How to Remove Zr89YEwgl7.exe "Zr89" Spyware/Malware [Trojan:Win32/Wacatac.B!ml]

We may receive a commission for purchases made through some ads/links on this page A new data-stealing malware is on the loose! First repor...

Showing posts with label rats. Show all posts
Showing posts with label rats. Show all posts

Monday, September 28, 2020

Android Malware 'Alien' Controls Your Phone and Steals Bank Accounts

  September 28, 2020    Riserbo

After the 'Cerberus Trojan' invaded the Google Play Store earlier this year, developers released its source code in August, which was quickly used to spawn new malware running similar scripts. One of these new strains of Cerberus, dubbed 'Alien', is a remote access toolkit complete with an arsenal of keyloggers, SMS control, and information harvesting software.

Alien has been observed using local phone data to steal bank accounts in the same manner Cerberus operates, but it can also set up Team-Viewer sessions between attackers and victims to give them full control in real-time. This feature makes the new strain even more dangerous.

Use Malscope Antivirus to defend your Windows 10 computer

How it works: If you're unfortunate enough to install this malware package from infected Google Play Store apps, it will begin its invasion by prompting for admin privileges. If authorized, it will immediately start running keylogging software (to store everything you type) and it will gain access to your other apps and system settings.

Once it has set up it's data-extraction environment, Alien will begin to target individual apps and phish for passwords from its victims. In other words, it will send fake login pages designed to look like they're from a trusted app. Have you been a victim of phishing? Read more about 'spearphishing' malware here. Alien can also delete any app and install new ones (presumably to install newer, antivirus-resistant versions of itself in the future).

The last stage of an Alien Android attack involves the Team-Viewer feature mentioned previously. Attackers controlling the malware may observe infected devices through the Team-Viewer software, and directly access apps so they can find and extract more valuable data.

Targeted apps: The Alien malware is known to display phishing pages for all popular banking/cryptocurrency apps as well as the following:

  • Google Play Games
  • Google Play Store
  • Gmail
  • Facebook
  • Instagram
  • Twitter
  • Snapchat
  • Skype
  • Yahoo
  • Telegram
  • WhatsApp
  • PayPal
  • Netflix
  • Amazon
  • Ebay

(This list will be updated as more phishing pages are discovered - Scroll up and click "Subscribe" to be notified) 


How to avoid infection: Google Play has implemented new security measures which should eliminate the possibility of being infected by Alien through the Play Store. That being said, be extra careful when installing newer apps which prompt for admin privileges. Alien is also being spread through online forums and message boards. For now, it's best to avoid Android apps offered outside of the Play Store altogether.
 
Alien has been one of many malware variants targeting Android devices through Google Play Store this year. Want to learn more about Android malware? We also covered the infamous 'Joker' Trojan here.
 
Windows 10 Remote Access - RemoteLance

   / /

  2 Comments

Monday, August 3, 2020

How to Control Any Windows Computer on Your Network - The RemoteLance Tutorial

  August 03, 2020    Riserbo

Whether you're a business administrator or an individual seeking more control over their home network, being able to access and operate your computers remotely can make a huge difference when it comes to productivity. In this guide, you will learn how to access any remote Windows computer on your network. Setup takes seconds and remote connections will be persistent.

Riserbo RemoteLance Console Logo

Begin by downloading the RemoteLance console app from our website. For a full guide on using this software, check out our How-To video here:


After you've installed RemoteLance, open the RemoteLance-Server program on every computer you would like to access remotely. The server will run in the background and can be terminated through a client program. After opening the server file on your remote computers, start the client program on a PC you wish to use as a controller for the others. When first opened, the client application will prompt you for a product key. You can find this product key in your email after downloading RemoteLance. Copy and paste the key into the prompt and press enter to activate the program.

Once activated, you may connect to any computer on your network running the RemoteLance server. Just type it's local IP address (preferably IPv4) and you should form a connection within seconds. Type 'help' after connecting to get a list of commands.

Windows RemoteLance Console Help Command
To make a connection with any remote computer persistent type 'startup'. This will copy the server program to the remote user's startup location so that it will execute every time the computer is started.

Windows RemoteLance Console Persistent Command
To remotely encrypt files or directories type 'encrypt'. This will send a series of prompts asking you for custom information so you can safely encrypt particular files. Decryption is as simple as using the 'decrypt' command which sends a similar panel of prompts.

Windows RemoteLance Console Encryption Command
To permanently kill a running server on a remote computer (until the server program is re-opened), connect to that computer and use the 'terminate' or 'kill' command.

Windows RemoteLance Console Terminate Command
To explore the many other RemoteLance commands and how they work, check out our info page here. Alternatively, you can also purchase a copy of this software directly from our store.

   / /

  1 Comment

Subscribe to: Posts (Atom)