Call of Duty players hacked

Jul 31 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter thatโ€™s the Piers Corbyn to cybercrimeโ€™s Jeremy Corbyn ๐Ÿ‘€๐Ÿ˜‚ #CashlessSociety #NewWorldOrder #TheGreatReset

Todayโ€™s hottest cyber security stories:

  • ๐ŸŽฏ Hackers take aim at Call of Duty players with self-spreading malware ๐Ÿ‘พ

  • ๐Ÿค– Android users beware! โ€˜CherryBlosโ€™ malware utilises OCR to steal your data ๐Ÿ’พ

  • ๐ŸŽ Apple introduces new rules for devs to tackle fingerprinting & data misuse ๐Ÿ‘‡

Fall of Duty: Modern Malware


Hackers are targeting players of the classic Call of Duty: Modern Warfare 2 with a sneaky worm that's spreading like wildfire in online lobbies! ๐Ÿ˜ฑ According to two separate analyses of the malware, this worm is causing some serious havoc. ๐Ÿ˜ค๐Ÿ’ป

๏ฟฝ๏ฟฝ๏ธ On June 26, a concerned user on a Steam forum issued a warning to fellow players about these devious hackers, stating they were launching attacks through hacked lobbies. ๐Ÿ˜ 

The suggestion was to protect yourself with antivirus software, as it seemed like a very nasty malware indeed. ๐Ÿ›ก๏ธ The malware in question was spotted on VirusTotal, an online repository for detecting malicious software.

๐Ÿ” Another gamer took it upon themselves to investigate the malware further and shared their findings on the same forum thread. ๐Ÿ•ต๏ธโ€โ™‚๏ธ

According to their analysis, the malware seems to be a worm, which is a type of virus that spreads automatically between connected devices.ย ๐Ÿ“ก๐Ÿ”„ A reliable game industry insider, requesting anonymity, confirmed the presence of worm-like characteristics in the malware. ๐Ÿคซ๐Ÿ

๐Ÿ“ข In response to the growing concerns, Neil Wood, the spokesperson for Activision, referred to an official Call of Duty updates Twitter account. The company acknowledged the issue in a somewhat vague tweet, stating: "Multiplayer for Call of Duty: Modern Warfare 2 (2009) on Steam was brought offline while we investigate reports of an issue." ๐Ÿฆ๐Ÿ’ฌ

โ“ As of now, it remains unclear why these hackers are spreading this pesky malware. One thing is certain, though: this malicious software is a worm ๐Ÿ› as it automatically spreads through online lobbies from one infected player to another, like a digital contagion.

๐Ÿ˜จ It seems these hackers have managed to exploit one or more bugs in the game to execute their wicked plans on innocent players' computers. ๐Ÿ˜ˆ๐Ÿ’ป

๐Ÿ›ก๏ธ Top Tips:

  • ๐Ÿšจ Stay alert, fellow gamers! ๐Ÿšจ Make sure to protect your devices and follow updates from the game's official channels for further information and solutions. Let's stand together to keep the gaming community safe from these cyber threats! ๐Ÿ›ก๏ธ๐ŸŽฎ

I came across ZZZ money club during the crypto market bull run when everyoneโ€™s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.

The group is very active and everyone in this private discord group is very chatty and helpful.

Its run by Yourfriendandy and Decadeinvestor, you can find them here on YouTube, both top guys with great content.

If you are interested in joining the group you can through the link below.

Donโ€™t let the CherryBlossom!

๐Ÿ“ฑ๐Ÿšจ CherryBlos Android Malware Alert! ๐Ÿšจ๐Ÿ“ฑ

๐Ÿ” Cybersecurity experts at Trend Micro have discovered a new strain of Android malware called CherryBlos, and it's causing quite a stir! ๐Ÿ˜ฑ This sneaky malware uses optical character recognition (OCR) techniques to collect sensitive data from pictures stored on your device. ๐Ÿ˜จ

๐Ÿ“ฒ CherryBlos spreads through fake posts on social media platforms, and once it infiltrates your device, it can do some serious damage. It's capable of stealing credentials related to cryptocurrency wallets and even acts as a "clipper," swapping wallet addresses when you copy a string that matches a predefined format. ๐Ÿ˜ฑ๐Ÿ”‘

