Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams.
Malwarebytes Labs researchers seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup, also showing a phone number. In both instances, that number is fraudulent. The fake QuickBooks popup was previously described in detail by eSentire and reveals how scammers are able to hijack the software functionality by generating bogus alert messages.
Read more…
Source: malwarebytes Labs
Related:
- Avast disables JavaScript engine in its antivirus following major bug
March 11, 2020
Czech antivirus maker Avast has taken the extreme step of disabling a major component of its antivirus product after a security researcher found a dangerous vulnerability that put all of the company’s users at risk. The security flaw was found in Avast’s JavaScript engine, an internal component of the Avast antivirus that analyzes JavaScript code for ...
- New TrickBot Variant Updates Anti-Analysis Tricks
March 11, 2020
Researchers uncovered a new variant of the TrickBot malware that relies on new anti-analysis techniques, an updated method for downloading its payload as well as adopting minor changes to the integration of its components. TrickBot is a module-based malware that, while first identified as a banking trojan, has gradually extended its functions to include collecting credentials from a victim’s emails, ...
- Critical Bugs in Rockwell, Johnson Controls ICS Gear
March 10, 2020
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems (ICS) gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in Rockwell Automation gear affect MicroLogix 1400 Controllers, MicroLogix 1100 Controllers and RSLogix 500 Software. The ...
- Nasty phishing scams aim to exploit coronavirus fears
March 6, 2020
Cyber criminals are aiming to take advantage of fears over coronavirus as a means of conducting phishing attacks and spreading malware, along with stealing login credentials and credit card details. Cybersecurity companies have identified a number of campaigns by hackers who are attempting to exploit concerns about the COVID-19 outbreak for their own criminal ends. Crooks often use ...
- Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns
March 6, 2020
Researchers are warning that “human operated” ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle. Researchers said that “auto-spreading” ransomware – like WannaCry and NotPetya – are making headlines due to the crippling downtimes that these attacks cause. However, “human operated” ransomware – like REvil, Bitpaymer, and Ryuk – ...
- Zoho zero-day published on Twitter
March 6, 2020
A security researcher published yesterday details on Twitter about a zero-day vulnerability in a Zoho enterprise product. Cyber-security experts who have reviewed the vulnerability have told ZDNet that the zero-day could spell trouble for companies around the world, as it could be an entry point for ransomware gangs to infect corporate networks and ransom their data. The vulnerability impacts ...