Tag Archives: malware

image_pdfimage_print

FormBook Malware: How to Protect Your Gmail and Other Data

FormBook Malware: how to protect your gmail and other data
Protect your Gmail Account FormBook malware – Jacques Gascuel: This article will be updated with any new information on the topic.

Secure Your Gmail from FormBook Attacks

FormBook is a malware that can steal your Gmail credentials, messages, and attachments. Learn how to use the Freemindtronic devices to encrypt your Gmail data and use passwordless and 2FA.

2024 Cyberculture Digital Security

Russian Cyberattack Microsoft: An Unprecedented Threat

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

How to Protect Your Gmail Account from FormBook Malware

Introduction

Imagine that you receive an email from your bank, asking you to confirm your identity by clicking on a link. You open the link, and you find yourself on a page that looks like your bank’s website, but it is actually a fake. You enter your credentials, and you think you are done. But in reality, you have just given access to your bank account to hackers, who will use it to steal your money, or worse. This is what FormBook can do, a malware that can steal your sensitive data, and that Google cannot stop. In this article, we will explain what FormBook is, how it works, and how to protect yourself from this malware.

What is FormBook and why is it a threat?

FormBook is a malware that can record your keystrokes, take screenshots, and steal your passwords, cookies, and clipboard data. It can also download and execute other malicious files on your device.

FormBook is distributed through phishing emails that contain malicious attachments. These attachments are usually disguised as invoices, receipts, or shipping confirmations. When you open them, they ask you to enable macros or content. If you do, the malware will be installed on your device.

FormBook can target any web browser, but it has a special feature for Chrome. It can inject a fake Gmail login page into your browser, and trick you into entering your credentials. The malware will then send your Gmail username and password to a remote server controlled by the hackers.

FormBook is a threat because it can compromise your Gmail account and access your personal and professional information. It can also use your Gmail account to send spam or phishing emails to your contacts, or to access other online services that are linked to your Gmail account, such as Google Drive, Google Photos, or Google Pay.

How to protect yourself from FormBook?

Google has not yet found a way to detect and block FormBook. Therefore, you need to be extra careful when you use Gmail and other online services. Here are some tips to protect yourself from FormBook and other malware:

  • Do not open or download attachments from unknown or suspicious senders. If you are not sure about the legitimacy of an email, contact the sender directly or check the official website of the company or organization.
  • Do not enable macros or content in any document unless you trust the source. Macros are small programs that can run malicious code on your device.
  • Use a strong and unique password for your Gmail account and other online accounts. Do not reuse the same password for different services. Change your password regularly and use a password manager to store and generate your passwords.
  • Enable two-factor authentication (2FA) for your Gmail account and other online accounts. 2FA adds an extra layer of security by requiring a code or a device confirmation in addition to your password.
  • Use a reputable antivirus software and keep it updated. Antivirus software can scan your device for malware and remove it. You can also use a browser extension that can block malicious websites and pop-ups.

How to encrypt your Gmail messages and attachments with DataShielder NFC HSM

DataShielder NFC HSM is a device that allows you to encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021.

With DataShielder NFC HSM, you can encrypt and decrypt your data with AES-256 keys that are randomly generated and stored in the NFC HSM. You can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM. You can also use different keys for the message and the attachment.

To encrypt your Gmail message and attachment, you need to use the EviCrypt and EviFile applications that are embedded in the DataShielder NFC HSM. These applications allow you to encrypt and decrypt your data with a simple tap of your NFC phone on the DataShielder NFC HSM. You can also share your encrypted data with other users who have the same device and the same key.

By using DataShielder NFC HSM, you can protect your Gmail messages and attachments from FormBook or any other malware that can access your Gmail account. Even if your Gmail account is hacked, your encrypted data will remain encrypted and unreadable by the hackers. Only you and the authorized recipients can decrypt your data with the DataShielder NFC HSM.

How to protect your web Gmail account with passwordless and 2FA using PassCypher NFC HSM

Do you want to manage your web accounts with complicated and complex passwords that you do not need to know, remember, or type? If yes, then you should try PassCypher NFC HSM. This device uses the EviPass NFC HSM technology, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021.

With PassCypher NFC HSM, you can create and store your usernames and passwords of more than 256-bit in the NFC HSM. Moreover, you can store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

To use PassCypher NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass and EviOTP applications that are embedded in the PassCypher NFC HSM. These applications allow you to create, edit, and delete your web accounts and OTP secret keys with a simple tap of your NFC phone on the PassCypher NFC HSM.

By using PassCypher NFC HSM, you can secure your web accounts with passwordless and 2FA. You do not need to display, know, or type your username and password. You just need to tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your web account. You also do not need to check for a typosquatting attack, since the extension will verify the URL of the website before logging in. And you do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

How to protect your Gmail account from FormBook with PassCypher NFC HSM

FormBook is a dangerous malware that can access your Gmail account and other sensitive data. Google has not yet found a solution to stop it. Therefore, you need to be vigilant and follow the best practices to protect yourself from cyberattacks. One of them is to use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA.

By using PassCypher NFC HSM, you can protect your Gmail account from FormBook or any other malware that can access your web browser. Even if your web browser is hacked, your usernames and passwords will remain encrypted and inaccessible by the hackers. Only you can decrypt your Gmail account with the PassCypher NFC HSM. And even if the hackers manage to steal your session cookies, they will not be able to log in to your Gmail account without the 2FA code that is generated by the PassCypher NFC HSM.

To use PassCypher NFC HSM with your Gmail account, you need to follow these steps:

  • Create a Gmail account in the EviPass application on the PassCypher NFC HSM. You can use the default username and password, or you can generate a random and complex password with the EviPass application.
  • Enable 2FA for your Gmail account on the Google website.
  • Choose the option to use an authenticator app, and scan the QR code with the EviOTP application on the PassCypher NFC HSM. This will store your OTP secret key in the NFC HSM.
  • Log in to your Gmail account with the Freemindtronic extension on your web browser. Tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your Gmail account. You will also see a pop-up window with the 2FA code that you need to enter on the Google website.

By following these steps, you can use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA. You can also use PassCypher NFC HSM with other web accounts that support 2FA, such as Facebook, Twitter, or Amazon. This way, you can protect yourself from FormBook and other malware that can access your web browser.

Recent statistics on FormBook

FormBook is a malware that was first discovered in 2016, but it remains very active and dangerous. According to the Check Point report on cybersecurity in 2022, FormBook was the third most widespread malware in 2021, attacking 5% of enterprise networks. It was also the most prolific infostealer malware, accounting for 16% of attacks worldwide.

FormBook spreads mainly through phishing emails that contain malicious attachments. These attachments are often RAR self-extracting archives, which are compressed files that can run malicious code when opened. The RAR files contain a legitimate document, such as a PDF or a Word file, and a hidden executable file, which is the FormBook malware. When the user opens the RAR file, the document is displayed, but the malware is also installed in the background.

FormBook can also spread through other methods, such as drive-by downloads, malicious links, or removable media. The malware can infect any Windows device, from Windows XP to Windows 10. The malware can also evade detection and removal by using various techniques, such as encryption, obfuscation, or anti-analysis.

Here are some recent statistics on FormBook, based on the data from Check Point and ANY.RUN:

  • FormBook was the most popular malware in August 2021, affecting 4.5% of organizations worldwide, followed by Trickbot and Agent Tesla, affecting respectively 4% and 3% of organizations worldwide.
  • FormBook was the fourth most common malware in 2020, according to the ranking of malware families by ANY.RUN. It accounted for 8% of the samples analyzed by the online sandboxing service.
  • FormBook was used in many phishing campaigns targeting various industries, such as defense, aerospace, health, education, finance, retail, etc. It was also used to attack Ukrainian targets during the war between Russia and Ukraine in 2022.
  • FormBook has a successor called XLoader, which appeared in 2020 and which is able to infect macOS users. XLoader is sold on the dark web for $59 for a Windows license and $49 for a macOS license.

Danger level of FormBook compared to other malware

FormBook is a very dangerous malware, because it can steal sensitive information, such as credentials, passwords, credit card numbers, 2FA codes, etc. It can also download and execute other malware, such as ransomware, banking trojans, spyware, etc. It can also remotely control the infected device and perform various malicious actions, such as deleting browser cookies, taking screenshots, restarting or shutting down the system, etc.

FormBook is also hard to detect and remove, because it uses advanced evasion techniques, such as code injection, string obfuscation, data encryption, anti-analysis, etc. It also changes frequently its name, path, and file extension, and uses random Windows registry keys to maintain its persistence.

To compare the danger level of FormBook with other known malware in its category, we can use the following criteria:

  • The number of organizations affected worldwide
  • The type and amount of information stolen
  • The ability to download and execute other malware
  • The ability to remotely control the infected device
  • The evasion techniques used
  • The ease of detection and removal

Here is a table that compares FormBook with other popular infostealer malware, such as Trickbot, Agent Tesla, LokiBot, and Raccoon:

Malware Number of organizations affected Type and amount of information stolen Ability to download and execute other malware Ability to remotely control the infected device Evasion techniques used Ease of detection and removal
FormBook 4.5% in August 2021 Credentials, passwords, credit card numbers, 2FA codes, screenshots, keystrokes, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Trickbot 4% in August 2021 Credentials, passwords, banking information, personal data, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Agent Tesla 3% in August 2021 Credentials, passwords, banking information, personal data, screenshots, keystrokes, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
LokiBot 1.5% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
Raccoon 0.8% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium

From this table, we can see that FormBook is the most dangerous infostealer malware, because it affects the most organizations, steals the most types of information, and can download and execute other malware. It is also the hardest to detect and remove, because it uses more evasion techniques than the other malware.

Forms of attacks of FormBook

FormBook can be delivered through different forms of attacks, depending on the delivery mechanism chosen by the malicious actor. Here are some forms of attacks of FormBook:

  • Phishing: FormBook can be sent by email as a malicious attachment, such as a Word, Excel, PDF, or ZIP or RAR file. The email can have a misleading subject, such as an invoice, a receipt, a contract, a job offer, etc. When the user opens the attachment, the malware runs and infects the device.
  • Exploitation of vulnerabilities: FormBook can exploit vulnerabilities in popular software, such as Microsoft Office, Windows, Adobe Reader, etc. For example, FormBook used the vulnerability CVE-2017-8570 in Microsoft Office to run malicious code from a RTF file. FormBook also used the vulnerability CVE-2021-40444 in Microsoft MSHTML to run malicious code from a CAB file.
  • Drive-by downloads: FormBook can be downloaded without the user’s knowledge when they visit a compromised or malicious website. The website can use a script or an exploit kit to trigger the download and execution of the malware on the user’s device.
  • Removable media: FormBook can be copied to removable media, such as USB drives, external hard drives, memory cards, etc. When the user connects the removable media to their device, the malware runs automatically and infects the device.
  • Social media: FormBook can be spread by messages or posts on social media, such as Facebook, Twitter, Instagram, etc. These messages or posts can contain links or images that redirect to malicious websites or infected files. When the user clicks on the link or image, the malware is downloaded and executed on their device.

Here is a type of formbook malware attacks image:

Type of Formbook MalwareAttacks

How PassCypher NFC HSM and DataShielder NFC HSM can protect you from FormBook attacks

PassCypher NFC HSM and DataShielder NFC HSM are two devices that use the EviPass NFC HSM technology from Freemindtronic, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021. These devices can help you protect your web accounts and your Gmail messages and attachments from FormBook attacks, by using passwordless, 2FA, and encryption.

PassCypher NFC HSM can create and store your usernames and passwords of more than 256-bit in the NFC HSM. It can also store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

DataShielder NFC HSM can encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021. It can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM.

To use PassCypher NFC HSM and DataShielder NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass, EviOTP, EviCrypt, and EviFile applications that are embedded in the PassCypher NFC HSM and DataShielder NFC HSM. These applications allow you to create, edit, delete, encrypt, and decrypt your web accounts, OTP secret keys, messages, and attachments with a simple tap of your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM.

By using PassCypher NFC HSM and DataShielder NFC HSM, you can secure your web accounts and your Gmail messages and attachments with passwordless, 2FA, and encryption. You do not need to display, know, or type your username, password, or encryption key. You just need to tap your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM and the extension will autofill, auto login, encrypt, or decrypt your web account, message, or attachment. You also do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

Here is a table that shows how PassCypher NFC HSM and DataShielder NFC HSM can protect you from different FormBook attack vectors, such as keylogger, password stealer, file transfer, screenshot, etc. I used a check mark or a cross mark to show visually what PassCypher NFC HSM and DataShielder NFC HSM protect.

 

FormBook PassCypher DataShielder
Keylogger ✔️ ✔️
Password stealer ✔️ ✔️
File transfer ✔️
Screenshot ✔️ ✔️
Remote control
Phishing ✔️ ✔️
Exploit kit
Drive-by download
Removable media ✔️
Social media

This table shows that PassCypher NFC HSM and DataShielder NFC HSM can protect your web accounts from FormBook’s keylogger, password stealer, and phishing, by using passwordless and 2FA. They can also protect your Gmail messages and attachments from FormBook’s file transfer and screenshot, by using encryption and decryption. DataShielder NFC HSM can also protect your data stored in computers or removable media, by using encryption and decryption. However, neither device can protect your device from FormBook’s remote control, exploit kit, drive-by download, or unsecured social media, which can compromise your system and your data. Therefore, you should also use an antivirus software and a firewall to prevent FormBook from accessing your device.

What is Juice Jacking and How to Avoid It?

what is juice jacking and how to avoid it

Juice Jacking by Jacques gascuel This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.  

How to protect yourself from Juice Jacking”

Do you often use public USB chargers to recharge your smartphone or tablet? If so, you may be exposing your device to a cyberattack called Juice Jacking. In this article, we will explain what Juice Jacking is and how to protect yourself from it.

2024 Cyberculture Digital Security

Russian Cyberattack Microsoft: An Unprecedented Threat

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

Juice Jacking: How to Avoid This Cyberattack

Do you often use public USB chargers to recharge your smartphone or tablet? If so, you may be exposing your device to a cyberattack called Juice Jacking. This is a type of attack that can steal your data or infect your device when you use a public USB charger. In this article, we will explain what Juice Jacking is and how to protect yourself from it.

What is Juice Jacking?

Juice Jacking is an attack that hackers can perform. They put malware on the public charger’s USB port. When you plug your device into the charger, the malware can access your data or infect your device.

Juice Jacking can take two forms:

  • Data theft: the malware can copy your contacts, photos, messages, passwords or any other sensitive information stored on your device.
  • Malware installation: the malware can install a program that will do malicious things to your device.

The Lack of Awareness and Protection of Juice Jacking Among Users Worldwide

One of the reasons why juice jacking is a serious threat is that many people are unaware of it or do not take precautions when using public USB ports. According to a 2019 study by the University of Illinois at Urbana-Champaign, 64% of Americans use public USB ports to charge their devices, and 15% of them do not know what juice jacking is. The study also found that only 8% of the participants used a USB data blocker or a power-only cable to protect their devices from potential attacks. A similar situation exists in other countries, such as the United Kingdom and Australia. A 2020 study by Comparitech surveyed more than 2,000 people in the UK and found that 45% of them used public USB ports to charge their devices, and 50% of them had never heard of juice jacking. A 2019 study by Finder analyzed the behavior of more than 1,000 people in Australia and found that 41% of them used public USB ports at least once a month, and 21% of them did not know what juice jacking was. These studies show that there is a need for more education and awareness on the risks and prevention of juice jacking.

How to prevent Juice Jacking?

To prevent Juice Jacking, don’t use public USB chargers. Instead, you can use your own charger or a portable battery. However, if you have no choice but to use a public charger, you can take some precautions:

  • Use a USB data blocker. This is a device that blocks the data transfer between the charger and your device. It only allows the power to pass through.
  • Turn off your device before plugging it into the charger. This may reduce the risk of data theft or infection.
  • Use a VPN app on your device. This can encrypt your data and make it harder for hackers to access it.

How to protect yourself from Juice Jacking with EviCore NFC HSM and EviCypher Technology

Juice Jacking is a cyberattack that steals or modifies your data through malicious USB chargers. You need a secure and portable encryption solution to protect yourself from this threat. EviCore NFC HSM and EviCypher technology can help you.

EviCore NFC HSM is a contactless hardware security module (HSM). It stores your sensitive data and protects it with configurable multi-factor authentication. You can access your data with your smartphone via NFC (Near Field Communication).

EviCypher is a hardware encryption device that works with EviCore NFC HSM. It encrypts and decrypts your documents, emails and messages with your smartphone. You can use it with any messaging service and enjoy an advanced electronic signature system.

With EviCore NFC HSM and EviCypher, you can avoid hackers who use malicious USB chargers. Your data are safe and secure offline, without any server or database. To learn more about this innovative technology, visit the website EviCore NFC HSM by Freemindtronic.

EviCore NFC HSM and EviCypher are products and services from Freemindtronic. Freemindtronic is a company specialized in NFC security solutions. It offers the best encryption products on the market.

A more technical explanation by ethical hackers

The Juice Jacking is a cyberattack that exploits the vulnerability of the USB ports that are used for both charging and data transfer. Ethical hackers, who are security professionals who use their skills for good, have demonstrated how this attack works and how to prevent it.

One of the first demonstrations of Juice Jacking was made by researchers from the University of Michigan in 2011 at the DEF CON hacker convention. They set up an informative kiosk on Juice Jacking to raise awareness among visitors about the danger of plugging their devices into public charging stations. When a visitor plugged in their phone, the screen turned red and displayed a warning message: “You should not trust public kiosks with your smart phoneYou should not trust public kiosks with your smart phoneYou should not trust public kiosks with your smart phone”.

The researchers also showed how malicious actors could use the kiosk to steal data, track devices, or compromise them. They also provided information on how to compromise charging kiosks.

Another demonstration was made by security researchersecurity researcher Kyle Osborn in 2012. He published an attack framework called P2P-ADB that uses a USB On-The-Go cable to connect an attacker’s phone to a victim’s device. The framework includes examples and proofs of concept that would allow hackers to unlock locked phones, steal data from a phone, including authentication keys that would allow the attacker to access the owner’s Google account.

In 2013, security researchers from Georgia Tech published a proof of concept of a malicious tool called Mactans that uses the USB charging port of an Apple mobile device. They used low-cost hardware components to build a small malicious wall charger that can inject malware into an iPhone running

In 2014, security researchers Karsten Nohl and Jakob Lell from srlabs published their research on the BadUSB attack at the Black Hat USA conference . They showed how hackers can reprogram USB devices such as flash drives or cables to act as keyboards or network cards and send commands or data to a connected device.

These demonstrations show how Juice Jacking can be performed by skilled hackers who have access to the USB ports or cables in public places. They also show how users can protect themselves by using their own chargers or batteries, using data blockers, turning off their devices, or using VPN apps.

Some examples and testimonials

Juice Jacking is a serious threat for users of public USB chargers. It can compromise your data and your device’s security. Here are some examples and testimonials that illustrate the risks of Juice Jacking:

  • In 2011, at the DEF CON hacker convention, an informative kiosk on Juice Jacking was set up to raise awareness among visitors about the danger of plugging their devices into public charging stations . When a visitor plugged in their phone, the screen turned red and displayed a warning message: “You should not trust public kiosks with your smart phone” .
  • In 2013, security researchers from Georgia Tech presented a proof of concept of a malicious wall charger that could inject malware into an iPhone running the latest version of iOS while it was being charged. The malware bypasses all the built-in security measures in iOS and hides itself in the same way that Apple hides background processes in iOS .
  • In 2019, the Los Angeles County District Attorney warned travelers about Juice Jacking in airports. He advised travelers to use electrical outlets rather than USB ports to charge their devices.
  • In 2020, a French journalist testified that she was a victim of Juice Jacking during a trip to India. She said that her phone was infected by malware after plugging it into a USB port in a hotel. The malware sent her messages asking her to pay a ransom to get her data back.

To illustrate the phenomenon of Juice Jacking further, you can also check out these videos:

  • A video explanation from ZDNet that presents Juice Jacking and its consequences.
  • A video demonstration from ETX Studio that shows how to protect yourself from Juice Jacking with a USB data blocker.
  • A video information from Slate that explains why you should not be afraid of Juice Jacking and how it is unlikely to happen.

Some scientific and statistical sources

Juice Jacking is a topic that interests security researchers and public authorities. Here are some scientific and statistical sources that address Juice Jacking:

  • An academic paper published in 2011 by researchers from the University of Michigan that analyzes the risks associated with using public USB ports and proposes solutions to reduce them.
  • A technical report published in 2014 by researchers from Johns Hopkins University that describes a method to detect and prevent Juice Jacking on Android devices.
  • A study conducted in 2017 by Kaspersky Lab that reveals that 25% of French users have already used a public USB charger and that 12% of them have already suffered a loss or theft of data as a result of such use.

Conclusion

Juice Jacking is a cyberattack that targets users of public USB chargers. It can compromise your data and your device’s security. To avoid it, you should use your own charger or battery whenever possible. If you have to use a public charger, you should use a USB data blocker, turn off your device, or use a VPN app.

We hope this article helped you understand what Juice Jacking is and how to protect yourself from it.

Protect Your Data from AMOS Malware

AMOS malware protection with Keepser NFC Cold Xallet


AMOS Malware Protection by Jacques gascuel
This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.
Related topic :
CryptBot malware

Protect Your Mac from AMOS Malware

Are you worried about the threat of AMOS malware on your Mac? Keep your data safe with Keepser Cold Wallet. Learn how this technology can protect your sensitive information from this dangerous malware.

2024 Articles Cyberculture legal Legal information News

End-to-End Messaging Encryption Regulation – A European Issue

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

2024 Crypto Currency Cryptocurrency Cyberculture Legal information

EU Sanctions Cryptocurrency Regulation: A Comprehensive Overview

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Cyberculture Legal information

Encrypted messaging: ECHR says no to states that want to spy on them

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

AMOS Malware Protection with Keepser Cold Wallet

The Threat of AMOS Malware on macOS

AMOS malware is a growing threat to macOS users. Hackers are marketing a new malware for the macOS operating system. Named Atomic Macos Stealer or AMOS, this malicious software is designed to steal user data for $1,000 per month. It extracts passwords from the keychain, steals files on disks, cookies, as well as cards and identification information stored in the browser and tries to extract data from 50 different cryptocurrency wallets. Buyers also benefit from a complete web dashboard to brute force MetaMask.

How AMOS Malware Works

AMOS is capable of accessing iCloud keychain passwords, system information, files from the desktop and documents folder, as well as the Mac password. It is able to infiltrate applications such as Chrome and Firefox and extract autofill information, passwords, cookies, wallets and credit card information. Cryptocurrency wallets such as Electrum, Binance and Atomic are specific targets.

The malware is being propagated using an unsigned disk image file called Setup.dmg. Once executed, the file prompts the victim to enter their system password on a bogus prompt. This allows the malware to escalate privileges and carry out its malicious activities. This technique is similar to that used by other macOS malware, such as MacStealer.

How to Protect Against AMOS Malware

The increase in the deployment of macOS stealer malware by non-state actors highlights the need for users to be cautious when downloading and installing software. The cybersecurity industry recommends that users only download and install software from trustworthy sources, enable two-factor authentication, review app permissions, and refrain from opening suspicious links received via email or SMS messages.

The Solution: Keepser Cold Wallet with EviVault Technology

However, there is a solution to protect your sensitive data against AMOS malware. For only €387, you can purchase two NFC Cold Wallet Keepser from Keepser Group with EviVault technology from Freemindtronic SL. These wallets allow you to store offline and physically externalized from macOS and/or PC computers the private keys and/or seed phrases of cryptocurrency wallets as well as identifier and password pairs. Thus, it will simply be impossible to extract sensitive data from a computer that is not physically present in these computers, even for this AMOS malware.

By using EviVault NFC Cold Wallet technologies from Freemindtronic embedded in Keepser products, you can protect your sensitive data against malware attacks such as AMOS or Cryptbot. These wallets also work on macOS, providing additional protection to Mac users.

The Benefits of EviVault Technology

Thanks to EviVault technology developed by Freemindtronic, the Keepser Cold Wallet is a unique ultra-secure cold storage solution for cryptocurrency wallets, offering anonymous, offline and contactless use via NFC technology, as well as compatibility with NFC Android phones and computer systems via a browser extension.

It’s like they say: “Why pay €1,000 per month to steal sensitive data when you can pay €387 one shot for AMOS malware protection without subscription to protect against it (and other malware like Cryptbot)!” 😉

It is important to take seriously the threats posed by malware such as AMOS and to take the necessary measures to protect your sensitive data. By using advanced technologies such as EviVault NFC Cold Wallet from Freemindtronic embedded in Keepser products, you can ensure that your data is secure.