Sphinx Banking Trojan is part of the Olympic Games in Rio 2016

Sphinx Banking Trojan is part of the Olympic Games in Rio 2016 and definitely it’s taking Gold!

The banking Trojan is targeting banks and payment methods in Brazil. Everyone could expect that a cyber attack will happen during this particular time since thousands of people are visiting and everyone is purely focused on the games and fun.

Cyber attackers have fun also but in their way.

Did you hear about the infamous Zeus? Well, this Trojan is part of that malware family and it contains the Zeus code in itself. The advanced feature of this malware that it learned the mistakes from Zeus baking Trojan and improved by becoming immune to detection so not even Zeus tracking tool can detect it.

Sphinx banking Trojan first appeared last year in August as well, offered most probably by a Russian vendor for $500 per binary (less malware builder) meaning to say that the buyers cannot generate new malware files rather they have to contact the vendor again.

How does Sphinx banking Trojan works?

Just like other banking Trojans, it spreads by creating fake websites that have web injects. So, you think it’s your bank but actually  it’s not, so it extracts all the data you enter. It has been even further advanced with social engineering tactics and card reader that is able trick the user to enter their data so the cyber criminals can collect it.

By using this method, the infamous banking Trojan attacked three banks in Brazil as well as Boleto payment methods.

Cyber criminals attack where money is so the popularity of banking Trojans was expected.

Therefore corporations and home users should always be aware of this problem and implement multiple layered security protection. By expecting this kind of globally famous event, as the Olympics, organizations should know that cyber criminal can misuse it easily.

How to stay safe from banking Trojans?

Simple. No need to display step by step guides how to stay safe. Rarely something works. That is the reason why security vendors exist. They invest their time in constant research and behavioral analysis of these kind of malicious activities. So hurry and download an anti-keylogger that has real-time protection and that is specialized in blocking baking Trojans, financial malware, ransomware and similar advanced threats.

Install it and keep it running all the time! If you do this than no worries you are safe!

Useful note: Did you know that Zemana AntiLogger got the perfect score in detecting and blocking banking Trojans, financial malware and advanced keyloggers? See full report here.

Zemana got a perfect score on MRG Effitas Online Banking Certification

MRG Effitas, a UK-based independent IT security research company publishes an Online Banking Certification Report every year for the last four years. Since 2013, that single report has been replaced by quarterly assessments.

In the latest report Q2 2016 they have tested a group of internet security suits and anti-financial fraud applications whereby Zemana AntiLogger was one of the tested products.

The main purpose of the report is to show the ability of different products in detecting and blocking various financial malware and keyloggers.

As these two security threats have always been and still are major security issues due to the fact that they purpose is to grab user’s name and password from places that are used for online transactions. Another thing financial malware and keylogger can do is to steal login credentials from popular social networking websites such as Facebook, Twitter, LinkedIn, etc or any other platform you share your private data with.

In this assessment (Q2 2016) they ran the following tests:

  • In-the-Wild Real Financial Malware Test – (86 live ITW samples were used)
  • Botnet Test – (detection of financial malware such as ZeusVM/KINS, SpyEye..)
  • Simulator Test – Powershell keylogger test (Tested of the oldest techniques to steal)
  • Simulator Test – (API hooking simulator test)

The below tables show the results and capability of different products tested in the Online Banking / Browser Security Certification Program.

Table 1: Q2 2016 In-the-Wild real financial malware test results
 
 
The above table shows the results of testing using In-the-Wild real financial malware where Zemana scored 100%.
Table 2: Q2 2016 Real Botnet tests results
 
The above table shows the results of testing using real financial malware where Zemana Antilogger detected and blocked financial malware from capturing login data.
Table 3: Q2 2016 Simulator test results
The above table shows the results of testing using the malware simulators where Zemana AntiLogger managed to block successfully all malware simulators.
We are glad that to announce that Zemana AntiLogger has succesfully blocked all the above threats. For you we have even better news. Here you can get Zemana AntiLogger 30% OFF and stay protected 100%.
In case you would like to check out all methodologies used during the report and all details of the above mentioned results you can see the report here.

Why is cyber security essential in video games development?

