Jul 31 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter that’s the Piers Corbyn to cybercrime’s Jeremy Corbyn 👀😂 #CashlessSociety #NewWorldOrder #TheGreatReset
Today’s hottest cyber security stories:
🎯 Hackers take aim at Call of Duty players with self-spreading malware 👾
🤖 Android users beware! ‘CherryBlos’ malware utilises OCR to steal your data 💾
🍎 Apple introduces new rules for devs to tackle fingerprinting & data misuse 👇
🎮🚨 CALL OF DUTY GAMERS BEWARE! 🚨🎮
Hackers are targeting players of the classic Call of Duty: Modern Warfare 2 with a sneaky worm that's spreading like wildfire in online lobbies! 😱 According to two separate analyses of the malware, this worm is causing some serious havoc. 😤💻
��️ On June 26, a concerned user on a Steam forum issued a warning to fellow players about these devious hackers, stating they were launching attacks through hacked lobbies. 😠
The suggestion was to protect yourself with antivirus software, as it seemed like a very nasty malware indeed. 🛡️ The malware in question was spotted on VirusTotal, an online repository for detecting malicious software.
🔍 Another gamer took it upon themselves to investigate the malware further and shared their findings on the same forum thread. 🕵️♂️
According to their analysis, the malware seems to be a worm, which is a type of virus that spreads automatically between connected devices. 📡🔄 A reliable game industry insider, requesting anonymity, confirmed the presence of worm-like characteristics in the malware. 🤫🐍
📢 In response to the growing concerns, Neil Wood, the spokesperson for Activision, referred to an official Call of Duty updates Twitter account. The company acknowledged the issue in a somewhat vague tweet, stating: "Multiplayer for Call of Duty: Modern Warfare 2 (2009) on Steam was brought offline while we investigate reports of an issue." 🐦💬
❓ As of now, it remains unclear why these hackers are spreading this pesky malware. One thing is certain, though: this malicious software is a worm 🐛 as it automatically spreads through online lobbies from one infected player to another, like a digital contagion.
😨 It seems these hackers have managed to exploit one or more bugs in the game to execute their wicked plans on innocent players' computers. 😈💻
I came across ZZZ money club during the crypto market bull run when everyone’s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.
The group is very active and everyone in this private discord group is very chatty and helpful.
If you are interested in joining the group you can through the link below.
📱🚨 CherryBlos Android Malware Alert! 🚨📱
🔍 Cybersecurity experts at Trend Micro have discovered a new strain of Android malware called CherryBlos, and it's causing quite a stir! 😱 This sneaky malware uses optical character recognition (OCR) techniques to collect sensitive data from pictures stored on your device. 😨
📲 CherryBlos spreads through fake posts on social media platforms, and once it infiltrates your device, it can do some serious damage. It's capable of stealing credentials related to cryptocurrency wallets and even acts as a "clipper," swapping wallet addresses when you copy a string that matches a predefined format. 😱🔑
🛡️ To make matters worse, the malware tricks users by asking for accessibility permissions, granting itself additional powers as needed. 😈 It also cleverly evades being uninstalled by redirecting users trying to remove it to the home screen. 🏠
💸 Once inside your device, CherryBlos overlays fake screens on top of legitimate crypto wallet apps, stealing your credentials and transferring funds to the attackers' address. But that's not all! It also uses OCR to identify mnemonic phrases from images stored on your device, uploading the results to a remote server periodically. 📷💻
🔒 Trend Micro uncovered an app named Synthnet developed by the same threat actors on the Google Play Store, though it didn't contain the malware. Thankfully, Google took it down. 🛡️
🚫 Beware, the threat actors behind CherryBlos are also linked to another set of 31 scam apps called FakeTrade, using shared network infrastructure and app certificates. 🔄
📍 This malicious campaign mainly targets Android users in Malaysia, Vietnam, Indonesia, Philippines, Uganda, and Mexico. 🌍 So, if you're in any of these regions, stay extra cautious when using cryptocurrency-related apps and avoid falling victim to CherryBlos! 🚫💭
🗞️ Extra, Extra! Read all about it 🗞️
Each fortnite, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
💸 The MoneyFitt Morning: A daily heads-up on what's important in investing & business. Loved by investors of all levels.
📈 Trends.vc: Discover new markets and ideas. Join 55,248 founders using this free newsletter to stay ahead.
😈 The API Hacker Inner Circle: Join a community of developers, testers, and hackers who are upskilling their API hacking tradecraft.
Let us know what you think!
📢🔒 Apple's API Policy Update to Safeguard User Data! 🔒📢
🍏 Apple is taking a major step to protect user privacy! With the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 later this year, developers will be required to provide reasons for using specific APIs in their apps. 📅
This move aims to prevent the misuse of APIs for data collection and ensure apps use them for their intended purposes only. 👮♂️🛡️
📜 The APIs that need reasons for use include File timestamp APIs, System boot time APIs, Disk space APIs, Active keyboard APIs, and User defaults APIs. 📁💻🔑 Developers must accurately select approved reasons that align with their app's use of these APIs. The app can then use the APIs only for the declared reasons. 🗣️🛠️
🕵️♂️ Apple's primary goal is to prevent abuse of these APIs for fingerprinting, which could lead to identifying users across different apps and websites, especially for targeted advertising purposes. 🎯 This step ensures that user data remains protected and anonymous. 🕶️🚫
📅 The policy enforcement starts in Fall 2023 and extends to visionOS. Developers submitting new apps or updates must declare API usage reasons in their app's privacy manifest. 📝 Starting Spring 2024, apps without the proper descriptions will be rejected. 🚫📲
So long and thanks for reading all the phish!