New Android Malware "WolfRAT" Hijack your WhatsApp, Facebook Messenger & Other Social Media Messages

New Android Malware "WolfRAT" Hijack your  WhatsApp, Facebook Messenger & Other Social Media Messages
A new Android malware has been found to exploit messaging applications such as WhatsApp and Facebook Messenger. The malware, named WolfRAT, has recently been found in campaigns aiming at Thai citizens. the malware was found to be under active development. Cybersecurity   Researchers are persuaded of the malware run by Wolf Research, a spyware company based in Germany that produces and sells state spyware. Researchers believe that the vector of the infection was through phishing links sent to phones by email and phishing links.

The server domain C2 is sited in Thailand with rebuttals to Thai food, creating a concept about what the lure might be.  "the chat contains some confidential details on chat history, WhatsApp logs, messengers and SMSs from around the globe," researchers said.

At least four major WolfRAT releases were identified by researchers, has under active development,  since January 2019. Later malware versions actively search the activities of Facebook Messenger, WhatsApp and Line. oThe malware will take a screenshot and send it to the attacker on   C2 once these apps are opened. Continuous addition and deletion of packages along with an enormous amount of unused code, "identifies an amateur strategy for creation," researchers say.

This malware is just like DenDroid Android Malware discovered in 2014, which It includes spy instructions that allow you to take photos and videos, record audio and upload photos.


Check back with the Hackers Review for the latest updates on this story



Pre-installed  Android  malware found in over  5 million Android Devices

Pre-installed  Android  malware found in over  5 million Android Devices

Malware covered up as 'wifi system' app, just about 5 million mobile devices have already been infected worldwide. Over the last 10 days, Malware alone has made its developers over $115,000. Dozens of IoT devices already were transformed into a massive Botnet network.

 The researchers believe that all devices affected were dispatched to Tian Pai, a cellphone dealer premised in Hangzhou. That malicious ads malware pushes an adware feature to all infected android smartphone, which shows ads upon this main screen of the device, either pop-up windows or full-screen advertising to gain fraudulent advertising revenue for it developer.

 CheckPoint noticed two bits of pre-installed malware compromised with Samsung , LG, Htc, Asus, Nexus, Oppo and Lenovo. Below are the affected app with the android adware 
Go to Android  Settings > application and check if any of this app is on your mobile device just uninstall 

  •  Androïd.services.securewifi
  • com.changmi.launcher
  • com.system.service.zdsgt
  • com.android.yellowcalendarz

1-800-FLOWERS Canadian Website Injected With Credit Card Stealing Malware

            1-800-FLOWERS Canadian Website Injected With Credit Card Stealing Malware
1-800-FLOWERS e-commerce platform fell victim to Magecart for over 4 years. The California Attorney General's Office reported the infringement to 1800Flowers.ca by the Canadian company which stated that over 500 Californians had been affected. In its results for the third quarter of 2018, the company announced $238.5 million.

The total number of users impacted still has not been reported, "says Stephan Chenette, AttackIQ co-founder and CTO." Pay card skimming malware remains a safety threat for retailers around the world. British Airways, Newegg, Kitronik, were victimized all this year Chenette said.

Investigation results indicate that your first and last name, payment card number, expiration date as well as card security code were included in information collected by the attacker

Check back with the Hackers Review for the latest updates on this story

Android Vulnerability StandHogg Allow Attackers to Data Mine Your Device

Android Vulnerability StandHogg Allow Attackers to Data Mine Your Device


A new StrandHogg 2.0 dubbed Android bug affects all devices running Android 9.0 and older. The bug allows malicious apps pose a legitimate application and steal information from victims. Android users need to update their devices with the latest android version as quickly as possible to guard against the attack.

 The attack enables attackers to gain access private SMS and images, steal the login details of victims, monitor GPS activities, allow and/or record phone calls, and gather intelligence via the microphone and camera of a smartphone.


Due to their code-based execution, it is hard to detect. It doesn't require root access to exploit this security vulnerabilities, it allows advanced threats even on unrooted phones, says researchers at Promon.

On 4 December 2019 Google was told of the bug, giving it more than five months to work on a fix. Google has already pushed out a patch to partners in its Android ecosystem. The update will be given to qualifying users running Android 8.0, 8.1, and 9.0

New Bluetooth Vulnerabilities Found In All Devices

New Bluetooth Vulnerabilities Found In All Devices

According to academic researchers in Switzerland, a new vulnerability in the Bluetooth protocol was discovered. This vulnerable can  enable an attacker to compromise a remotely paired user , Leaving millions of devices at risk .The attack is called BIAS, and the attacking device must be located within the wireless range of a Bluetooth vulnerable device.

 The Bluetooth Special Interest Group revised the Bluetooth Core Requirements and proposed crypto-type cross-checks. The group encouraged users to install the most recent updates from the manufacturers of their devices and systems.

It is strongly recommended by Bluetooth SIG that vendors ensure that the encryption key length is not reduced to 7 octets. Wearable devices such as smart speaker, fitness and health tracker and intelligent home helpers communicate on mobile devices with apps. 

This vulnerabilities include communicating with mobile apps via Bluetooth Low Energy devices, a type of Bluetooth used in modern gadgets. Studies have previously shown that mobile applications that work with Bluetooth devices have an incorporated architecture flaw.

Hackers Exploiting old Vulnerabilities in Magento

                            Hackers Exploiting old Vulnerabilities in Magento
According to the Federal Bureau of investigation, hackers exploiting a flaw in a plugin from Magento to hack online shops. The vulnerability found in Magneto is cross-site scripting (XSS) that allows the hacker to inject a malicious script inside the online store source code.

 Payment  Information which been recorded from user purchases is then encrypted in a Base64 format, enclosed inside a JPEG image and submitted towards the attacker server. Such form of attack is referred to as web skimming or e-skimming. 

The Plugin found with the bug is Magmi which was found three years ago more or less an update is available  Magmi-git 0.7.23 to fix XSS bug that enables initial storage access for attackers.

The FBI alert provides compromise (IOC) indicators which Magento provider can be used to prevent attachments to their websites in their web application firewalls.

         ADVICE FOR E-COMMERCE STORE MANAGERS

  • Check all applications for critical vulnerabilities and prioritize the early patching of network-connected server for identified vulnerabilities and Internet data processing tools such as web browsers.
  • Weblogs and web applications are being constantly checked and monitors for unauthorized entry, alteration and anomaly.

  • Perform network penetration checks, code integrity controls and dynamic device safety measures on websites to detect faults or misconfigurations on regular basics