Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams.
Malwarebytes Labs researchers seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup, also showing a phone number. In both instances, that number is fraudulent. The fake QuickBooks popup was previously described in detail by eSentire and reveals how scammers are able to hijack the software functionality by generating bogus alert messages.
Read more…
Source: malwarebytes Labs
Related:
- Compal, the second-largest laptop manufacturer in the world, hit by ransomware
November 9, 2020
Compal, a Taiwanese electronics company that builds laptops for some of the world’s largest computer brands such as Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu, suffered a ransomware attack over the weekend. Responsible for the breach is believed to be the DoppelPaymer ransomware gang, according to a screenshot of the ransom note shared by Compal ...
- xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunnelling for C2
November 9, 2020
The xHunt campaign has been active since at least July 2018 and we have seen this group target Kuwait government and shipping and transportation organizations. Recently, we observed evidence that the threat actors compromised a Microsoft Exchange Server at an organization in Kuwait. We do not have visibility into how the actors gained access to ...
- Ransomware hits e-commerce platform X-Cart
November 9, 2020
E-commerce software vendor X-Cart suffered a ransomware attack at the end of October that brought down customer stores hosted on the company’s hosting platform. The incident is believed to have taken place after attackers exploited a vulnerability in a third-party software to gain access to X-Cart’s store hosting systems. “We have identified what we believed to have ...
- Gitpaste-12 malware wants to add your Linux servers and IoT devices to its botnet
November 9, 2020
A new form of malware is targeting Linux servers and Internet of Things (IoT) devices and adding them to a botnet in what appears to be the first stage of a hacking campaign targeting cloud computing infrastructure – although the purpose of the attacks remains unclear. Uncovered by cybersecurity researchers at Juniper Threat Labs, the malicious ...
- New Slipstream NAT bypass attacks to be blocked by browsers
November 9, 2020
Web browser vendors are planning to block a new attack technique that would allow attackers to bypass a victim’s NAT, firewall, or router to gain access to any TCP/UDP service hosted on their devices. The attack method, dubbed NAT Slipstreaming, was discovered by security researcher Samy Kamkar and it requires the victims to visit the threat ...
- FBI: Hackers stole source code from US government agencies and private companies
November 7, 2020
The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. Intrusions have taken place since at least April 2020, the FBI said in an alert sent out last month and made public ...