR X9a 5G Specs

Sporting a 120Hz Premium OLED Curved Display, the HONOR X9a 5G brings users a large screen of 6.67-inch with an impressive screen-to-body ratio of 93%, guaranteeing an immersive viewing experience for all your favorite content.

An ultra-large 5100mAh battery in a compact body awaits you too. So far, the HONOR X9a 5G is the thinnest and lightest smartphone to feature a battery larger than 5000mAh, which allows it to support up to 2 days of daily use for a truly uninterrupted user experience. With just 30 minutes of charging, the HONOR X9a 5G delivers 12.5 hours of video streaming, sparing users from having to worry about their battery.

Designed for a style conscious audience, the HONOR X9a 5G is available in two stunning colors: Titanium Silver and Emerald Green. Starting from January 20 to February 3, the HONOR X9a 5G will be available to purchase via all HONOR kiosks and partner online stores –  Lazada (http://bit.ly/3XHFPIC), Shopee (http://bit.ly/3XzEfrS), Tiktok Shop (http://bit.ly/3kfHhTS), and Home Credit.

HONOR fans can finally avail the HONOR X9a 5G via Home Credit, for as low as Php 661 per month with insurance, Php 765 without insurance, and on a 0% interest installment payment.

HONOR X9a 5G is priced at P16,990 with FREE HONOR Earbuds X3 Lite worth P3,999.

For more information and announcements, you may visit HONOR’s website www.hihonor.com or social media platforms: Facebook (Facebook.com/HonorPhilippines), Instagram (Instagram.com/honorphilippines/) and TikTok: (Tiktok.com/@honorphilippines).

Continue Reading

TECHNOLOGY

Miscommunications in IT security lead to cybersecurity incidents in 62% of companies

January 12, 2023 5:58 p.m.

More than half of top-tier managers (62%) admit that a miscommunication with the IT department or IT security team has resulted in at least one cybersecurity incident in their organizations.

In terms of personal attitudes, the majority of non-IT executives cited a diminished sense of cooperation between different teams (34%) and said this situation makes them question their colleagues’ skills and abilities when communication with their IT-security employees was unclear (33%).

The recent Forrester analytics survey says that companies spend an average of 37 days and $2.4 million to detect and recover from a cybersecurity breach. To determine how much mutual understanding between executives and information security teams affects a company’s cyber resilience, Kaspersky conducted a global survey of more than 1,300 business leaders. 

According to the results of the study, 98% of non-IT respondents experienced miscommunications regarding IT security. With regards to consequences, most often a breakdown in communications leads to serious project delays (67%) and cybersecurity incidents (62%). Almost one-third of respondents (30% and 27% respectively) even said that they had even encountered these issues more than once. Among other negative effects are a wasted budget, the loss of a valued employee and deteriorating relationships between teams –situations that occurred to 61% of respondents.

In addition to worsening business indicators, unclear communication with IT-security employees also affects the emotional state of the team and makes executives question IT-security employees’ skills and abilities. Also, 28% executives admit that misunderstandings make them lose confidence in the business’ safety and 26% of them find this situation makes them nervous, which affects their work performance. 

“Clear communication between a company’s executives and IT security management is a prerequisite for corporate business security,”  comments Alexey Vovk, Head of Information Security at Kaspersky.

 ”The challenge here is to put oneself in the others’ position, to anticipate and prevent serious misunderstandings. This means that, on the one hand, CISOs should know the basic business language to better explain the existing risks and need for safety measures. On the other hand, a business should also understand that information security in the 21st century is an integral part of business and budgeting for it is an investment in protecting company assets,” adds Vovk.

To make the communication between IT security and business functions within the company more transparent, Kaspersky recommends the following: 

  • Understanding professionals from another sphere requires not only empathy but also additional knowledge. While IT security workers could get more information about basic business terms and concepts in various training courses, non-IT executives have an opportunity to walk in a CISO’s shoes to get insights on the most relevant IT security challenges. 
  • Both IT and non-IT managers should not lock themselves in a professional “information bubble”. Staying aware of the agenda in both the business and cybersecurity worlds is another key to successful communication and mutual understanding between them.
  • Cybersecurity specialists should use reliable and understandable arguments when communicating their needs to the board and justifying their cybersecurity budget. Use information about the threats and security measures most relevant to your particular industry and company size to prove the probability of risks and the protective measures needed. Resources such as IT Security Calculator and reports based on experts’ observations can significantly ease this task.
  • Today when cyber threats are becoming more and more relevant and companies are forced to increase their information security budgets, it’s extremely important to allocate cybersecurity investments to tools with proven efficacy and ROI. This means tools that lower the level of false positives and reduce the time of attack detection, the time spent per case, and other metrics are important to any IT security team.

The full report and more insights on communications issues between C-level and IT security managers are available via the link.

Continue Reading

TECHNOLOGY

WIKO to release Huawei-developed smartphones

January 2, 2023 5:46 p.m.

A few days ago, the French technology brand WIKO made its debut on Weibo, and its China official website was launched simultaneously.

According to the teasers, last December 27, WIKO release its flagship phone in China, which not only supports 5G, but also a device thats equipped with Harmony OS, with a 108-megapixel main camera, 66W super-fast charging and other familiar configurations.

The new flagship–WIKO 5G, uses a 6.78-inch 120Hz high-refresh screen, equipped with a Snapdragon 695 processor, a rear-mounted 108megapixel main camera + 8-megapixel ultra-wide-angle + 2-megapixel macro + 2-megapixel depth-of-field lens, and the front camera is 16 million pixels, built-in 4000mAh battery.

It uses a 2.0GHz Octa Core CPU processor using a Qualcomm Snapdragon 695 5G chipset, an Adreno 619 graphics processor paired with 8GB of RAM, 128GB/256GB of internal memory and runs on the HarmonyOS operating system.

Equipped with 4 rear cameras, Quad Camera with LED flash consisting of

  • Main camera, 108 megapixel resolution, Samsung HM2 sensor, aperture f / 1.9, 1 / 1.52) and PDAF system
  • The second camera, Ultra Wide lens, 8 megapixel resolution, f / 2.2 aperture
  • 3rd camera, depth lens, 2 megapixel resolution, f / 2.4 aperture
  • 3rd camera, macro lens, 2 megapixel resolution, f / 2.4 aperture

According to reports, WIKO is officially licensed to release smartphones developed by Huawei technology. WIKO is a local mobile phone brand in France. Later, the mobile phone business of this brand was jointly acquired by Tianyin Holdings and Dongguan Financial Holdings. In addition, WIKO took the second place in the French mobile phone market in 2014, second only to Samsung in terms of local market share.

Continue Reading