Over 200 victims in Europe and beyond continue to suffer from a brand new ransomware attack demanding Bitcoin Attack.Ransom to release encrypted files . Known as Bad Rabbit , the ransomware of unknown origin demands Attack.Ransom 0.05 BTC ( $ 290 ) to unlock infected computers . Its progress focuses on Russia and Ukraine , with outbreaks also reported in Turkey and Germany , according to cybersecurity firm Kaspersky Lab . “ While the target is visiting a legitimate website , a malware dropper is being downloaded from the threat actor ’ s infrastructure , ” a report on the ransomware released Tuesday explains . “ No exploits were used , so the victim would have to manually execute the malware dropper , which pretends to be Attack.Phishing an Adobe Flash installer . We ’ ve detected a number of compromised websites , all of which were news or media websites. ” As of Thursday , it has become apparent those targets fall outside the news and media sphere , with Odessa Airport and the Kiev Metro ’ s payment system also seeing breakdowns . Bad Rabbit is just the latest cyberattack Attack.Ransom to hit Attack.Ransom the Russian and Ukrainian zone , with WannaCry and NotPetya all having left their mark over the past six months . The ransom demands Attack.Ransom from Bad Rabbit ’ s hackers are similar to those of WannaCry at around $ 300 per machine . Unlike NotPetya , however , there appears to be no attempt to wipe data from victims , whether or not they send the requisite Bitcoins Attack.Ransom . Kaspersky adds it is not yet known whether or not paying the ransomware amount Attack.Ransom results in full control being returned .

By 2021 , millions more of us will be doing our banking on smartphones and tablets , researchers say . The number of mobile bank app users is expected to leap 53 % in the next four years . So far , mobile banking has been a pretty secure experience . Mobile app breaches represented less than 3 % of all computer records hacked last year , according to the Identity Theft Research Center , a San Diego tracking firm . But don ’ t get cozy . A veritable flood of consumers is heading for mobile , according to Juniper Research . It predicts over 3 billion people around the world will be banking on mobile by 2021 — quite a lure for hackers who target financial apps . That means more people are likely to fall prey , so bank customers will need to be ready to protect their devices and their bank accounts . Criminals try to access mobile apps in a number of ways . When a mobile app communicates with a financial institution ’ s server over the internet , the app verifies the bank ’ s or credit union ’ s identity by checking its server certificate . With a man-in-the-middle attack , fraudsters will try to “ listen in ” on this network traffic , perhaps by accessing the same public Wi-Fi network as the mobile user , and attempt to send Attack.Phishing a fake bank server certificate to the mobile app . If the app accepts the fake certificate , it could let the hacker receive the user ’ s personal information . When installed on a mobile device , key logger programs secretly record a person ’ s actions as he or she uses the device . With a banking app , the malicious software could log your account names , numbers and passwords and send them to a hacker . It ’ s been around for years , but this tried and true hack is still popular with criminals , says Doug Johnson , senior vice president of payments and cybersecurity policy at the American Bankers Association . It occurs when a fraudster pretends to be Attack.Phishing a legitimate financial institution that asks a mobile user to submit private bank information . Many phishing attempts Attack.Phishing bypass mobile apps completely . A hacker could send Attack.Phishing emails telling people their account is locked and asking them to reply to the message with their account username and password . But the account isn ’ t locked , and the information a person sends would go to the criminal , not the bank .

Bitcoin-seeking hackers are using old-school tricks to socially engineer would-be cryptocurrency exchange executives , researchers warn . An attack group tied to North Korea has `` launched a malicious spear-phishing campaign Attack.Phishing using the lure Attack.Phishing of a job opening for the CFO role at a European-based cryptocurrency company , '' researchers at Secureworks Counter Threat Unit warn in a report . The CTU researchers refer to the group behind the attack as `` Nickel Academy , '' although it is perhaps better known as the Lazarus Group ( see Kaspersky Links North Korean IP Address to Lazarus ) . The group has been tied to numerous attacks , including the attempted theft of nearly $ 1 billion from the central bank of Bangladesh 's New York Federal Reserve account , leading to $ 81 million being stolen ; the WannaCry ransomware outbreak Attack.Ransom in May ; as well as the use of cryptocurrency mining malware named Adylkuzz to attack the same flaw in Windows server block messaging that WannaCry also targeted ( see Cybercriminals Go Cryptocurrency Crazy : 9 Factors ) . Security researchers say Lazarus has also been running a series of job lure phishing attacks Attack.Phishing since at least 2016 , with the latest round being delivered around Oct. 25 of this year . The malicious code has `` solid technical linkages '' to attacks previously attributed to Lazarus , CTU says ( see Report : North Korea Seeks Bitcoins to Bypass Sanctions ) . Researchers at Israeli cybersecurity startup Intezer also believe the code has been reused by Lazarus , based on a review of attack code that 's been seen in the wild since 2014 . The fake job advertisement pretends to be Attack.Phishing for Luno , a bitcoin wallet software and cryptocurrency exchange based in London , according to an analysis of the phishing messages published Tuesday by Jay Rosenberg , a senior security researcher at Intezer . Luno says it 's been alerted to the fake emails bearing Attack.Phishing its name . `` We 're aware of this issue and are investigating thoroughly , '' Luno tells ISMG . If recipients of the latest CFO job lure Attack.Phishing phishing emails open an attached Microsoft Word document , it triggers Attack.Phishing a pop-up message inviting them to enable editing functions . The CTU researchers say this is an attempt to enable macros in Word , so that a malicious macro hidden inside the document can execute . If it does , the macro creates a decoy document - the fake CFO job lure - as well as installs a first-stage remote access Trojan RAT in the background . Once the RAT is running on the victim 's PC , attackers can use it to install additional malware onto the system , such as keystroke loggers and password stealers ( see Hello ! Can You Please Enable Macros ? ) . The CTU researchers say the job listing appears to have been stolen Attack.Databreach from a legitimate CFO job listing posted to LinkedIn by a cryptocurrency firm in Asia . While the researchers say that Lazarus has done this previously , unusually in this case , some typographical errors in the original listing were expunged . The researchers add that this phishing campaign Attack.Phishing does not appear to target any specific firm or individual , but rather to be more broadly aimed . `` There are common elements in the macro and in the first-stage RAT used in this campaign with former campaigns , '' the researchers write . The custom command-and-control network code that controls infected endpoints also includes components that were seen in previous attacks tied to Lazarus , they add .

