Vulnerabilities / Threats

6/23/2017
02:08 PM
50%
50%

Android Marcher Variant Makes Rounds as Adobe Flash Player Update

Zscaler researchers discover a new variant of the Android Marcher malware, which aims to steal online banking credentials and credit card information.

A new variant of the Android Marcher malware uses pornographic enticements and new game hype to lure users to download a bogus Adobe Flash player, according to Zscaler researchers who discovered the latest variant.

Users are then asked to disable their security settings and allow third-party apps to install. Once the apps are installed, the malware removes its icon from the phone menu.

It then waits for the user to open one of over 40 targeted financial apps and then overlays a fake version of that financial website's login page. The malware then gleans the user's login credentials.

The financial sites the new Android Marcher variant is targeting includes TD Bank, Wells Fargo, PayPal, and others.

Read more about this latest Marcher variant here

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
How Well Is Your Organization Investing Its Cybersecurity Dollars?
Jack Jones, Chairman, FAIR Institute,  12/11/2018
The Case for a Human Security Officer
Ira Winkler, CISSP, President, Secure Mentem,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18397
PUBLISHED: 2018-12-12
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/us...
CVE-2018-20094
PUBLISHED: 2018-12-12
An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java.
CVE-2018-20095
PUBLISHED: 2018-12-12
An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls.
CVE-2018-20096
PUBLISHED: 2018-12-12
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
CVE-2018-20097
PUBLISHED: 2018-12-12
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.