Skip to content

Gotham Security Daily Threat Alerts

by on June 20, 2014

June 19, Help Net Security – (International) Scan of Google Play apps reveals thousands of secret keys. Researchers with Columbia University used an automated tool called PlayDrone to scan, download, and decompile over 880,000 apps from the Google Play app store and found that several app developers often leave secret authentication keys embedded in the apps, potentially allowing attackers to steal user data or server resources, among other findings. Source:

June 19, Help Net Security – (International) Code hosting Code Spaces destroyed by extortion hack attack. Cloud code hosting service Code Spaces announced that it was forced to shut down its business after attackers deleted most of its stored code and backups after a ransom that accompanied a distributed denial of service (DDoS) attack was not paid. Source:

June 19, Softpedia – (International) Simplocker changes attack vectors. Researchers from ESET and Kaspersky found that several variants of the Simplocker ransomware were developed and that some attackers are using a trojan downloader known as Android/TrojanDownloader.FakeApp to attempt to infect victims. The ransomware is currently most prevalent in Ukraine and Russia and demands ransoms in those countries’ currencies. Source:

June 19, Help Net Security – (International) Bitcoin miner lurking on Facebook. Bitdefender researchers spotted a new Bitcoin mining malware campaign that utilizes Facebook messages to send users a malicious file that downloads .DLL files which embed a Bitcoin mining program on victims’ systems. The delivered payload can be changed by attackers as well, potentially allowing other forms of malware to be added to infected systems. Source:

June 19, Softpedia – (International) Ancestry services crippled by DDoS attack. Servers belonging to and several of its services were affected by a distributed denial of service (DDoS) attack that began June 16 and continued to cause issues for users June 19. Users reported that the site was only accessible intermittently and the site recommended that users switch to offline mode until the issue is resolved. Source:

June 18, Dark Reading – (International) Malicious Google Play clone steals banking credentials. Google and FireEye worked to take down email addresses associated with a piece of banking malware that imitates the Google Play icon in Android devices and steals users banking and personal information. The malware was spotted by only 3 of 51 security programs and appears to currently be targeting Korean-speaking users. Source:

From → Security

Comments are closed.

%d bloggers like this: