Consumer Threat Notices

McAfee_consumer_1parent1daughter_tablet_cooking_72dpi-300x200-2.jpg

What You Need to Know About the Google Chrome Vulnerabilities

What You Need to Know About the Google Chrome Vulnerabilities

While you might have been preoccupied with ghosts and goblins on Halloween night, a different kind of spook began haunting Google Chrome browsers. On October 31st, Google Chrome engineers issued an urgent announcement for the browser across platforms due to two zero-day security vulnerabilities, one of which is being actively exploited in the wild (CVE-2019-13720).

So, what is the Google Chrome zero-day exploit? While there are few specific details known at this time, researchers did uncover that the bug is a use-after-free flaw, which is a memory corruption flaw that attempts to access a device’s memory after it has been freed. If this occurs, it can cause a variety of issues including program crashes, execution of malicious code, or even allowing an attacker to gain full remote access to the device.

The second of the two vulnerabilities (CVE-2019-13721) affects PDFium, a platform developed by Foxit and Google. PDFium provides developers with capabilities to leverage an open-source software library for viewing and searching for PDF documents. Like the first bug, this flaw is also a use-after-free vulnerability. However, there have been no reports of it being exploited by cybercriminals for malicious purposes yet.

Luckily, Google has quickly acknowledged the vulnerabilities and is rolling out a patch for these bugs over the coming days. Meanwhile, follow these security tips to help safeguard your data and devices:

  • Update, update, update. Be sure to install the latest Chrome browser update immediately to help mitigate any risk of falling victim to these exploits.
  • Turn on automatic updates. Practice good security hygiene by turning on automatic updates. Cybercriminals rely on unpatched software to exploit vulnerabilities, so ensure that your device software is updated as soon as patches are available.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

 

The post What You Need to Know About the Google Chrome Vulnerabilities appeared first on McAfee Blogs.

twitter47-300x169-2.jpg

Chapter Preview: Ages 11 to 17 – From Tweens to Teens

Chapter Preview: Ages 11 to 17 – From Tweens to Teens

For anyone who asks what happens during the tween through teen years, the best answer is probably, “What doesn’t happen?!”

Just so you know, I’ve been there, done that, and got the T-shirt. And I survived. My kids were the first generation to grow up on social media. Like most teens in the mid-2000s, they got their first taste with MySpace and then switched to Facebook as the masses shifted there around 2009. They also got into other platforms, like Instagram, and stuck with them while others came and went. And yes, sharing almost every facet of their lives presented many challenges. I won’t get into details here as it might embarrass my kids, but suffice it to say that mistakes were made.

Being a security and privacy practitioner, I made sure there were lots of discussions on how to use these platforms safely. The early discussions centered on privacy and the permanence of data, but eventually led to security talks as the platforms were inundated with scams and other malicious activities. As you can imagine, when my kids were tweens and teens, the internet was a different place than it is today, and I’m sure it will be very different 10 to 15 years from now.

 

This chapter of “Is Your Digital Front Door Unlocked?” steps you through what your tween and teen face as they spend an increasing amount of time online and using connected things. It expands upon some of the topics discussed earlier in the book with more of an eye towards how those topics impact this age group, while offering advice and insights on topics that often surface at this age. We tackle some big topics too, such when to get your child a smartphone, how many children will make friends that they will only know online, cyberstalking, and the secret digital life of teens that every parent should know. This chapter packs a big punch—as it should, because these are some big years for parents and kids alike.

Gary Davis’ book, Is Your Digital Front Door Unlocked?, is available September 5, 2019 and can be ordered at amazon.com.

The post Chapter Preview: Ages 11 to 17 – From Tweens to Teens appeared first on McAfee Blogs.

twitter74-300x169.jpg

3 Tips to Protect Yourself From the Office 365 Phishing Scams

3 Tips to Protect Yourself From the Office 365 Phishing Scams

Cybercriminals seem to get more and more sophisticated with their attacks, and phishing scams are no different. The McAfee Labs team has observed a new phishing campaign using a fake voicemail message to trick victims into giving up their Office 365 email credentials. During the investigation, the team has found three different phishing kits being used to exploit targets.

