Latest news with #Malwarebytes
Daily Mirror
6 days ago
- Daily Mirror
Everyone with an Android phone put on red alert as massive new threat confirmed
Android users need to stay alert and watch out for a scary new threat. Android users are well used to being targeted by fake apps and worrying malware. However, things appear to be taking a turn for the worse with security experts confirming a huge rise in scams and attacks on these popular devices. The team at Malwarebytes says it has seen a sharp increase in Android threats since the start of 2025 with things jumping by a whopping 151% over the past few months. Some of the biggest leaps are in SMS-based malware which uses text messages in a bid to trick unsuspecting users. Smishing (SMS phishing) has also quickly become a highly effective tool for attackers . Criminals are also now using AI-generated texts which makes it faster to send out attacks along with making them harder to spot. Other threats on the rise include Banking Trojans and spyware, which are now outpacing more traditional nuisances like adware and so-called riskware. Another change is the level of sophistication now used by cyber crooks. "Threat actors are actively distributing malware through both official and unofficial app channels, often cloaking malicious apps behind layers of legitimacy," Malwarebytes explained. "Fake financial tools, predatory loan apps, and cleverly disguised 'updates' aren't just slipping through the cracks, they are being engineered with that objective in mind." One of the reasons why Android continues to be such a popular platform for attacks is that so many people are running different or older versions of this software. "With over 30% of Android devices remaining stuck on outdated operating systems, these devices are sitting ducks, because they are unable to receive critical security patches," Malwarebytes added. If you use Android then now is a good time to stay alert and watch out for scams. It also wise to follow these top tips to to keep devices safe from attacks. How to protect your Android device • Get your apps from the Google Play store whenever you can. • Be careful about the permissions you allow a new app. Does it really need those permissions for what it's supposed to do? Permissions like 'Display over other apps' should particularly raise a red flag, because they can be used to intercept login credentials. • Don't allow notifications as much as possible. Dubious ad sites often request permission to display notifications. Allowing this will increase the number of ads as they push them to the device's notification bar. • Use up-to-date and active security software on your Android.
Entrepreneur
08-07-2025
- Business
- Entrepreneur
Teen's Side Hustle Became a Multi-Hundred-Million-Dollar Business
It's the era of the side hustle, and if you've ever considered starting one to earn some extra cash outside of your 9-5, you're in good company. These days, more than one-third of U.S. adults have side hustles, and their supplemental gigs make an average of $891 a month, according to recent research from Bankrate. Of course, the most successful side-hustlers see much higher earnings, especially when they start a business that brings in nearly as much as — or significantly more than — their full-time sources of income. Marcin Kleczynski, 35, is a Bay Area-based entrepreneur who was a teenager when he "unofficially" started the side hustle that would become a cybersecurity firm. Now the CEO, he and his co-founder Bruce Harrison have grown the venture into a multi-hundred-million-dollar business. Responses have been edited for length and clarity. Image Credit: Courtesy of Malwarebytes. Marcin Kleczynski. Looking for a profitable side hustle but not sure where to start? Money Makers is a free newsletter providing helpful tips, ideas and action items to build your own lucrative venture — delivered straight to your inbox. Sign up here. What was your day job or primary occupation when you started your side hustle? Before heading off to college, I worked at a local break-fix computer shop called Computer Express. It was a small, scrappy place, but it gave me invaluable hands-on experience fixing all kinds of machines. I got to see firsthand how often people were struggling with malware and tech problems, and that experience stuck with me. It's where the idea for Malwarebytes for me was planted and started to take shape. Related: 'You Can Go Viral Overnight': This College Student and His Brother Spent $5,000 to Start a Side Hustle — Now Their Brand's Making Over $175 Million When did you start your side hustle, and where did you find the inspiration for it? Malwarebytes unofficially started in 2004, when I was still a teenager, but things really took off around 2008. The inspiration came from when I downloaded a video game from a sketchy website and ended up infecting my family computer with malware. I tried everything to fix it, but none of the big-name antivirus tools could fully clean it. That moment lit a fire in me to build a better solution. What were some of the first steps you took to get your side hustle off the ground? I started by picking up one of those classic yellow For Dummies programming books — I figured if I could learn to build a calculator, I could build something useful. From there, I released my first malware removal tool on online forums where people helped each other clean infected computers. To my surprise, it took off and became a go-to resource, eventually used by tens of millions of people. Are there any free or paid resources that have been especially helpful for you in starting and running this business? Online forums were everything. I had amazing mentors who freely offered to give feedback, answer questions and point me in the right direction. I also relied on free websites and resources to teach myself how to code. It was basically like a virtual apprenticeship and crowdsourced education, which made all the difference. If you could go back in your business journey and change one process or approach, what would it be, and how do you wish you'd done it differently? I would have professionalized the business sooner. We were a group of passionate coders, but we waited too long to bring in people with experience scaling companies. Investing in experienced leadership earlier could have saved us a lot of stress and probably helped us grow faster, too. Related: At Age 23, He Started a Side Hustle While on Welfare. It Led to a 7-Figure Business and a Stay on Richard Branson's Private Island. When it comes to this specific business, what is something you've found particularly challenging and/or surprising that people who get into this type of work should be prepared for, but likely aren't? Cybersecurity is not easy. Cybercriminals are just as scrappy as early-stage founders. They have time, money and skill, and they're constantly evolving. It's a constant back-and-forth. That makes the work high-stakes and fast-moving, which most people outside the industry don't fully appreciate. Can you recall a specific instance when something went very wrong? How did you fix it? Nearly a decade ago, we had a false positive that blocked a critical range of IP addresses, including our own update servers, as malicious. It was a major incident, but our team responded with incredible resilience. We spent days recovering and working with our customers. That experience really taught us the value of strong rollback processes and just how high the stakes are in cybersecurity. How long did it take you to see consistent monthly revenue? What does growth and revenue look like now? We started seeing revenue within days of launching our first product, and within four months, it became serious enough to make me rethink staying at university. It was an early indicator that we were solving a real problem, and people were willing to pay for it. Malwarebytes is now a several-hundred-million-dollar business — growing, profitable and serving millions of users worldwide. We've expanded from consumers to enterprises and managed service providers (MSPs), and we're continuing to scale. Related: After a 12-Year-Old's Side Hustle Made Over $4,000 in 1 Day, He and His Dad Grew the Business to Nearly $50,000 a Month: 'It Takes Commitment' What do you enjoy most about running this business? Honestly, what I enjoy most is building products and the speed at which we can scale them. Turning an idea into code, into a product, and seeing it used by millions of people within days — that's the magic. It's deeply fulfilling and never stops being exciting. What is your best piece of specific, actionable business advice? In the early days, it's all about the team. Find co-founders and early employees who are just as passionate as you are. Focus on building something great, and let the product lead the way. Then invest deeply in your early adopters — their feedback is the most valuable compass you'll have. Ready to break through your revenue ceiling? Join us at Level Up, a conference for ambitious business leaders to unlock new growth opportunities.
Dublin Live
06-07-2025
- Dublin Live
Urgent Gmail account alert with users urged not to ignore 6 important new rules
Our community members are treated to special offers, promotions and adverts from us and our partners. You can check out at any time. More info There's a new security warning for email users, with Google and Gmail accounts now under threat. These platforms are among the most secure globally, offering advanced spam filtering and safer login methods through multi-factor authentication. Despite these features safeguarding most users, it's crucial not to let your guard down. It has been confirmed that Russian hackers have recently discovered a way to circumvent some of Google's security measures, leaving some accounts vulnerable to attack, reports the Mirror. This latest risk was identified by security researchers at Google Threat Intelligence Group. It has since been confirmed that targeted attacks have already occurred, making this warning vital to heed. As many people know, Google accounts are highly secure, requiring users to use multiple methods to access services like Gmail. This includes the crucial two-factor authentication, which sends a message to a secondary device when trying to access accounts - without this code, there's no way to log in. However, it appears that Russian cyber criminals have found a way to target older phones and other devices that can't handle this additional verification step. Google provides another security method called app passwords, which are unique 16-digit codes designed to keep less modern devices safe. Experts are raising the alarm over app passwords, which bypass two-factor authentication, making them more