Ransomware as-a-Service Offers Tiered Membership Benefits
Jokeroo is the latest ransomware-as-a-service (RaaS) to begin spreading through hacker forums, though it’s differentiating itself by requiring a membership fee with various package offerings. For just $90, a buyer obtains access to a ransomware variant that they can fully customize in exchange for a 15% service fee on any ransom payments received. Higher packages are also available that offer even more options that give the user a full dashboard to monitor their campaign, though no ransomware has yet to be distributed from the service.
Android Adware Apps are Increasingly Persistent
Several new apps on the Google Play store have been found to be responsible for constant pop-up ads on over 700,000 devices after being installed as phony camera apps. By creating a shortcut on the device and hiding the main icon, the apps are able to stay installed on the device for a considerable amount of time, as any user trying to remove the app would only delete the shortcut. Fortunately, many users have been writing poor reviews about their experiences in hopes of steering prospective users away from these fraudulent apps while they remain on the store.
Phone Scammers Disguising Themselves with DHS Numbers
People all across the U.S. have been receiving phone calls from scammers claiming to be from the Department of Homeland Security (DHS), with actual spoofed DHS phone numbers, requesting sensitive information. While phone scams aren’t new, this campaign has upped the stakes by threatening the victims with arrest if they don’t provide information or make a payment to the scammers. DHS officials have stated they will never attempt to contact individuals through outgoing phone calls.
Failed Ransomware Attack Leaves Thousands of Israeli Sites Defaced
A ransomware attack aiming to infect millions of Israeli users through a widget used in thousands of websites failed over the weekend. Though all sites began displaying pro-Palestine messages, the intended file download never took place due to a coding error that prevented execution immediately after the pop-up message. After dealing with the poisoned DNS records for the widget creator Nagich, the company was able to restore normal function within a few hours of the attack beginning.
Chicago Medical Center Exposes Patient Records
Nearly eight months after a Rush Medical Center employee emailed a file containing highly sensitive patient information to one of their billing vendors, the company began contacting affected patients and conducting an internal investigation. Rush has setup a call center to provide additional information to concerned patients and has offered all victims access to an identity monitoring service, while warning them to check their credit history for any fraudulent activity.