๐Ÿ›ก๏ธ To make matters worse, the malware tricks users by asking for accessibility permissions, granting itself additional powers as needed.ย ๐Ÿ˜ˆ It also cleverly evades being uninstalled by redirecting users trying to remove it to the home screen. ๐Ÿ 

๐Ÿ’ธ Once inside your device, CherryBlos overlays fake screens on top of legitimate crypto wallet apps, stealing your credentials and transferring funds to the attackers' address. But that's not all! It also uses OCR to identify mnemonic phrases from images stored on your device, uploading the results to a remote server periodically. ๐Ÿ“ท๐Ÿ’ป

๐Ÿ”’ Trend Micro uncovered an app named Synthnet developed by the same threat actors on the Google Play Store, though it didn't contain the malware. Thankfully, Google took it down. ๐Ÿ›ก๏ธ

๐Ÿšซ Beware, the threat actors behind CherryBlos are also linked to another set of 31 scam apps called FakeTrade, using shared network infrastructure and app certificates. ๐Ÿ”„

๐Ÿ“ This malicious campaign mainly targets Android users in Malaysia, Vietnam, Indonesia, Philippines, Uganda, and Mexico. ๐ŸŒ So, if you're in any of these regions, stay extra cautious when using cryptocurrency-related apps and avoid falling victim to CherryBlos! ๐Ÿšซ๐Ÿ’ญ

๐Ÿ›ก๏ธ Top Tips:

  • Remember to stay vigilant, keep your devices protected, and download apps only from trusted sources. Together, we can outsmart these cyber threats! ๐Ÿ›ก๏ธ๐Ÿค–๐Ÿ’ช

๐Ÿ—ž๏ธ Extra, Extra! Read all about itย ๐Ÿ—ž๏ธ

Each fortnite, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ’ธย The MoneyFitt Morning: A daily heads-up on what's important in investing & business. Loved by investors of all levels.

  • ๐Ÿ“ˆย Discover new markets and ideas. Join 55,248 founders using this free newsletter to stay ahead.

  • ๐Ÿ˜ˆย The API Hacker Inner Circle: Join a community of developers, testers, and hackers who are upskilling their API hacking tradecraft.

Let us know what you think!

Devy got fingered.

๐Ÿ“ข๐Ÿ”’ Apple's API Policy Update to Safeguard User Data! ๐Ÿ”’๐Ÿ“ข

๐Ÿ Apple is taking a major step to protect user privacy! With the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 later this year, developers will be required to provide reasons for using specific APIs in their apps. ๐Ÿ“…

This move aims to prevent the misuse of APIs for data collection and ensure apps use them for their intended purposes only. ๐Ÿ‘ฎโ€โ™‚๏ธ๐Ÿ›ก๏ธ

๐Ÿ“œ The APIs that need reasons for use include File timestamp APIs, System boot time APIs, Disk space APIs, Active keyboard APIs, and User defaults APIs.ย ๐Ÿ“๐Ÿ’ป๐Ÿ”‘ Developers must accurately select approved reasons that align with their app's use of these APIs. The app can then use the APIs only for the declared reasons. ๐Ÿ—ฃ๏ธ๐Ÿ› ๏ธ

๐Ÿ•ต๏ธโ€โ™‚๏ธ Apple's primary goal is to prevent abuse of these APIs for fingerprinting, which could lead to identifying users across different apps and websites, especially for targeted advertising purposes. ๐ŸŽฏ This step ensures that user data remains protected and anonymous. ๐Ÿ•ถ๏ธ๐Ÿšซ

๐Ÿ“… The policy enforcement starts in Fall 2023 and extends to visionOS. Developers submitting new apps or updates must declare API usage reasons in their app's privacy manifest. ๐Ÿ“ Starting Spring 2024, apps without the proper descriptions will be rejected. ๐Ÿšซ๐Ÿ“ฒ

๐Ÿ›ก๏ธ Top Tips:

  • Don't miss this crucial update to safeguard your privacy! ๐Ÿ›ก๏ธ๐Ÿ‘ฅ Thatโ€™s all for today, cyber-squad. Stay safe yโ€™all!ย 

So long and thanks for reading all the phish!

Recent articles