How exactly does this sneaky phishing scam work? It all begins when a victim receives an email stating that they’ve missed a phone call, along with a request to log into their account to access the voice message. The email also contains an attached HTML file that redirects the victim to a phishing website. This website prepopulates the victim’s email address and asks them to enter their Office 365 credentials. What’s more, the stealthy attachment contains an audio recording of someone talking, leading the victim to believe that they are listening to a legitimate voicemail.

3 Tips to Protect Yourself From the Office 365 Phishing Scams

Once the victim enters their password, they are presented with a page stating that their login was successful. The victim is then redirected to the office.com login page, leading them to believe that everything is perfectly normal. Little do they know that their credentials have just been harvested by a cybercriminal.

While this sneaky scheme has been primarily used to target organizations, there is much to be taken away from this incident, as cybercriminals often disguise themselves as businesses to phish for user data. To protect yourself from these stealthy scams, check out the following tips:

  • Go directly to the source. Be skeptical of emails claiming to be from companies with peculiar asks or messages. Instead of clicking on a link within the email, it’s best to go straight to the company’s website to check the status of your account or contact customer service.
  • Be cautious of emails asking you to take action. If you receive an email asking you to take a certain action or download software, don’t click on anything within the message. Instead, go straight to the organization’s website. This will prevent you from downloading malicious content from phishing links.
  • Hover over links to see and verify the URL. If someone sends you an email with a link, hover over the link without actually clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the email altogether.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post 3 Tips to Protect Yourself From the Office 365 Phishing Scams appeared first on McAfee Blogs.

img_1581534021300415-300x225.jpg

A Cybersecurity Horror Story: October’s Creepiest Threats and How to Stay Secure

A Cybersecurity Horror Story: October’s Creepiest Threats and How to Stay Secure

Halloween time is among us and ghosts and goblins aren’t the only things lurking in the shadows. This past month has brought a variety of spooky cyberthreats that haunt our networks and devices. From malicious malware to restricting ransomware, October has had its fair share of cyber-scares. Let’s take a look at what ghoulish threats have been leading to some tricks (and no treats) around the cybersphere this month.

Ghostcat Malware

One ghost that recently caused some hocus pocus across the Web is Ghostcat-3PC. According to SC Magazine, the malware’s goal is to hijack users’ mobile browsing sessions.

The infection begins when a user visits a particular website and is served a malicious advertisement. Ghostcat fingerprints the browser to collect device information and determines if the ad is running on a genuine webpage. Ghostcat also checks if the ad is running on an online publishers’ page that has been specifically targeted by this campaign. If these conditions are met, then the malware serves a malicious URL linked to the ad.

From there, this URL delivers obfuscated JavaScript, which creates an obscure source or machine code. The attackers behind Ghostcat use this to trick the publishers’ ad blockers, preventing them from detecting malicious content. The code also checks for additional conditions necessary for the attack, like ensuring that the malware is being run on a mobile device and a mobile-specific browser, for example. If the malware concludes that the browsing environment fits the descriptions of their target, it will serve a fraudulent pop-up, leading the user to malicious content.

Bewitched WAV Files

Ghostcat isn’t the only way malware is being spread lately, as, according to ZDNet, attackers have manipulated WAV audio files to spread malware and cryptominers. By using a technique called stenography, malware authors can hide malicious code inside of a file that appears normal, which allows hackers to bypass security software and firewalls.

Previously, cybercriminals have used stenography revolving around image file formats like PNG or JPEG. However, these crooks have now upped the ante by using WAV audio files to hide different types of malware. Most recently, researchers found that this technique is used to hide DLLs, or dynamic link libraries that contain code and data that can be used by more than one program at the same time. If malware was already present on an infected host device, it would download and read the WAV file, extract the DLL, and install a cryptocurrency miner called XMRrig. Cryptocurrency miners compile all transactions into blocks to solve complicated mathematical problems and compete with other miners for bitcoins. To do this, miners need a ton of computer resources. As a result, miners tend to drain the victim’s device of its computer processor’s resources, creating a real cybersecurity headache.

MedusaLocker Ransomware

Finally, we have the mysterious MedusaLocker ransomware. According to BleepingComputer, this threat is slithering its way onto users’ devices, encrypting files until the victim purchases a decryptor.

