Researchers Found 35 Malware on Google Play, Overall Installed 2,000,000 Times

Bitdefender experts found 35 malware in the Google Play Store that distributed unwanted ads, and which users in total downloaded more than 2,000,000 times. Let me remind you that we wrote that About 8% of apps in the Google Play Store are vulnerable to a bug in the Play Core library, and also that Mandrake… Continue reading Researchers Found 35 Malware on Google Play, Overall Installed 2,000,000 Times

New BHUNT malware hunts for cryptocurrency wallets

Bitdefender researchers talked about a new modular BHUNT malware that steals the contents of cryptocurrency wallets, passwords and secret phrases. The new malware is spreading all over the world: in Australia, Egypt, Germany, India, Indonesia, Japan, Malaysia, Norway, Singapore, South Africa, Spain and the USA. The exact mechanism for delivering malware to users’ machines is… Continue reading New BHUNT malware hunts for cryptocurrency wallets

Added utility for decrypting data after REvil attacks

The Romanian company Bitdefender has published a universal utility for decrypting data affected by REvil (Sodinokibi) ransomware attacks. The tool works for any data encrypted before July 13, 2021. However, the company has so far refused to provide any details, citing an ongoing investigation. Let me remind you that on July 13 of this year… Continue reading Added utility for decrypting data after REvil attacks

P2P botnet Interplanetary Storm accounts more than 9000 devices

Bitdefender experts gave a detailed description of the work of the P2P botnet Interplanetary Storm (aka IPStorm), which uses infected devices as a proxy. According to researchers, the botnet includes more than 9,000 hosts (according to other sources, the number of infected devices exceeds 13,500), the vast majority of which are running Android, and about… Continue reading P2P botnet Interplanetary Storm accounts more than 9000 devices

Hackers use in attacks malicious plugin for 3Ds Max

Bitdefender experts have discovered a hacker group that is attacking companies around the world using a malicious plugin for 3Ds Max. On August 10, 2020, 3Ds Max developer Autodesk posted a warning about the PhysXPluginMfx malicious module that abuses MAXScript, a scripting utility that comes with 3Ds Max. “The PhysXPluginMfx plugin is capable of performing… Continue reading Hackers use in attacks malicious plugin for 3Ds Max

Mandrake malware was hiding on Google Play for more than four years

Bitdefender experts found Mandrake spyware in the official Android app store, hiding on Google Play for four years (since 2016). The malware established full control over infected devices, collected credentials, GPS from infected devices, made screen recordings, and so on. At the same time, the malware carefully avoided infections in countries such as Ukraine, Belarus,… Continue reading Mandrake malware was hiding on Google Play for more than four years