Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams.
Malwarebytes Labs researchers seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup, also showing a phone number. In both instances, that number is fraudulent. The fake QuickBooks popup was previously described in detail by eSentire and reveals how scammers are able to hijack the software functionality by generating bogus alert messages.
Read more…
Source: malwarebytes Labs
Related:
- Report: Nation state hackers and cyber criminals are spoofing each other
October 4, 2019
Nation-state hackers and cyber criminals are increasingly impersonating each other to try and hide their tracks as part of advanced attack techniques says Optiv Security in its 2019 Cyber Threat Intelligence Estimate report. The top industries being targeted are retail, healthcare, government and financial institutions. Cryptojacking and ransomware are new exploits that join the traditional list of computer ...
- New Reductor Malware Hijacks HTTPS Traffic
October 3, 2019
Researchers have discovered a new malware strain, dubbed Reductor, that allows hackers to manipulate Hypertext Transfer Protocol Secure (HTTPS) traffic by tweaking a browser’s random numbers generator, used to ensure a private connection between the client and server. Once infected, Reductor is used to spy on a victim’s browser activity, said the Global Research and Analysis Team (GReAT) ...
- PKPLUG: Chinese Cyber Espionage Group Attacking Asia
October 3, 2019
For three years, Unit 42 has tracked a set of cyber espionage attack campaigns across Asia, which used a mix of publicly available and custom malware. Unit 42 created the moniker “PKPLUG” for the threat actor group, or groups, behind these and other documented attacks referenced later in this report. We say group or groups ...
- The Eye on the Nile
October 3, 2019
Back in March 2019, Amnesty International published a report that uncovered a targeted attack against journalists and human rights activists in Egypt. The victims even received an e-mail from Google warning them that government-backed attackers attempted to steal their passwords. According to the report, the attackers did not rely on traditional phishing methods or credential-stealing payloads, but rather ...
- Hack Breaks PDF Encryption, Opens Content to Attackers
October 2, 2019
Researchers in Germany have invented a new hack that can allow someone to break the encryption of PDF files and access their content — or even forge signed PDF files under certain circumstances. A team from Ruhr University Bochum, FH Münster University of Applied Sciences and Hackmanit GmbH developed the attack, called PDFex, that can allow an attacker to view the ...
- HQWar: the higher it flies, the harder it drops
October 2, 2019
Mobile dropper Trojans are one of today’s most rapidly growing classes of malware. In Q1 2019, droppers are in the 2nd or 3rd position in terms of share of total detected threats, while holding nearly half of all Top 20 places in 2018. Since the droppers’ main task is to deliver payload while sidestepping the ...