This strain will perform various startup routines to prep the victim’s device for encryption. Additionally, it will ensure that Windows networking is running and mapped network drives (shortcuts to a shared folder on a remote computer or server) are accessible. Then, it will shut down security programs, clear data duplicates so they can’t be used to restore files, remove backups made with Windows backup, and disable the Windows automatic startup repair.

For each folder that contains an encrypted file, MedusaLocker creates a ransom note with two email addresses to contact for payment. However, it is currently unknown how much the attackers are demanding for the victim to have their files released or if they actually provide a decryptor once they receive a payment.

With all of these threats attempting to haunt networks and devices, what can users do to help themselves have a safe and secure spooky season? Follow these tips to keep cybersecurity tricks at bay:

  • Watch what you click. Avoid clicking on unknown links or suspicious pop-ups, especially those coming from someone you don’t know.
  • Be selective about which sites you visit. Only use well-known and trusted sites. One way to determine if a site is potentially malicious is by checking its URL. If the URL address contains multiple grammar or spelling errors and suspicious characters, avoid interacting with the site.
  • If your computer slows down, be cautious. One way you can identify a cryptojacking attack – poor performance. If your device is slow or acting strange, start investigating and see if your device may be infected with malware.
  • Surf the web safely. You can use a tool like McAfee WebAdvisor, which will flag any sites that may be malicious without your knowing.
  • Use a comprehensive security solution. To secure your device and help keep your system running smoothly and safely, use a program like McAfee Total Protection.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post A Cybersecurity Horror Story: October’s Creepiest Threats and How to Stay Secure appeared first on McAfee Blogs.

img_1598927672602465-300x225.jpg

McAfee Reveals the Most Dangerous Celebrities Across the Globe

McAfee Reveals the Most Dangerous Celebrities Across the Globe

Earlier this week, we revealed McAfee’s Most Dangerous Celebrity of 2019 in the U.S., Alexis Bledel. Growing from a young actress in “Gilmore Girls” to Ofglen in “A Handmaid’s Tale,” Bledel’s rising stardom helps to explain why she topped this year’s list. But, is that the case in other parts of the world as well? It’s time to take a trip around the globe and see which celebrities are considered risky in different regions.

In McAfee’s 13th annual study on the riskiest celebrities to search for online, the stars topping each list varied from country to country. While Bledel sits at the top of the most dangerous celebrity list in the U.S., singer Camila Cabello is ranked No. 1 in Spain. In Germany, model and TV personality Heidi Klum and actress Emilia Clarke tied each other for the country’s riskiest celebrity. Caroline Flack, the host of reality dating show “Love Island,” came in No. 1 in the U.K. In France, actor/producer Jamel Debbouze topped the list of the countries most dangerous celebrities. At the top of India’s most dangerous celebrity tally is international cricketer M.S. Dhoni. And, finally, rounding out the list of the riskiest celebrities around the world are comedian, actor, and TV host John Oliver in Australia and Malaysian actress Michelle Yeoh in Singapore.

Many users don’t realize that simple internet searches of their favorite celebrities could potentially lead to malicious content, as cybercriminals often leverage these popular searches to entice users to click on dangerous links. And while this year’s list of riskiest celebrities might vary from country to country, cybercriminals’ use of trending celebrities and pop culture icons continues to be an avenue used to exploit users’ security. It’s for these reasons that users must understand the importance of taking precautions when it comes to searching for the latest news on their favorite celebrities.

So, whether you’re checking out what Alexis Bledel has been up to since “Gilmore Girls” or looking for the latest drama on “Love Island” with Caroline Flack, be a proactive fan and follow these security tips when browsing the internet:

  • Be careful what you click. Users looking for information on their favorite celebrities should be cautious and only click on links to reliable sources for downloads. The safest thing to do is to wait for official releases instead of visiting third-party websites that could contain malware.
  • Refrain from using illegal streaming sites. When it comes to dangerous online behavior, using illegal streaming sites could wreak havoc on your device. Many illegal streaming sites are riddled with malware or adware disguised as pirated video files. Do yourself a favor and stream the show from a reputable source.
  • Protect your online safety with a cybersecurity solution. Safeguard yourself from cybercriminals with a comprehensive security solution like McAfee Total Protection. This can help protect you from malware, phishing attacks, and other threats.
  • Use a website reputation tool. Use a website reputation tool such as McAfee WebAdvisor, which alerts users when they are about to visit a malicious site.
  • Use parental control software. Kids are fans of celebrities too, so ensure that limits are set for your child on their devices and use parental control software to help minimize exposure to potentially malicious or inappropriate websites.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post McAfee Reveals the Most Dangerous Celebrities Across the Globe appeared first on McAfee Blogs.

