The News Caravan

Tag: infects

  • US: Ransomware attack infects Dallas servers down, police website down

    US: Ransomware attack infects Dallas servers down, police website down

    [ad_1]

    Texas: US city of Dallas is working to recover from a ransomware attack that infected computer servers, which affected the city’s services, including its police department.

    Due to the attack has taken the Dallas Police Department website has gone offline but appears so far to have limited impact on city services for residents, the city said in a statement on Wednesday according to CNN.

    City officials confirmed that a number of servers have been compromised with ransomware.

    MS Education Academy

    Officials are working to contain the spread of malicious software from city computer systems and to restore any affected services, according to CNN.

    “The Dallas Police Department is being affected by an outage in the city,” Kristin Lowman, a public information officer for the department, told CNN in an email. She did not respond to a question on how the hack is affecting the Dallas Police Department.

    On Wednesday afternoon, there were reports of computer outages or connectivity issues at other Dallas government agencies.

    According to CNN, a computer system that processes records for the Dallas Court and Detention Services Department has been down since 6 am local time on Wednesday.

    A person who answered CNN’s phone at the department on Wednesday afternoon, said: “Our system went completely down so there’s not much we can see in terms of looking up people’s citations and traffic tickets.” He added that they were unsure what caused the outage.

    CNN has requested comment from the FBI and the US Cybersecurity and Infrastructure Security Agency on the Dallas hack.

    [ad_2]
    #Ransomware #attack #infects #Dallas #servers #police #website

    ( With inputs from www.siasat.com )

  • Android malware infects 60 Google Play apps with 100 mn downloads

    Android malware infects 60 Google Play apps with 100 mn downloads

    [ad_1]

    San Francisco: Google Play has been infiltrated by a new Android malware called ‘Goldoson’, which has been discovered in 60 legitimate apps with a combined total of 100 million downloads.

    The malicious malware component is integrated into a third-party library that the developers inadvertently incorporated into all sixty apps, reports BleepingComputer.

    The Android malware, discovered by McAfee’s research team, is capable of collecting a range of sensitive data, including information on the user’s installed apps, WiFi and Bluetooth-connected devices, and GPS locations.

    MS Education Academy

    Additionally, it can perform ad fraud by clicking ads in the background without the user’s consent, according to the report.

    When a user runs a Goldoson-containing app, the library registers the device and obtains its configuration from an obfuscated remote server.

    The setup specifies the data-stealing and ad-clicking functions Goldoson should do on the infected device and how frequently.

    Moreover, the report said that the data collection mechanism is commonly set to activate every two days, transmitting a list of installed apps, geographical position history, MAC addresses of devices connected via Bluetooth and WiFi, and other information to the C2 server.

    The amount of data collected is determined by the permissions granted to the infected app during installation as well as the Android version.

    Although Android 11 later are better protected against arbitrary data collection, researchers discovered that Goldoson had enough rights to acquire sensitive data in 10 per cent of the apps even in newer versions of the OS, the report mentioned.

    Ad income is generated by loading HTML code and injecting it into a customised, hidden WebView, and then using that to execute numerous URL visits.

    There is no indication of this action on the victim’s device.

    In January, Google’s Threat Analysis Group terminated thousands of accounts associated with a group known as ‘Dragonbridge’ or ‘Spamouflage Dragon’ that disseminated pro-Chinese disinformation on various platforms.

    According to the tech giant, Dragonbridge gets new Google Accounts from bulk account sellers, and at times they have even used accounts previously used by financially motivated actors repurposed for posting disinformation videos and blogs.

    [ad_2]
    #Android #malware #infects #Google #Play #apps #downloads

    ( With inputs from www.siasat.com )