Banshee Stealer Unveiled, Corrupted Word Phishing, AI Voice Scams – Cybersecurity News [December 02, 2024]

by DuoCircle

 

The cybercriminal breed is expanding at a tremendous rate, necessitating urgent remedial measures from the relevant involved parties. Cybercriminals are also upscaling their operations and taking sufficient precautionary measures to prevent getting caught. Unfortunately, the public, who end up as unsuspecting victims, needs to pull up their socks and act responsibly to avoid becoming victims of cybersecurity fraud. This week’s cybersecurity news focuses on these aspects and aims to educate people to become more aware of the ever-evolving cyber threat landscape.

Operations Behind Banshee Stealer Shut Down

How would cybercriminals feel if they got a taste of their own medicine? The malicious actors behind the Banshee Stealer malware experienced this firsthand last week when they discovered that the Banshee Stealer source code had been leaked online. So, what did they do? They shut down their operations immediately.

What is Banshee Stealer, and why was there an urgency to shut down operations? Banshee Stealer is malware developed by state threat actors to collect data from infected macOS devices. The target data includes user passwords, system info, web browser data, passwords from keychains, and cryptocurrency wallets, such as Electrum, Wasabi Wallet, Atomic, Exodus, and Coinomi. It can steal data from almost all web browsers, including Chrome, Opera, Safari, and Firefox. 

 

malware

 

Banshee Stealer was available on cybercrime forums for a monthly subscription of $3,000. Though it is malware, it lacks sophisticated obfuscation. However, its operations were shut down last week following a source code leak online. As of now, no one knows who leaked the code and why. Cybercriminals shut down operations because the source code leak made it easier for cybersecurity researchers to analyze and develop countermeasures against this threat.

 

An Innovative Phishing Campaign Using Corrupted MS Word Documents

Cybercriminals are becoming more innovative by the day. A malware-hunting firm, Any.Run has discovered a unique phishing campaign in which malicious actors use MS Word’s file recovery feature to sneak corrupted MS Word files into emails to unsuspecting recipients. 

Generally, these emails originate from companies’ HR and payroll departments, making them look genuine. They contain MS Word documents that include the base64-encoded string “IyNURVhUTlVNUkFORE9NNDUjIw.” When you try to download and open the attachments, the files do not open. The message that the file is corrupted flashes and asks the user whether they wish to recover it.

When the user confirms the action, it displays a document, asking them to scan a QR code to retrieve it. Scanning the code leads the user to a phishing website resembling the MS login page. These file attachments bypass email security protocols because most antivirus solutions fail to apply proper procedures for such file types. They do not contain any malicious code but display a QR code. As a result, the target ends up compromising their Microsoft user credentials. The solution is to exercise caution when receiving such attachments from unknown senders. You can delete the file or confirm with your network admin before opening it.

 

email security

 

AI-generated Voices In Fake Betting Apps Stealing Sensitive Information

AI is proving to be an excellent servant but a terrible master. While AI is handy in almost every aspect of life, threat actors misuse AI capabilities to steal sensitive information. Reports have come in that cybercriminals are using AI-generated voices in fake betting apps to lure unsuspecting victims to share confidential info. What makes it more dangerous is that scammers use AI-generated voices in different languages to entice people across the globe. 

More than 1377 malicious websites and over 500 fake ads have been identified to target users globally. Numerous victims of these scams have become victims, with some losing over $10,000. Fake ads prey on human greed and entice users by promising unrealistic rewards. Ultimately, it leads to compromising personal data and financial losses.

You can use reliable sources to download apps and mitigate this risk. People should be aware that anything that promises to be too good to be true is not necessarily genuine. Overcoming greed and resisting the lure to get quick money is challenging, but that is one way of preventing becoming a victim of such fake betting apps.  

 

malicious websites

 

INTERPOL Makes Record With Over 5500 Arrests and $400M Recovery.

INTERPOL’s five-month operation, HAECHI V, has yielded fruitful results with the arrest of 5500+ cybercriminals spread over 40 countries globally. This operation targeted seven different types of cyber-enabled frauds, including e-commerce fraud, voice phishing, investment fraud, BEC, online sextortion, romance scams, and illegal online gambling. This operation has resulted in the seizure of over $400M in government-backed securities and virtual assets.

In addition, INTERPOL has tightened its screws on emerging fraud techniques such as cryptocurrency fraud practices involving USDT stablecoin. It has issued a Purple notice alerting member countries of the USDT Token Approval Scam that allows cybercriminals to access and control the victim’s cryptocurrency wallets.    

 

Protect Yourself from Romance Scams

 

Beware Of Online Scams, Follow Cybersecurity Best Practices

Black Friday has already arrived, and online shopping has heated up globally, especially with Christmas and the New Year approaching shortly. These cybersecurity awareness tips should prevent you from being scammed online. 

  1. Update your software to protect your data from known threats.
  2. Use strong passwords and change them frequently. A reliable password manager can help store them. Turning on MFA wherever available provides extra protection.
  3. Beware of phishing messages; never click on unknown links or download unsolicited attachments.
  4. Be careful when you receive requests to share online information. Report the scam to the law-enforcement authorities and delete the message completely.
  5. Check for https on the browser search bar and ensure the padlock icon is locked. It ensures encryption.
  6. Choose reputable vendors and pay using your credit cards instead of debit cards. Credit cards offer higher levels of protection.
  7. Check your accounts regularly for suspicious activity

As a result, you safeguard your credentials and avoid becoming a victim of e-commerce fraud and losing your hard-earned money.

Pin It on Pinterest

Share This