img_1597570932450895-300x225.jpg

“Gilmore Girls” Actress Alexis Bledel Is McAfee’s Most Dangerous Celebrity 2019

“Gilmore Girls” Actress Alexis Bledel Is McAfee’s Most Dangerous Celebrity 2019

You probably know Alexis Bledel from her role as the innocent book worm Rory Gilmore in network television’s “Gilmore Girls” or as shy, quiet Lena Kaligaris in the “Sisterhood of the Travelling Pants” movies. But her most recent role as Ofglen in Hulu’s acclaimed “The Handmaid’s Tale” took a bit of a darker turn. And while Bledel made this dramatic on-screen transition, her rising stardom has in turn made her a prime target for malicious search results online, leading to her coming in at the top of McAfee’s 2019 Most Dangerous Celebrities list.

For the thirteenth year in a row, McAfee researched famous individuals to reveal the riskiest celebrity to search for online or whose search results could expose fans to malicious content. Bledel is joined in the top ten most dangerous celebrities by fellow actresses Sophie Turner (No. 3), Anna Kendrick (No. 4), Lupita Nyong’o (No. 5), and Tessa Thompson (No. 10). Also included in the top ten list are late night talk show hosts James Corden (No. 2) and Jimmy Fallon (No. 6). Rounding out the rest of the top ten are martial arts master Jackie Chan (No. 7) and rap artists Lil Wayne (No. 8) and Nicki Minaj (No. 9).

“Gilmore Girls” Actress Alexis Bledel Is McAfee’s Most Dangerous Celebrity 2019

Many users don’t realize that simple internet searches of their favorite celebrities could potentially lead to malicious content, as cybercriminals often leverage these popular searches to entice users to click on dangerous links. This year’s study emphasizes that today’s streaming culture doesn’t exactly protect users from cybercriminals. For example, Alexis Bledel and Sophie Turner are strongly associated with searches including the term “torrent,” indicating that many fans of “The Handmaid’s Tale” and “Game of Thrones” have been pursuing free options to avoid subscription fees. However, users must understand that torrent or pirated downloads can open themselves up to an abundance of cyberthreats.

So, whether you’re checking out what Alexis Bledel has been up to since “Gilmore Girls” or searching for the latest production of James Corden’s “Crosswalk the Musical,” be a proactive fan and follow these security tips when browsing the internet:

  • Be careful what you click. Users looking for information on their favorite celebrities should be cautious and only click on links to reliable sources for downloads. The safest thing to do is to wait for official releases instead of visiting third-party websites that could contain malware.
  • Refrain from using illegal streaming sites. When it comes to dangerous online behavior, using illegal streaming sites could wreak havoc on your device. Many illegal streaming sites are riddled with malware or adware disguised as pirated video files. Do yourself a favor and stream the show from a reputable source.
  • Protect your online safety with a cybersecurity solution. Safeguard yourself from cybercriminals with a comprehensive security solution like McAfee Total Protection. This can help protect you from malware, phishing attacks, and other threats.
  • Use a website reputation tool. Use a website reputation tool such as McAfee WebAdvisor, which alerts users when they are about to visit a malicious site.
  • Use parental control software. Kids are fans of celebrities too, so ensure that limits are set for your child on their devices and use parental control software to help minimize exposure to potentially malicious or inappropriate websites.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post “Gilmore Girls” Actress Alexis Bledel Is McAfee’s Most Dangerous Celebrity 2019 appeared first on McAfee Blogs.

img_1614157351287194-300x300.jpg

Hack-ception: Benign Hacker Rescues 26M Stolen Credit Card Records

Hack-ception: Benign Hacker Rescues 26M Stolen Credit Card Records

There’s something ironic about cybercriminals getting “hacked back.” BriansClub, one of the largest underground stores for buying stolen credit card data, has itself been hacked. According to researcher Brian Krebs, the data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.

Most of the records offered up for sale on BriansClub are “dumps.” Dumps are strings of ones and zeros that can be used by cybercriminals to purchase valuables like electronics, gift cards, and more once the digits have been encoded onto anything with a magnetic stripe the size of a credit card. According to Krebs on Security, between 2015 and 2019, BriansClub sold approximately 9.1 million stolen credit cards, resulting in $126 million in sales.

Hack-ception: Benign Hacker Rescues 26M Stolen Credit Card Records

Back in September, Krebs was contacted by a source who shared a plain text file with what they claimed to be the full database of cards for sale through BriansClub. The database was reviewed by multiple people who confirmed that the same credit card records could also be found in a simplified form by searching the BriansClub website with a valid account.

So, what happens when a cybercriminal, or a well-intentioned hacker in this case, wants control over these credit card records? When these online fraud marketplaces sell a stolen credit card record, that record is completely removed from the inventory of items for sale. So, when BriansClub lost its 26 million card records to a benign hacker, they also lost an opportunity to make $500 per card sold.

What good comes from “hacking back” instances like this? Besides the stolen records being taken off the internet for other cybercriminals to exploit, the data stolen from BriansClub was shared with multiple sources who work closely with financial institutions. These institutions help identify and monitor or reissue cards that show up for sale in the cybercrime underground. And while “hacking back” helps cut off potential credit card fraud, what are some steps users can take to protect their information from being stolen in the first place? Follow these security tips to help protect your financial and personal data:

  • Review your accounts. Be sure to look over your credit card and banking statements and report any suspicious activity as soon as possible.
  • Place a fraud alert. If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
  • Consider using identity theft protection. A solution like McAfee Identify Theft Protection will help you to monitor your accounts and alert you of any suspicious activity

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook

The post Hack-ception: Benign Hacker Rescues 26M Stolen Credit Card Records appeared first on McAfee Blogs.

twitter14-300x169.jpg

Chapter Preview: Ages 2 to 10 – The Formative Years

Chapter Preview: Ages 2 to 10 – The Formative Years

As our children venture into toddlerhood, they start to test us a bit. They tug at the tethers we create for them to see just how far they can push us. As they grow and learn, they begin to carve out a vision of the world for themselves—with your guidance, of course, so that they can learn how to live a safe and happy life both now and as they get older.

This is true in the digital world as well.

Typically, at around age two, our kids get their first taste of playing on mommy’s or daddy’s smartphone or tablet and discover an awesome new world of devices and online activities. It’s slow at first—a couple minutes here and there—but, over time, they spend more and more of their day online. You have an opportunity when your child has their first experience with a connected device to set the tone for what’s expected. This is a deliberate teaching moment, the first of many, where you explain how to go safely online and continue to reinforce these behaviors as they grow.

Just as at home and in school, these are children’s formative years in the digital world because there’s a significant increase in their access to devices and online engagement—whether it means watching videos, playing games, interacting with educational software, or many other activities. Keeping them safe in this environment needs to be top of mind, and that includes awareness of how their initial data puddle will rapidly become a data pond during these years. We need to be aware that this pond has direct ties to our privacy, their privacy, and, ultimately, to their life in general.

This chapter of “Is Your Digital Front Door Unlocked?” lays out several topics that, if done in healthy and constructive way, will make your child’s digital journey much more enjoyable. Topics such as the importance of rules, online etiquette, and the notion of “the talk” as it relates to going online safely are discussed in detail, in the hope of providing a framework that will grow as your child grows.

It also looks at challenges that every parent should be aware of, such as cyberbullying and the impact of screen time on your child. It also introduces the risks associated with online gaming for those just getting started.

I can’t express strongly enough the importance of engagement with your child during the formative years. This chapter will give you plenty of ideas of how to go about it in a way that both you and your child will enjoy.

Gary Davis’ book, Is Your Digital Front Door Unlocked?, is available September 5, 2019 and can be ordered at amazon.com.

 

The post Chapter Preview: Ages 2 to 10 – The Formative Years appeared first on McAfee Blogs.

McAfee_consumer_1parent1daughter_tablet_cooking_72dpi-300x200.jpg

Watch Your Step: Insights on the TOMS Shoes Mailing Hack

Watch Your Step: Insights on the TOMS Shoes Mailing Hack

You’re familiar with the cybercriminals that go after users’ credit card information and look to spread malicious links, but recently, one hacker decided to send a different message. According to Vice’s Motherboard, a hacker accessed TOMS Shoes’ mailing list and sent an email encouraging users to log off and go enjoy the outdoors.