susceptible to hacking or phishing. Malwarebytes specialists have reported that scammers employed this tactic to go after notable academics and critics of Russia. "The attackers initially made contact by posing as a State Department representative, inviting the target to a consultation in the setting of a private online conversation," Malwarebytes said. "While the target believes they are creating and sharing an app password to access a State Department platform in a secure way, they are actually giving the attacker full access to their Google account." Despite the precision of this attack, it doesn't rule out the possibility of the general public being targeted next, as hackers continually seek new methods to pilfer personal information. Malwarebytes added: "Now that this bypass is known, we can expect more social engineering attacks leveraging app-specific passwords in the future." For those worried about falling prey to such attacks, the security experts at Malwarebytes have shared tips on how to protect your account. Here's a rundown of 6 fresh guidelines everyone should adhere to: • Deploy app passwords only when they're absolutely essential. If you can switch to apps and devices that offer more robust sign-in options, do so without delay. • The recommendation to utilise MFA remains robust, however, it's important to note that not all MFA is of the same quality. Authenticator apps (like Google Authenticator) or hardware security keys (FIDO2/WebAuthn) are more resilient to attacks compared to SMS-based codes, let alone app passwords. • Regularly educate yourself and others on how to identify phishing attempts. Attackers often circumvent MFA by duping users into disclosing credentials or app passwords through phishing. • Frequently update your operating system and the apps you use to fix vulnerabilities that attackers might take advantage of. Enable automatic updates whenever feasible so you don't have to remember to do it yourself. • Keep a lookout for unusual login attempts or suspicious activity, such as logins from unfamiliar locations or devices. And restrict those logins where possible. • Employ security software that can block malicious domains and detect scams. Join our Dublin Live breaking news service on WhatsApp. Click this link to receive your daily dose of Dublin Live content. We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don't like our community, you can check out any time you like. If you're curious, you can read our Privacy Notice . For all the latest news from Dublin and surrounding areas visit our homepage.
CNET
02-07-2025
- CNET
Scam Travel Websites Are Real: What To Know Before You Book Your Trip
Summer is officially here and you might be looking to beat the heat with a trip to a popular beach or dream overseas vacation, but experts warn that online scammers are looking to take advantage of eager travelers. Vacation scams are nothing new. Travel can be expensive and people are looking to grab the best prices they can get, says Seckin Yilgoren, Mastercard's senior vice president for security solutions for North American markets. This is especially true now as many people deal are dealing with increasing economic pressures and rising inflation. The problem is, a lot of great offers out there just aren't the real thing. "Don't get me wrong, we all want the deals, but I think some are too good to be true," Yilgoren said in an interview. According to Mastercard's analysis of its transaction data, fraud related to the early stages of travel planning rose 12% in 2024 from the year before. That could partially stem from the fact that scammers are now using advanced tech, including tools powered by artificial intelligence, to create increasingly convincing fake emails, texts, social media posts and websites at a much faster rate. Researchers at the cybersecurity company Malwarebytes recently spotted a collection of online ads that when clicked on led people to fake websites. Those sites featured malicious Captcha forms that would trick people into copying, and ultimately executing, code invisible to them on their computers. That code would infect their computers with malware, allowing the attacker to remotely monitor the computers and gather sensitive and financial information, Malwarebytes said. Many consumers don't think twice about completing a Captcha test these days and the instructions included with the scam Captchas look completely normal, says David Ruiz, a privacy advocate for Malwarebytes. "It's hard to trust and know what is real and what is not," Ruiz said. How to protect yourself from travel scams Need help sorting out the great travel deals from the scams? Here are some tips from the experts. If an offer is too good to be true… Yes, we all know the saying. Admittedly, sometimes it can be tough to spot suspicious offers, but it's best to stay skeptical of any amazing travel offer. Stick with well-known booking sites, or book directly through the hotel or airline. Don't click on ads in social media or sponsored results that come up in a Google search, Ruiz says. If a travel company offers you a promotion after you've already booked, asking you to cancel and rebook, or download an app, that should also be seen as a red flag. Protect your travel accounts. The online accounts you use to book flights and hotels are prime targets for online thieves. Reward points and airline miles