Android Mac Security

5 New Security Threats in 2017 You Should Watch Out For

James Frew 27-11-2017

With every passing year, we entrust our digital devices to store more of our personal information, with the internet turning into the backbone of the modern world. This has brought immeasurable benefit to billions of people around the world, but it’s also opened a huge opportunity for those that want to hurt us. Crime is no longer bound by geography — someone you’ve never met, from a country you’ve never been to, may be targeting you.


Some threats we have become familiar with (phishing, viruses, and spam) are now staples of our online lives. However, each passing year brings with it a new set of technologies, with new exploits in tow. We’ve collected together some of the most important security threats of 2017, and what you can do about them.

1. Pinkslipbot

What It Is: A worm used to download additional malware, harvest banking credentials, and receive commands from a remote command-and-control server.

What It Does: Pinkslipbot aims to collect and harvest all financial and banking credentials through a collection of tools like keyloggers, MITM browser attacks, and digital certificate theft. Although Pinkslipbot has been around since 2007, McAfee discovered a newly updated variant in 2017 How to Check If You're Harboring the Pinkslipbot Malware The QakBot/Pinkslipbot banking Trojan is harvesting banking credentials, and can linger and act as a control server -- long after a security product stops its original purpose. Are you infected? Read More . The malware was first designed to harvest login credentials for online banking and other digital financial services. The new variant has been updated so that it now acts as a Trojan, a worm, and as part of a botnet Is Your PC A Zombie? And What's a Zombie Computer, Anyway? [MakeUseOf Explains] Have you ever wondered where all of the Internet spam comes from? You probably receive hundreds of spam-filtered junk emails every day. Does that mean there are hundreds and thousands of people out there, sitting... Read More . It is estimated that Pinkslipbot controls over 500,000 computers.

You Will Be Affected If: Malware can be downloaded from a number of different sources, but is often from malicious or compromised websites Which Websites Are Most Likely to Infect You with Malware? You might think that porn sites, the Dark web or other unsavory websites are the most likely places for your computer to be infected with malware. But you would be wrong. Read More . Another major infection point is phishing emails How to Spot a Phishing Email Catching a phishing email is tough! Scammers pose as PayPal or Amazon, trying to steal your password and credit card information, are their deception is almost perfect. We show you how to spot the fraud. Read More and their dangerous attachments How to Spot Unsafe Email Attachments: 6 Red Flags Reading an email should be safe, but attachments can be harmful. Look for these red flags to spot unsafe email attachments. Read More .


How to Check for It: As Pinkslipbot has been around in various forms for over a decade, most modern antivirus software should be able to immediately remove the threat. However, should you still need reassurance, McAfee has released a tool that will scan for any detect any instance of Pinkslipbot.

How to Clean It: Your antivirus should be able to remove the malware after it is detected. However, the updated 2017 variant also changes your port-forwarding options to keep your computer operational as part of its botnet. Your antivirus will likely not detect these changes and they can be hard to spot. The McAfee tool is also able to remove the malware, and if you follow the user manual, will be able to correct any port-forwarding issues Pinkslipbot created.

2. Xavier

What It Is: A malicious ad library pre-installed in a number of Android apps.


What It Does: The Xavier ad library Has Xavier Malware Infected Apps on Your Android Device?  A new vulnerability, Xavier, has been discovered on Android -- and it has been exploited for some time. Are your devices affected? And what can you do about it? Read More is part of a malvertising campaign What Is Malvertising and How Can You Prevent It? Malvertising is on the rise! Learn more about what is it, why it's dangerous, and how can you stay safe from this online threat. Read More aimed at infecting your device with malware and stealing data. The malicious ads are able to install APKs on your phone without notification on older Android devices. Xavier allows remote code execution, giving hackers full access to your phone. On top of this, it is also able to harvest your personal data, device make and model, SIM card identifiers, and a list of installed apps.

You Will Be Affected If: Trend Micro identified 75 apps that were serving Xavier malvertising to your Android phone. If you installed any of these apps then you are affected. However, the ad library was available to any Android developer and may have been served by more than just those identified by Trend Micro.

