The Hacker News reports that 60,000 unique apps posing as cracked versions of widely used Android applications have been leveraged to spread adware in an ongoing campaign that commenced in October.
Such fraudulent apps, most of which were detected to be distributed in the U.S., South Korea, Brazil, Germany, the UK, and France, have been downloaded through malware-hosting ad pages and do not include icons or names upon installation but facilitate stealthy malicious activity even when uninstalled, a report from Bitdefender showed.
"The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue. However, the threat actors involved can easily switch tactics to redirect users to other types of malware such as banking Trojans to steal credentials and financial information or ransomware," said Bitdefender.
The adware campaign's discovery follows CloudSEK's identification of the malicious SpinOK SDK with file exfiltration capabilities across Google Play apps that have 30 million total downloads.
Attackers impersonate Dependabot commits, an alg of "none" plagues a JWT, CISA calls for hardware bills of materials, OpenSSF lists its critical projects, Exim (finally! maybe?) has some patches, bug bounties and open source projects, and more!
Hundreds of GitHub repositories have been targeted with fraudulent commits purportedly from GitHub's free automated dependency management tool Dependabot in a bid to facilitate malicious code injections and exfiltrate sensitive project data exfiltration, reports SecurityWeek.