Loki Bot Malware stealing corporate passwords, Air Canada warns users
Newly discovered Loki Bot Malware is spreading as a .iso extension that targets Corporate network and applications to steal passwords from Browsers, Messaging Applications, Mail & FTP Clients.
Recently it was observed by Kaspersky researchers that the malware is mainly targeting corporate networks around the world and gaining a large amount of sensitive information.
Loki Bot Malware is also capable of stealing cryptocurrency wallets and is sharing the stolen data into attacker via its Command & Control server.
Hackers are using email as a primary malware distribution medium that contains an attachment with a .iso extension.
ISO images are copies of optical discs that can be mounted in a virtual CD/DVD drive to be used in the same way as the originals.
Air Canada is also forcing all users of its Mobile+ app to change their passwords after hackers managed to access the profile information, including names, email addresses, birth dates and passport details of some customers.
The company detected unusual login behaviour through its mobile application between August 22 and 24 that might have resulted in unauthorised access to around 20,000 profiles, or approximately one percent of the app’s 1.7 million users.
“Starting August 29, 2018, we have sent emails to customers whose accounts may have been improperly accessed,” the company said on its website. “If you did not receive an email from Air Canada specifically advising you that your Air Canada mobile App account may have been improperly accessed, we are confident your account was unaffected during this period. As an additional precaution, however, we are contacting all Air Canada mobile App users requiring all users to reset their passwords.”
In addition to basic information such as name, email address and telephone number, an Air Canada customer’s profile can also include Aeroplan number, passport number, NEXUS number, Known Traveler Number, gender, birth date, nationality, passport expiration date, passport country of issuance and country of residence.
Recently it was observed by Kaspersky researchers that the malware is mainly targeting corporate networks around the world and gaining a large amount of sensitive information.
Loki Bot Malware is also capable of stealing cryptocurrency wallets and is sharing the stolen data into attacker via its Command & Control server.
Hackers are using email as a primary malware distribution medium that contains an attachment with a .iso extension.
ISO images are copies of optical discs that can be mounted in a virtual CD/DVD drive to be used in the same way as the originals.
Air Canada is also forcing all users of its Mobile+ app to change their passwords after hackers managed to access the profile information, including names, email addresses, birth dates and passport details of some customers.
The company detected unusual login behaviour through its mobile application between August 22 and 24 that might have resulted in unauthorised access to around 20,000 profiles, or approximately one percent of the app’s 1.7 million users.
“Starting August 29, 2018, we have sent emails to customers whose accounts may have been improperly accessed,” the company said on its website. “If you did not receive an email from Air Canada specifically advising you that your Air Canada mobile App account may have been improperly accessed, we are confident your account was unaffected during this period. As an additional precaution, however, we are contacting all Air Canada mobile App users requiring all users to reset their passwords.”
In addition to basic information such as name, email address and telephone number, an Air Canada customer’s profile can also include Aeroplan number, passport number, NEXUS number, Known Traveler Number, gender, birth date, nationality, passport expiration date, passport country of issuance and country of residence.
from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/2LHiXDj
Comments
Post a Comment