How to Check for It: Compare any apps you have installed against Trend Micro’s list. Even if you managed to avoid the listed apps, there is still a chance that you were affected. To be safe, keep an eye out for any signs your Android device has been infected with malware Has Your Android Phone Been Infected with Malware? How does malware get on an Android device? After all, most users only install apps through the Play Store, and Google keeps a tight watch over that to make sure malware doesn't squeeze through, right?... Read More .

How to Clean It: Immediately uninstall any apps Trend Micro identified as serving Xavier malvertising. You can remove them from your Google Play app library too so you don’t accidentally reinstall them in the future. To minimize the risk of infection How Does Malware Get Into Your Smartphone? Why do malware purveyors want to infect your smartphone with an infected app, and how does malware get into a mobile app in the first place? Read More , make sure to check out an app’s reviews and install apps only from reputable developers.


3. OSX/Dok Malware

What It Is: macOS-specific malware that can intercept and read all HTTPS traffic.

What It Does: By abusing a signed developer certificate, the malware is able to install without any issue. Once it has installed, it replaces your system’s AppStore Login with its own so that the malware runs every time your system reboots. It then alerts you that a security issue has been found, and asks for your admin password to update. After entering your password, the malware has administrator rights for your system. It uses this to route your internet traffic through a proxy server, and impersonate any website using fake security certificates.

You Will Be Affected If: The original infection comes from an email attachment named If you downloaded and tried to open it, the malware displays a fake “package is damaged” error message, while still copying itself into the /Users/Shared folder.


How to Check for It: The infection originates with the email attachment named If you attempted to open this file, and the above scenario sounds familiar, then you are likely infected. Apple has already revoked the original fake developer certificate. However, the malware creators have been able to find ways around this so that the threat still exists.

How to Clean It: In order to remove the infection you will need to start by quitting all open apps, especially Safari. Then you’ll need to remove the offending proxy server and LaunchAgents New OSX/Dok Malware Takes Over Your Mac: What to Do and How to Prevent It If you're a Mac user who looks down on "virus-prone" Windows users, the newly-dubbed OSX/Dok malware is a wake-up call. Here's how to prevent or remove it. Read More . Finally, removing the fake developer certificate will rid your Mac of the OSX/Dok malware. To protect yourself from infection, learn how to spot phishing emails and beware of suspicious email attachments How to Spot Unsafe Email Attachments: 6 Red Flags Reading an email should be safe, but attachments can be harmful. Look for these red flags to spot unsafe email attachments. Read More — even if they are from contacts you trust 8 Essential Email Security Tips You Should Know by Now Everyone should know these essential email security tips and put them in practice to protect their most important accounts. Read More !

4. NotPetya

What It Is: A strain of rapidly spreading ransomware that rose to prominence in 2017.

What It Does: Ransomware is a particularly vicious form of malware The Global Ransomware Attack and How to Protect Your Data A massive cyberattack has struck computers around the globe. Have you been affected by the highly virulent self-replicating ransomware? If not, how can you protect your data without paying the ransom? Read More . Once your computer is infected, the malware will encrypt all your files — on your hard drive and in the cloud Yes, Ransomware Can Encrypt Your Cloud Storage Several ransomware variants not only attack your main hard drive, but other system drives -- including cloud storage! The time has come to consider how you backup your files and where to keep them. Read More . It will then demand a ransom to be paid before unlocking them. Even once payment is made, there is no guarantee that your files will actually be released. A similar ransomware known as WannaCry hit many government institutions and large businesses globally in mid-2017.

You Will Be Affected If: Ransomware can affect anyone if you are unlucky enough to become infected. NotPetya infects computers indiscriminately Everything You Need to Know About the NotPetya Ransomware A nasty form of ransomware dubbed NotPetya is currently spreading around the world. You probably have some questions, and we definitely have some answers. Read More , paying no attention to your personal circumstances. However, as with all malware, there may be signs that your computer is infected.

How to Check for It: There is no need to check for NotPetya, or any other ransomware, they will let you know they are there. In most cases the attacker has no interest in your files — they are after the ransom money.

