Topics In Demand
Notification
New

No notification found.

Cyber Threats to Watch in 2021 (Jan-Feb 2021)
Cyber Threats to Watch in 2021 (Jan-Feb 2021)

March 31, 2021

115

0

Learn the top cybersecurity threats for 2021 and how to protect your business!

DSCI's latest threat advisory includes recent cyber threats of 2021 targeting businesses and individuals: 

  1. Rogue RAT Android Malware

  2. Magneto Website

  3. DNSmasq Software

  4. Jupyter Trojan and

  5. DreamBus Malware

Threat Identification: Rogue RAT Android Malware Synopsis:

Rogue RAT (Remote Access Trojan) is a combination of two existing malware. Can be handled by anyone even the unskilled cybercriminals the ability to attack and control the infected device using this Trojan. Execution and Propagation:

Step 1: Attacker tries to download the malware using social engineering or phishing link which can be installed to infect the device once user clicks on the downloaded link.

Step 2: Once the malware is installed, it hides its icons and presence on the device.

Step 3: Trojan verifies whether its real system or virtual one. Rogue RAT has the ability to detect a virtual environment and stop its functioning if it's not a real system.

Step 4: Next, it repeatedly asks for various permissions. Additionally, detection of any malicious activity is difficult as it silently conducts all the background operations.

Step 5: The malware registers itself as an admin and if a legitimate user tries to remove the admin permission, it displays a warning stating, “all data will be deleted or wiped completely.”

Malware Characteristics:

• Rogue malware customizes all application notifications based upon the attacker's instructions.

• It can record and listen to all the calls going in and out from the affected devices

• User actions can be recorded and collected data can be uploaded to command-andcontrol server by the malware.

• It’s possible to sell collected information and data over dark web or to other cybercriminals.

Recommendations:

• Use Mobile threat defense and anti-malware protection

• Do not click on any unknown links and attachments

• Conduct regular device scans

• Manage device permissions carefully; do not allow extra permissions to gallery, contacts, and other sensitive information.

• Always manage your admin access with strong MFA

• Monitor activity of mobile devices regularly

 

To know more cyber threats, DOWNLOAD ADVISORY.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


MediaDSCI

© Copyright nasscom. All Rights Reserved.