BMWs at risk of hacking
BMW is in the process of issuing security patches to drivers of its 2017 i3, 2016 X1 and 525Li, and 2012 730Li. The patches will cover fourteen newly-discovered vulnerabilities, four of which can be triggered only through physical connection to the car computer systems, while another four require USB connection to the car. The remaining six vulnerabilities can be exploited remotely. A diligent cybercriminal can gain access to the cars’ infotainment systems, T-Box components, and UDS communication. In light of the findings, BMW has embraced the value of third-party cybersecurity research, and they are working on fixes.
Cryptojacking like an animal: the Drupal vulnerability
The San Diego Zoo is just one of almost 400 websites that has been compromised by a bug called Drupalgeddon 2.0. This vulnerability in the Drupal content management system was discovered and patch…
US & UK on alert for possible cyberattack
On Monday, the US Department of Homeland Security, the FBI, and the UK National Cyber Security Center issued a first-ever joint statement warning businesses and residents of both nations that a wide-scale …
If you are in San Francisco this week, check out RSA at the Moscone Center and swing by the Avast booth to witness the effects of real-time cryptomining firsthand. We’ll be hosting a challenge that reveals the vulnerabilities in IoT and mobile devices through the mining of Monero using smartphones. We will also have a PC on display as an infected Amazon Fire TV stick forces it to cryptomine, so the effects (such as overheating) will be plain to see.
Fashion faux pas: Data breach at Saks Fifth Avenue and Lord & Taylor
Toronto-based retail enterprise Hudson’s Bay — parent company to Saks Fifth Avenue, Saks OFF Fifth, and Lord & Taylor — disclosed on Sunday that no less than five million of their customers may have suffered credit card compromises in a data breach that occurred last May.
In November 2017, we detected a strain of malware known as JSMiner in Google Play. The Monero cryptomining capabilities were discovered inside the gaming application Cooee. At the time of discovery, we forecasted a rise in mobile mining malware as atta…
At Avast, it’s our business to stay on top of security risks that affect computer users around the world. As cryptocurrencies grow in popularity — as well as the inevitable cryptomining that follows — this is an area we are committed to closely monitoring. Here are two stories from the week that caught our attention.
It’s staggering to realize that Bitcoin, the very first cryptocurrency, splashed onto the scene almost a decade ago. It’s only been over this past year that digital coinage has really gained its tremendous popularity. As of January 2018, there are well over one thousand varieties of cryptocurrency in circulation — Bitcoin, Monero, Ethereum, Ripple, Litecoin, IOTA and many more.
The good news is that Avast users are protected against cryptomining, which includes the current threat terrorizing the world’s Windows servers and computers. The Smominru botnet has torn through hundreds of thousands of servers and computers alike, hijacking their CPU power to mine the cryptocurrency Monero. ZDNet reports that the Smominru botnet mines 24 Monero ($8,500) a day, with a net total to date of 8,900 Monero ($2.8M – $3.6M).