The email specifically stated, “hey you, don’t look at a digital screen all day, theres a world out there that you’re missing out on.” The hacker claimed to have compromised TOMS a while back but never had any malicious intent and felt it had been too long to disclose the breach to the authorities. Although the hacker didn’t tell Motherboard how he or she specifically gained access to the TOMS account, they did voice their frustrations with hackers who steal data from large companies and innocent civilians.

Watch Your Step: Insights on the TOMS Shoes Mailing Hack

Representatives from TOMS stated that they are actively looking into the breach and warned users to not interact with the message. And while this particular hacker had no malicious intent, users could have a potential phishing scam on their hands if these email addresses had ended up in the wrong hands.

So, whether you’re a TOMS shoe wearer or not, it’s important to stay updated on potential cyberthreats so you can recognize immediately. Here are some tips to help you avoid accidentally treading on potential phishing emails:

  • Go directly to the source. Be skeptical of emails claiming to be from companies with peculiar asks or messages. Instead of clicking on a link within the email, it’s best to go straight to the company’s website to check the status of your account or contact customer service.
  • Be cautious of emails asking you to take action. If you receive an email asking you to take a certain action or download software, don’t click on anything within the message. Instead, go straight to the organization’s website. This will prevent you from downloading malicious content from phishing links.
  • Hover over links to see and verify the URL. If someone sends you an email with a link, hover over the link without actually clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the email altogether.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Watch Your Step: Insights on the TOMS Shoes Mailing Hack appeared first on McAfee Blogs.

img_1596055875178249-300x225.jpg

Is Your Browser Haunted With Ghostcat Malware?

Is Your Browser Haunted With Ghostcat Malware?

October is finally among us, and things are spookier than usual. One ghost causing some hocus pocus across the World Wide Web is Ghostcat-3PC, a browser-hijacking malware that has launched at least 18 different malvertising campaigns in the last three months. According to SC Magazine, Ghostcat’s goal is to hijack users’ mobile browsing sessions and is specifically targeting website visitors in the U.S. and Europe.

How exactly does this ghost begin its haunting? The infection begins when a user visits a particular website and is served a malicious advertisement. When this occurs, Ghostcat fingerprints the browser, which is when information is collected about a device for the purpose of identification, to determine if the ad is running on a genuine webpage. Ghostcat also checks if the ad is running on one of the over 100 online publishers’ pages that have been specifically targeted by this campaign. If both of these conditions are met, then the malware serves a malicious URL linked to the ad.

Is Your Browser Haunted With Ghostcat Malware?

From there, this malicious URL delivers obfuscated JavaScript, which creates an obscure source or machine code. The attackers behind Ghostcat use this technique to trick the publishers’ ad blockers, preventing them from detecting malicious content. The code also checks for additional conditions necessary for the attack. These conditions include ensuring that the malware is being run on a mobile device and a mobile-specific browser, that the device is located in a targeted country, and that it is being run on a genuine website as opposed to a testing environment. If the malware concludes that the browsing environment fits the descriptions of their target, then it will serve a fraudulent pop-up, leading the user to malicious content.

So, what are some proactive steps users can take to avoid being haunted by Ghostcat? Follow these tips to avoid the malware’s hocus pocus:

  • Watch what you click. Avoid clicking on unknown links or suspicious pop-ups, especially those that come from someone you don’t know.
  • Be selective about which sites you visit. Only use well-known and trusted sites. One way to determine if a site is potentially malicious is by checking its URL. If the URL address contains multiple grammar or spelling errors and suspicious characters, avoid interacting with the site altogether.
  • Surf the web safely. You can use a tool like McAfee WebAdvisor, which will flag any sites that may be malicious without your knowing.

And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post Is Your Browser Haunted With Ghostcat Malware? appeared first on McAfee Blogs.

vox-messenger-secure-corpLogo-60x60

End-2-End Encrypted. Secure. Ad-Free.
Lightweight and Faster than the Competition.

Vox Messenger is a secure alternative to other popular chat messenger apps.

Available for Free. Whitelabel Corporate Edition Coming Soon.

All Rights Reserved - Copyright @ 2018 - Vox Messenger (a Division of Kryotech Ltd.)