When software development started to become a hit worldwide, cyber security matters were not that important. Everyone just focused on the functionality of the software itself and no one had time to focus on security issues since cyber criminal was not that famous then.

Now with the increase of cyber criminal, security became a top priority throughout all channels and all development phases of software.

Luckily, developers are extremely aware of it and find it as an essential concept.

Software industry has grown rapidly, especially in the past decade. Everyday some new software comes to the surface and with that new challenges arise as well. However, there is a software category that became a BUM in this field and that holds very tight fingers with cyber security.

Video games!

Video games are not a new concept but lately they became one of the software categories that generate massive revenues and have million of active users worldwide.

ESET experts conducted an interview with Andrés Rossi, CEO of Sismogames – an Argentine company that develops video games for social networks and mobile devices, a niche market that was in 2015 worth $1.97 billion in the US alone.

His opinion on security problems in video games industry is very straightforward:

 “Over the years, I have seen all sorts of incidents, from payment-card frauds, to cyber attacks targeting gamers and the subsequent claim of prizes, to exploitation of servers just for the sake of playing”, he described.

Besides he also noticed that most of these problems occur because of users’ irresponsibility:

“Irresponsible as it may seem, what I see most frequently are players who leave their accounts open in machines that do not belong to them, they just leave without logging off or erasing their private data.” 

Even though this irresponsible act shouldn’t even be present among users but actually it is one major problem that causes a lot of security incidents.

Besides, as he states, the security incidents are caused due to the fact that there are many malware that are stored within different flash drives or file attachments that go from user to user.

The importance of cyber security implementation in video games development is a MUST!

He continues that thinking about security implementation while developing a game must be part of the development routine although he believes that the ignorance towards security matters prevails among many video games developers.

He even highlighted the incident with Sony which had its online PlayStation platform compromised.

Online security implementation is something that everyone should work on

While playing a video game, user reveals different kind of sensitive information such as email accounts, Facebook account, credit card details while purchasing some virtual currencies or premium features/items and so on and so forth.

All these games collect very sensitive data, therefore all video games are potential targets to cyber criminals  which means that users data can be easily compromised and exposed.

Having this in mind, and the consequences it can make, each game developer should carefully implement security channels throughout the software in order to prevent possible cyber attacks and data breaches.

Online security as a essential part of video games

It is definitely not easy to focus on many things while developing a game therefore video game developer should work closely with security software companies that can easily implement security channels throughout the game.

The awareness on this matter has to be raised

Security incidents related to video games are increasing each minute. Millions of users trust game developers and reveal their data in order to play and enjoy the game. Therefore security software companies and game developer should work closely and as much possible decrease the security incidents in this industry and share awareness among users on possible security issues.

New Android malware has the ability to steal your credentials

Security researchers from Kaspersky Lab discovered a new piece of Android malware designed to steal your banking credentials and even pretend it’s your bank in a sophisticated way.

All in all, the malware in the basic terms is similar to other variants. However, it stands out with its ability to intercept and delete sent messages from banking institutions.

This can create a massive impact on online banking users since even if the bank notifies them about the new malicious banking activity, the new malware can delete or customize the message leaving the users unaware that they may soon become a victim and loose a bunch of money.

Some banks practice sending alerts via SMS to users in order to authenticate some unusual banking activity on their accounts.

In Russia, it’s the worst case since the malware can offset any mobile security solution that is popular in Russia and installed on your phone in order to finalize the infection path.

You can download the malware from anywhere without being aware of it

It hides everywhere and it can be downloaded via Google AdSense advertising network, which means – Watch Out! Lot of sites, new, old, good and bad use this network to display advertising and the Trojan hides right there.

The Trojan is downloaded as soon as a page with the advert is visited

Android users are always a target due to the openness of the system. However, it came to a point where Android users can’t even Google around and look out for some great sites or great news because the malware is in there aaaand Voila – you have downloaded last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q.

The scary part-you don’t even notice that you have downloaded it since it doesn’t require any kind of following confirmation or link clicks.

Even though till now the effects are seen in Russia only, it doesn’t assure us that it will not spread to other countries as well.

