In late August 2024, Kaspersky researchers attention was drawn to a Spotify mod called Spotify Plus, version 18.9.40.5. At the time of writing this, the mod could be downloaded from spotiplus[.]xyz and several related sites that linked to it.
The original website claimed that the mod was certified, safe, and contained numerous additional features not found in the official app. The research team decided to verify the claims about the application’s safety by downloading the latest version from this website (acb7a06803e6de85986ac49e9c9f69f1) and analyzing it.
Read more…
Source: Kaspersky
Related:
- Sri Lanka arrests over 230 Chinese in cybercrime raids
October 15, 2024
Sri Lankan police have arrested more than 230 Chinese men accused of targeting international banks in online scams, the foreign minister said on Tuesday (Oct 15), with help from security officials sent by Beijing. Vijitha Herath said police raids over the past week had also seized 250 computers and 500 mobile phones used in the alleged ...
- Cyber Attack Hits French Leading News Agency AFP
October 14, 2024
French news agency Agence France-Presse (AFP) suffered a cyber attack that disrupted its content delivery infrastructure and file transfer systems. It operates English, French, Arabic, Portuguese, and Spanish news channels and employs over 2,400 people in 150 countries. AFP said it was working to restore impacted systems and has engaged French cybersecurity agency ANSSI and law ...
- Chinese researchers break RSA encryption with a quantum computer
October 14, 2024
The research team, led by Wang Chao from Shanghai University, found that D-Wave’s quantum computers can optimize problem-solving in a way that makes it possible to attack encryption methods such as RSA. In a potentially alarming development for global cybersecurity, Chinese researchers have unveiled a method using D-Wave’s quantum annealing systems to crack classic encryption, potentially ...
- Pokémon hack exposes future games, beta designs and more
October 14, 2024
Pokémon developer Game Freak has confirmed its servers were hacked in August. The breach meant internal materials — from source codes to early and even scrapped character designs — were circulating on social media over the weekend. Leaked documents and images flooded Reddit and X after Centro Leaks began dumping it all on Saturday afternoon. It ...
- Over 77,000 customers’ personal information is exposed in Fidelity Investments data breach
October 12, 2024
Fidelity Investments reported in a filing with Maine’s attorney general that an unnamed third party accessed information from its systems using two recently established customer accounts. It did not say how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers. The breach occurred between Aug. 17 and 19 ...
- Critical Veeam Backup & Replication Vulnerability Under Active Exploitation
October 11, 2024
Security researchers have reported CVE-2024-40711 is under active exploitation by ransomware groups. These groups are reportedly exploiting CVE-2024-40711 as a second stage exploit to create new local Administrator accounts to facilitate further objectives on compromised networks. Reports warn of exploitation attempts since shortly after official disclosure by Veeam. Enterprise backup and disaster recovery applications are valuable ...