Mobile Malware Alert: Anatsa Targets Travel Firms for Financial Fraud
Overview A sophisticated strain of mobile banking malware known as Anatsa has resurfaced, now targeting travel firms and their customers for financial fraud. Anatsa differs…
Hackers Spreading GHOSTPULSE malware using Microsoft MSIX App
Overview
Hackers are using fake Windows app packages to spread a new type of malware called GHOSTPULSE. The fake packages are for popular software like Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex.
The hackers are cleverly tricking people into downloading the fake Windows app packages through several methods, such as compromised websites, fake search results, and malicious ads. When someone clicks on the fake package, a Windows prompt asks them to click the “Install” button. If they do, a hidden script will download the GHOSTPULSE malware onto their computer from a remote server via a PowerShell script.
What does GHOSTPULSE do…
GHOSTPULSE is a type of malware that helps facilitate other malware to start running on a system. It does this by using process doppelgänging, which creates a fake copy of a legitimate Windows process and loads the malware into that process.
How to keep safe
- Only download software from trusted sources. This includes the official websites of software developers and app stores.
- Be careful about clicking on links in emails and messages. If you don’t know the sender, or if the link looks suspicious, don’t click on it.
- Keep your software up to date. Software updates often include security patches that can help protect you from malware.
- Use a good antivirus program and keep it up to date. An antivirus program can scan your computer for malware and remove it if it’s found.
- Be careful about what attachments you open. If you’re not expecting an attachment, or if it is from someone you don’t know, don’t open it.
- Be careful about what websites you visit. Some websites may contain malware that can be downloaded to your computer without your knowledge.
- Use a VPN when connecting to public Wi-Fi. A VPN encrypts your traffic, making it more difficult for hackers to intercept your data.
Related Links
Related articles
Alert: PayPal ‘New Address’ Phishing Scam
The Cyber and Fraud Centre Scotland would like to alert the public to a recent phishing scam exploiting PayPal’s “New Address” feature. How the Scam…
Gift Card Scams: Understanding and Preventing a Rising Trend
Gift card scams are a significant threat, with fraudsters increasingly targeting both businesses and individuals through sophisticated social engineering techniques. This article examines gift card…