Download an Android anti-keylogger and stay worry free. Nothing can bypass that!

Up for travel?! Here are 7 tips how to stay safe from cyber threats

Ok, we may all agree that our mobile device has become a very important extension of us in a way that it contains most of the data we need daily, our favorite photos and memories, valuable contacts and very sensitive information. While travelling, our Internet habits and the data we carry can put our privacy and data security at risk.

Criminals know that tourists are prone to overlooking or ignoring risks to their security because they are so eager and excited about experiencing and seeing all the wonders of travelling. Therefore, some extra attention to detail may be required when you travel abroad. So, since our mobile device is quite important to us and it contains very sensitive and valuable information, let’s follow these steps to keep it safe from cyber threats while we are on the Go.

1) Backup your data: It is better to have your date stored on two places rather than one so in case your phone is stolen or you lose it your data can be easily restored.

2) Beware of public Wi-Fi hot-spots: Come on, who doesn’t use public Wi-Fi connection while on a trip?! As soon as you get to some coffee shop, you immediately look for the password, so you can publish some great photos, go through your mails or check your bank account. All of these actions have to be secured. You can never detect if someone is spying on you by yourself, therefore to connect to public Wi-Fi worry free install Zemana Mobile Antivirus. It will keep an eye on your phone and to it just take a minute of your time to install it.

3) Turn on “find-my-phone” and remote wiping: If your phone is lost or stolen, you can use the find-your-phone feature to locate it. You’ll also want to wipe your device of any data so that someone who has your phone can’t access all your information. But these services don’t work if they aren’t turned on before you lose your device, so make sure they’re enabled.

4) Say no to unknown devices: Do not loan or hand over your device to anyone, even for a few minutes. Never attach unknown devices such as thumb drives to your laptop.

5) Turn off Bluetooth while travelling: Be careful when connecting your device to a rental car. Consider a rental car’s Bluetooth PBAP functionality, which loads up your entire address book, while also allowing other devices to connect with the car’s Bluetooth system.

6) Say NO to unnecessary staff: There is no need to bring unnecessary media devices or data storage devices while travelling since there is a bigger chance that they may be stolen and then say bye-bye to your private staff.

7) Password protection: We don’t even know if there is a need to mention this step but we will do it again since almost a third of smart phone users are not practicing any kind of passwords protection on their device. This info is a little bit disturbing since passwords are the beginning of your defense system and you should never forget it. So, no matter if you are traveling or not, enable password protection (not some lame one) and bio-metric identification.

But, do you know what you need the most? 

A personal on the go security guard. That’s right! We have one for you and it’s the best travel partner you could have ever wished for!

Zemana Mobile Security is your safe guard while you on the Go!

Every connection you create will be safe so feel free to do things online like a new trip arrangement or online booking, online payment and so one and so forth. It will stop anyone that has the intention to steal data stored on your mobile device. You can connect to any wi-fi network worry free as it encrypts your online communications and you can also search the Internet without worrying who is seeing or tracking your movement online.

Probably there are even more rules to follow in order to stay safe but these are the crucial ones. However, if it is inconvenient for you to follow all these steps or if you want to save your time just install Zemana Mobile Security and start packing your bags already!

Get Zemana Mobile Antivirus here and enjoy your travelling!

How much data breaches affect company value?

With an overgrowing increase of malware samples and variants (near 600 million) in this year only , the average cost of data breaches has been estimated to reach $4 million-as according to Liviu Arsene, Senior E-Threat Analyst.

Gartner, American research and advisory firm, conducted an analysis on last year data breaches stats and estimated that people worldwide will invest in information security near to $75.4 billion. Besides, the organization sees a 26 percent probability that a company will experience one or more data breaches within a 24-hour period.

How much data breaches really cost a company?

While everyone out there focuses on how much money does the company has to invest to fix a data breach and to increase their security budgets in order to block any possibility from another attack, the question that arises here is actually what is the impact on company’s’ value?

Below, we will walk you through few massive data breaches that huge organizations experienced over the last year and what were the consequences they had to face.