How to Clean It: If you become infected with NotPetya (or any other form of ransomware), do not pay the ransom Don't Pay Up - How To Beat Ransomware! Just imagine if someone showed up on your doorstep and said, "Hey, there's mice in your house that you didn't know about. Give us $100 and we'll get rid of them." This is the Ransomware... Read More . Instead, disconnect from the internet, revert to a previous System Restore point, and restore your files from a backup. In order to be protected from ransomware you need to take precautions ahead of time, like maintaining a regular backup The Windows Backup and Restore Guide Disasters happen. Unless you're willing to lose your data, you need a good Windows backup routine. We'll show you how to prepare backups and restore them. Read More . Making sure all your apps and software are fully up to date, and installing some form of antivirus software The 10 Best Free Antivirus Software No matter what computer you're using, you need antivirus protection. Here are the best free antivirus tools you can use. Read More , will also play its part in protecting you.

5. LeakerLocker

What It Is: Ransomware for your Android phone.

What It Does: Most ransomware variants infect your device, encrypt your files, then demand a ransom to unlock them again. LeakerLocker instead targets your Android phone’s lock screen Beware LeakerLocker: Ransomware That Locks Your Mobile How does $50 sound as a ransom payment? No, don't be tempted -- if your Android device has been infected by LeakerLocker, the scammers will never let you go. Here's what to do. Read More . It gathers up all data on your device and blackmails you into paying the ransom in order to unlock the device and prevent your data from being leaked.

You Will Be Affected If: McAfee discovered LeakerLocker lurking in two specific Android apps: Wallpapers Blur HD and Booster & Cleaner Pro. Cumulatively these apps had around 15,000 downloads when the malware was discovered. If you had installed either of these apps then you may have been affected. However, as previously noted, ransomware pretty quickly lets you know that it’s there.

How to Check for It: Although it was hidden inside those two specific apps, there may be other infection points that weren’t initially discovered. The malware runs on Android phones as Android/Ransom.LeakerLocker.A!Pkg. If you see this running on your device, then you have been infected by LeakerLocker.

How to Clean It: Do not pay the ransom! This is true of all ransomware, but particularly so with LeakerLocker. McAfee’s research and anecdotal evidence suggests that no user data has even been leaked by LeakerLocker. Instead, the malware may be relying on applying intense psychological pressure to make you pay. Google has already removed the offending apps from the Play Store so reinstallation isn’t possible. Installing security software on your phone Do You Need Antivirus Apps on Android? What About iPhone? Does Android need antivirus apps? What about your iPhone? Here's why smartphone security apps are important. Read More is also a good idea, and can help detect threats like LeakerLocker before they take hold.

Malware Is All Around

Ransomware has extended its reach in 2017, with more criminals attempting to con you out of money. Greater access to ransomware tools has made it easier for traditional criminals to enter the digital age Ransomware-as-a-Service Will Bring Chaos to Everyone Ransomware is moving from its roots as the tool of criminals and malefactors into a worrying service industry, in which anyone can subscribe to a ransomware service and target users like you and me. Read More . Fortunately, there are ways to protect yourself.

Following proper cyber hygiene Improve Your Cyber Hygiene in 5 Easy Steps In the digital world, "cyber hygiene" is as important as real-world personal hygiene. Regular system checks are needed, along with new, safer online habits. But how can you make these changes? Read More , and performing regular security checks 10 Security Checks Everyone Should Perform Regularly Security doesn't have to be a long-winded concern. You can spend just a few minutes here and there to secure your online life. Try these vital methods to start. Read More can be beneficial. Malware and ransomware may be the security threats of 2017, but the humble virus still lurks online too 10 Easy Ways to Never Get a Virus With a little basic training, you can completely avoid the problem of viruses and malware on your computers and mobile devices. Now you can calm down and enjoy the internet! Read More . Being aware of, and protecting yourself from, threats is much less stressful than having to enter damage control mode when the worst does happens.

Have you experienced any of these new security threats? How did you overcome them? Are there any you think we missed? Let us know in the comments!

Image Credit: kentoh/Depositphotos

Related topics: Malware, Online Security, Ransomware, Smartphone Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *