July 29, Help Net Security – (International) SpyNote Android RAT builder has been leaked. Palo Alto Networks’ researchers warned that a builder for the SpyNote Android remote access trojan (RAT) is being distributed freely on several underground hacker forums and configures the RAT to contact a specific command and control (C&C) server over a specific port, removing its icon once it is installed. The malware is capable of viewing messages on infected devices, collecting device information, and exfiltrating files, among other tasks. Source
July 28, IDG News Service – (International) The AdGholas malvertising campaign infected thousands of computers per day. Proofpoint researchers reported that the group behind the malvertising operation AdGholas managed to distribute malicious advertisements through more than 100 ad exchanges, attracted between 1 million and 5 million page hits a day, and redirected up to 20 percent of computers that loaded the rogue ads to servers hosting exploit kits (EK) through the use of a series of complex checks and the use of steganography. The operation was suspended July 20. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report