Target

The massive data breach that everyone knew about is the one that Target has experienced in late 2013. Data of 70 million individuals were exposed. To fix the cost of the data breach company invested approximately $252 million. However, the company’s stock market rating wasn’t affected in long term. It took a year to get back on track and to increase their stock value as previous.

Anthem 

In 2015 Anthem data breach was hot topic. 78.8 million records were stolen.

When it comes to their stock market performance, the rice drooped during the time the breach happened but there was no serious drop until late 2015.

Vtech Holdings

A leading supplier of corded and cordless phones and electronic learning toys experienced a data breach last year. The impact was huge – 4.9 million parents’ accounts were accessed by cyber criminals and profiles of 6.4 million children were exposed.

Looking at their stock value, during the data breach it drooped but not significantly.

Adobe 

This one we all know about. Famous data breach that Adobe has been affected with were 38 million customer accounts have been accessed and all their data were out – including all credit card details, personal info and others. Just looking at the lawsuits Adobe had to face their cost reached $1.1 million in attorneys’ fees and expenses and an undisclosed sum to affected users.

The very interesting part here is that the stock value of Adobe didn’t drop down even a little bit.

Value or money?

If we take a look at the above examples of massive, well-known data breaches we could see that there is no significant decrease in companies’ value. We had to keep in mind that these examples included only big companies that had enough financial back up to fix the data breach and were most probably engaged with insurance companies and policies that cover such incidents. But till when will insurance companies bear the cost of constant data breaches?!

On the other hand, small businesses don’t share the same destiny as large corporations. According to a research conducted by Centrify 66% of U.S., 75% of U.K. and 57% of German consumers are likely to stop doing business with a small organizations that have been hacked. Read more here.

Full me once, full me twice but…

A company may fix a data breach in short time and secure its stock market value but if the security gaps are not taken care of in a long term, the data breaches will occur on a regular basis and than an organization may experience a serious drop down.

Why do you need Anti-keylogging app on your PC?

We came to a point where users worldwide are afraid to enjoy technology due to an increased number of security threats. I mean, one day you wake up to start your day as normal as usual and you decide to engage with a perfectly legitimate website in order to buy something for yourself without suspecting even a little bit that a cyber criminal has already installed a keylogger on your PC and now the scammer has the power to record everything you type.

How can a keylogger harm you?

A keylogger (keystroke logging or keylogging) is used by cyber criminals to track and record whatever you type on a keyboard without you being aware of it. By using this method cyber criminals can collect all you data, gain access to all your private accounts, engage in purchases and even criminals activities under your own name.

And then out of nowhere you are a victim. You lost your money, but even worse – you have lost your trust.

That is the key point here. Users lose trust.

It is one thing to be paranoid, but it is totally another thing to take needed precautions and to freely enjoy, surf the web and engage with websites worry-free.

You shouldn’t ignore technology and you shouldn’t be afraid to engage with different websites and enjoy your daily only activities.

So, what should you do?

Lately, there are many organizations and websites that advice you to use a virtual keyboard with numbers and letters in random places so users think they are safe enough.

However, even this is not secure since recently a Bastille Networks researcher Marc found a set of security issues in low-cost wireless keyboards that cyber criminals can exploit in order to collect all your passwords, sensitive data, credit card details and other.

Don’t panic. Luckily for you is that you don’t have to change your keyboard or spot any of these threats since there is a well-trained eye that will take care of that for you.

You just have to secure yourself with proper anti-keylogger software that will act as your bodyguard and will not let anything pass by.

Years ago, when keylogging was in the rise, Zemana developed anti-keylogger software – Zemana AntiLogger that aggressively combats keyloggers of all types.

It excels at fighting the most malicious type of keyloggers – financial malware.

The sole purpose of financial malware is to obtain your logins, passwords, credit card numbers and banking information, as well as valuable accounts such as stock trading accounts. Once that information is obtained, it is often sold to the highest bidder. Using our anti-keylogger software, you can wipe-out malicious keyloggers and maintain your privacy.

 Conclusion

You don’t want your credit card information stolen. You don’t want your emails hacked into. You don’t want hackers to gain access to your personal information. Therefore, protect yourself if you aren’t already. Keyloggers are serious danger! Don’t let hackers profit from you!