are as good as cash to them if they can break into your accounts, Yilgoren says. Make them pick someone else by making sure you set long, unique and random passwords for all of your accounts and always enable two-factor authentication. Need help? Try a password manager. Back up everything. When you travel, you're going to use your phone for everything from contactless payments to taking photos and carrying important documents like flight and hotel reservations. But phones can get broken, lost or stolen. Before you leave town, make sure you have backup copies of all your important information and make sure you've set your devices to also backup the photos you take along the way. Beware of fake CAPTCHAs. A site asking you to prove you're a human by clicking on pictures of motorcycles is probably fine. But if it asks you to copy and paste something, especially text you can't see, stay away. Think about a VPN. In the age of end-to-end encryption, the odds of a cybercriminal intercepting your online traffic and being able to use it for nefarious means are pretty slim. Still, a virtual private network (VPN) can provide you some extra security, especially if you're traveling in countries where government or criminal online surveillance is a concern. Prep your credit cards for travel. It never hurts to call your bank ahead of your trip, so they don't flag your vacation spending as suspicious. Make sure you have a backup card in case your main one gets lost or stolen. Ideally, you should store it in a different bag, just in case your pocket gets picked. Use contactless payments whenever possible and set up account alerts. Make sure you know your card PIN, especially if you're traveling overseas where they're used more often, Yilgoren says. Limit your digital footprint. There's no shortage of personal tidbits online about the average person, giving online attackers plenty of material to use in customized scams. Give them less to work with by limiting the information you put online. Lock down your social media accounts and think before you hand over personal data when doing things like online shopping. When it comes to travel, consider not posting your photos online until after you leave and resist the temptation to tell the world where you're headed next, Yilgoren says.
Forbes
01-07-2025
- Forbes
Android Warning For 3.3 Billion Users As SMS Attacks Surge
Android SMS attacks surge by 692%. That Android's 3.3 billion users face a myriad of cyber threats is not a surprise to anyone. There's malware that can steal your photo gallery, the UNC6040 attacks that prompted Google to issue a threat intelligence warning, and, of course, the multitude of AI-powered attack threats. But, at the center of all of this cyberattack activity sits one thing: SMS. Google has already issued advice on how to mitigate the dangers of recent SMS Blaster attacks, where the hacker doesn't even need to know your phone number. Now, a Malwarebytes threat analysis has uncovered an alarming 692% surge in SMS-based attacks against Android users. Here's what you need to know. Android Threat Landscape Enters New And Dangerous Phase According to threat intelligence analysts at Malwarebytes, the Android threat landscape is not just evolving, it is entering an entirely new phase of its evolution. Pieter Arntz, a malware intelligence researcher at Malwarebytes, this represents 'an era marked not just by volume, but by coordination and precision.' Android attackers aren't 'throwing malware at users and hoping for results,' Arntz warned, but they are 'building ecosystems.' The June 30 Malwarebytes Labs report analyzed Android threats across the first six months of 2025, and found that Android threats as a whole have risen by 151%. However, it's when you start digging into the specific threat types that some worrying trends emerge. Spyware has seen 147% increase, with February and March taking the biggest brunt as a 4 times multiplication of the baseline was observed. But it is the SMS attack landscape that worries me, and Arntz, the most. Between April and May there was an incredible 692% surge in SMS-based malware attacks. Although there are seasonal factors to consider, with it being the tax seasons and all, Arntz said the surge was 'a jump that we can't just chalk up to coincidence.' Instead, Arntz sees this as reflecting a shift in strategy from the attackers who are scaling their operations to exploit 'both human psychology and systemic weak points.' Android attackers are 'playing the long game now — developing monetization strategies for every type of data they can harvest; every user behavior they can exploit,' Shahak Shalev, senior director of research and development for online platforms at Malwarebytes, warned. Mitigating The Android SMS Attack Surge To protect yourself, and your Android devices, from the latest SMS attacks, you should employ the following mitigations: Always use the official Google Play store to download your Android apps. Take care when granting permissions to a new app. Permissions like 'Display over other apps' should particularly raise a red flag, Arntz warns, as they can be used to intercept login credentials. SMS Blaster attacks us 2G networks, so disable 2G from your Android settings. Run a Google Security Checkup on your Android smartphone to ensure your Google account, a prime target for attackers, is as secure as possible.