Scammers are flooding the United States with Chinese-language robocalls , causing major headaches from coast to coast . These new robocalls are a lot like the ones you ’ ve already gotten on your phone at all hours of the day and night : Your phone rings , you pick up , and after a brief pause or maybe a quiet click or beep , a prerecorded voice message meets your ears . The recording , which often sounds like a young woman , usually delivers a message about lowering credit-card rates or buying into cheap health insurance . If you fall for the bait Attack.Phishing , you ’ re transferred to a live human who will try anything to get you to hand over your credit-card or bank account info . The important thing to remember is that sales robocalls are illegal in the United States . So , don ’ t expect the person on the other end of the line to follow through on whatever deal they claim to offer . You ’ re much more likely to fall victim to an identity theft scam or credit-card fraud than to score a deal from one of these spam callers . The new Chinese-language version of these calls targets immigrants . The robocalls deliver a recorded message claiming to be Attack.Phishing from the Chinese consulate , saying the recipient is in trouble with Chinese officials , or sometimes that a package is waiting at the Chinese consulate that needs to be picked up . Then , the robocall asks for a deposit or fee , demanding a credit-card number or bank information . Sometimes the robocall or live operator who follows it makes a threat , suggesting that more trouble will come if the person doesn ’ t willingly hand over their financial info , according to the Federal Trade Commission . In New York City alone , police estimate at least 30 residents had been scammed out of $ 3 million , according to National Public Radio . The Chinese Consulate General in New York says it has posted dozens of alerts on its website warning about the scams . `` We would like to restate that the Consulate General in New York would not ask for personal information , deliver parcel pick-up notice or ask people to answer inquiries from police department by way of phone calls . The Consulate General would not ask for bank account information , '' it warned . The scammers are also upping the ante with a tech trick Attack.Phishing called “ spoofing Attack.Phishing . ” Spoofed calls can fake Attack.Phishing caller ID numbers , making them look like Attack.Phishing they ’ re coming from Attack.Phishing a familiar number , nearby area code , your hometown or in this case , the Chinese consulate , according to the Federal Communications Commission , which also issued an alert . So , even if you do n't speak Chinese , why would you get so many calls ? The scammers don ’ t know who they ’ re calling , and it costs virtually nothing to place a phone call , so if they hit a few thousand English-speaking phones for every one Chinese speaker that ’ s totally fine with them . This scam uses many of the same ploys used on unsuspecting English speakers , say in the scam where the caller pretends to be Attack.Phishing from the IRS and is demanding payments on back taxes that don ’ t really exist .

Researchers at security vendor Check Point have warned of a ransomware attack Attack.Ransom targeting HR departments . This attack Attack.Ransom is currently targeted at German speaking companies and pretends to be Attack.Phishing a job application . Researchers say that the email comes with two attachments . A covering letter which is a standard PDF and an Excel file containing the GoldenEye variant of the Petya ransomware . According to the blog , when the user opens the Excel file : “ It contains a picture of a flower with the word “ Loading… ” underneath , and a text in German asking the victim to enable content so that the macros can run ” . Once enabled the macros begin encrypting the local user files before displaying the ransom note : “ YOUR_FILES_ARE_ENCRYPTED.TXT ” The computer is then rebooted and GoldenEye begins encrypting the entire hard disk . Eventually the user is presented with a message telling them they are infected with the GoldenEye ransomware . They are asked Attack.Ransom to download the Tor Browser and pay a ransom Attack.Ransom of at least 1.3 Bitcoin ( BTC ) . The surge in value for Bitcoin at the end of 2016 has driven the price up . As of today the price of a single Bitcoin is $ 1,148 meaning that unlocking the computer will cost the user almost $ 1,500 . Interestingly the researchers believe that the malware owner is trying to get around $ 1,000 per victim . This means that with the fluctuation in the price of BTC they will have to keep adjusting their ransom demands Attack.Ransom .