Hackers attack Indian healthcare website, steal 68 lakh records

Cybersecurity researchers on Monday warned of a Trojan malware campaign which is targeting India's co-operative banks using COVID-19 as a bait.

Seqrite, the enterprise arm of IT security firm Quick Heal Technologies, detected the new wave of Adwind Java Remote Access Trojan (RAT) campaign.

Researchers at Seqrite warned that if attackers are successful, they can take over the victim's device to steal sensitive data like SWIFT logins and customer details and move laterally to launch large scale cyberattacks and financial frauds.

According to the researchers, the Java RAT campaign starts with a spear-phishing email which claims to have originated from either the Reserve Bank of India or a nationalised bank.

The content of the email refers to COVID-19 guidelines or a financial transaction, with detailed information in an attachment, which is a zip file containing a JAR based malware.

Upon further investigation, researchers at Seqrite found that the JAR based malware is a Remote Access Trojan that can run on any machine which has Java runtime enabled and hence it can impact a variety of endpoints, irrespective of their base operating system.

Once the RAT is installed, the attacker can take over the victim's device, send commands from a remote machine, and spread laterally in the network.

In addition, this malware can also log keystrokes, capture screenshots, download additional payloads, and extract sensitive user information, Seqrite said, adding that such attack campaigns can effectively jeopardise the privacy and security of sensitive data at the co-operative banks and result in large scale attacks and financial frauds.

To prevent such attacks, users need to exercise ample caution and avoid opening attachments and clicking on web links in unsolicited emails.

Banks should also keep their operating systems updated and have a full-fledged security solution installed on all the devices, Seqrite advised.

London, Feb 21: Scientists have discovered a new species of land snail, and have named it Craspedotropis Greta Thunberg in honour of the Swedish activist Greta Thunberg for her efforts to raise awareness about climate change.

According to the study, published in the Biodiversity Data Journal, the newly discovered species belongs to the so-called caenogastropods -- a group of land snails known to be sensitive to drought, temperature extremes, and forest degradation.

The scientists, including evolutionary ecologist Menno Schilthuizen from Naturalis Biodiversity Center in the Netherlands, said the snails were found very close to the research field station at Kuala Belalong Field Studies Centre in Brunei.

They added that the snails were discovered at the foot of a steep hill-slope, next to a river bank, foraging at night on the green leaves of understorey plants.

The effort aided by amateur scientist J.P. Lim, who found the first individual of the snail said, "Naming this snail after Greta Thunberg is our way of acknowledging that her generation will be responsible for fixing problems that they did not create."

"And it's a promise that people from all generations will join her to help," Lim said.

The researchers said they approached Thunberg who said that she would be "delighted" to have this species named after her.

The study work including, fieldwork, morphological study, and classification of identified specimen was carried out in a field centre with basic equipment and no internet access, the scientists said.

According to the study, the work was done by untrained ‘citizen scientists’ guided by experts, on a 10-day taxon expedition.

"While we are aware that this way of working has its limitations in terms of the quality of the output (for example, we were unable to perform dissections or to do extensive literature searches), the benefits include rapid species discovery and on-site processing of materials," the researchers wrote in the study.

Consumer watchdog Which? has claimed that more than one billion Android phones and tablets are vulnerable to hackers as they no longer supported by security updates.

According to the research report, the most at-risk phones are any that run Android 4 or older and those smartphones running Android 7.0 which can not be updated are also at risk.

Based on data from Google analysed by Which?, two in five android device users around the world are no longer receiving the important updates. Currently, those devices are unlikely to have issues, but the lack of security leaves them open to attack.

"It is very concerning that expensive Android devices have such a short shelf life before they lose security support, leaving millions of users at risk of serious consequences if they fall victim to hackers," Kate Bevan editor Which? said in a statement.

"Google and phone manufacturers need to be upfront about security updates with clear information about how long they will last and what customers should do when they run out. The government must also push ahead with planned legislation to ensure manufacturers are far more transparent about security updates for smart devices and their impact on consumers," Kate added.

Android phone released around 2012 or earlier, including popular models like the Samsung Galaxy S3 and Sony Xperia S, are particularly at risk to hackers.

Which? has made suggestions to Android users on what to consider if they have an older phone that may be at risk.

Any Android device which is more than two years old, check whether it can be updated to a newer version of the operating system. If it is on an earlier version than Android 7.0 Nougat, try to update via Settings> System>Advanced System update.

In case a user is not able tto update the phone, the device could be at risk of being hacked if it is running a version of Android 4 or lower.

A user also need to be careful about downloading apps outside the Google Play store and should also install a mobile anti-virus via an app.