Latest news with #CheckPoint
The Citizen
3 days ago
- Business
- The Citizen
Growing concern of cybercrime amid property market resurgence
As more South Africans take advantage of favourable economic conditions and stable interest rates to apply for home loans, the real estate sector is showing promising growth. However, the property boom is overshadowed by the rising threat of online fraud: 'Firstly, the emergence of AI-powered cybercrime is increasingly undermining the integrity of property transactions,' says Jackie Smith, Head of Buyers Trust, a secure, bank-hosted deposit platform for homebuyers. 'Secondly, in a largely traditional industry where a homebuyer will simply transfer a large deposit to a third party like a conveyancer or estate agent, the risks are high,' she says, adding that a large portion of the country's estate agencies and conveyancing attorneys are SMEs who unfortunately lack the cyber infrastructure required. Data Points to Increased Risk of Online Fraud in the Home Loan Sector Cybersecurity firm ESET's latest bi-annual Threat Report indicates that South Africa endured the highest number of ransomware and infostealer attacks in Africa during the second half of 2024. And, according to reports by cybersecurity company Check Point in early 2023, 1 in every 15 organisations in Africa experienced a ransomware attempt each week — nearly double that of the global average of 1 in 31. 'These widespread attacks are aimed at individuals, small businesses and large institutions alike,' shares Smith. 'Phishing emails and fake documentation are now powered by AI, and these criminals are exploiting the complexity and speed of property deals by inserting themselves into the process.' The most recent South African Banking Risk Information Centre (SABRIC) Annual Crime Statistics show that fraudulent applications for home and mortgage loans saw a 46% increase. Actual losses over the period due to these fraudulent applications more than doubled too. Smith shares that the perpetrators conduct home loan fraud through the following methods: Misrepresent income, employment history or debt levels Use stolen or fabricated identities Inflate or fake valuations of properties Recruit of 'straw buyers' with good credit to cover the real buyer's identity Forge documentation such as payslips or bank statements 'The reality is that fraud has become a professional service, with software platforms empowering criminals with the tools they need to easily access your personal information,' continues Smith, 'Sophisticated phishing scams and convincing deepfakes are increasing our online risk – making it essential to adopt extra security measures when deciding where to place your home deposit.' Smith points to a recent case making news headlines as a prime example of the risk that general consumers face when handing over large, hard earned sums of money. 'According to the Legal Practice Fidelity Fund, over R1.4 billion has been stolen from 561 client trust funds, allegedly by the same legal professionals who were empowered to protect their clients' funds. Of these, only 59 convictions have been made in seven years, with just 25 resulting in jail time.' How to Avoid Becoming a Victim In an environment where both digital fraud and professional misconduct are rising, secure deposit handling has never been more critical. 'Too many buyers still transfer funds manually to accounts they can't independently verify,' Smith warns. 'That's why using a secure, audited, and bank-integrated platform like Buyers Trust is essential. Your deposit doesn't sit in an individual's account, it's held securely in a dedicated bank-hosted facility until the deal is finalised.' Smith shares several top tips to aid buyers as follows: Verify payment details : Validate any banking details from the bank in question before making a deposit. 'It's strongly advised that you call the person/ organisation in question (don't email them) using a number that you have sourced yourself, and not from an email footer.' : Validate any banking details from the bank in question before making a deposit. 'It's strongly advised that you call the person/ organisation in question (don't email them) using a number that you have sourced yourself, and not from an email footer.' Be vigilant: Take extra care when receiving emails with links or attachments that seem suspicious. 'In a case where its linked to a property transaction, you can once again call the provider prior to opening it to ensure that it's legitimate.' Take extra care when receiving emails with links or attachments that seem suspicious. 'In a case where its linked to a property transaction, you can once again call the provider prior to opening it to ensure that it's legitimate.' Put added security measures in place: 'Make sure that you keep your devices up to date with anti-malware software and that you choose strong passwords which are not easy for an attacker to guess.' 'Make sure that you keep your devices up to date with anti-malware software and that you choose strong passwords which are not easy for an attacker to guess.' Question authority: 'Just because someone has a title doesn't mean that they're always trustworthy. Always ask where and how your deposit is being held. 'At the end of the day, your property purchase is one of the most significant financial decisions you'll make. Don't let trust and a lack of due diligence be your biggest risks,' concludes Smith. Issued by: Jess Gois
TECHx
4 days ago
- TECHx
Check Point Uncovers Malware Targeting AI Detection Tools
Home » Emerging technologies » Cyber Security » Check Point Uncovers Malware Targeting AI Detection Tools Check Point Research has revealed the first known attempt of malware designed to manipulate AI-based security systems using prompt injection techniques. The discovery highlights a shift in cyberattack strategies as threat actors begin targeting large language models (LLMs). The malware embedded natural-language text within its code to trick AI models into misclassifying it as safe. This method specifically targeted AI-assisted malware analysis workflows. The attempt, however, was unsuccessful. Check Point reported that this marks the beginning of what it calls 'AI Evasion' a new threat category where malware aims to subvert AI-powered detection tools. The company warns that this could signal the start of adversarial tactics aimed directly at AI. Uploaded anonymously to VirusTotal in June from the Netherlands, the malware included TOR components and sandbox evasion features. What stood out was a hardcoded C++ string acting as a prompt to the AI, instructing it to act like a calculator and respond with 'NO MALWARE DETECTED.' Despite the evasion attempt, Check Point's AI analysis system correctly flagged the malware and identified the prompt injection. Key findings:• First documented use of prompt injection in malware• AI model manipulation attempts failed but raise concerns • Check Point labels the tactic as part of a new AI Evasion trend Eli Smadja, Research Group Manager at Check Point Software Technologies, stated, 'This is a wake-up call for the industry. We're seeing malware that's not just trying to evade detection it's trying to manipulate AI itself.' Check Point believes this mirrors past cybersecurity shifts, such as the evolution of sandbox evasion, and anticipates an emerging arms race between AI defenders and AI-aware attackers.
Forbes
5 days ago
- Entertainment
- Forbes
Minecraft's New Villains—This Hostile Mob Steals Everything
Minecraft's nasty new attackers. Minecraft players are under attack — but not in the usual way. A new report warns players are at risk with some real-world consequences if they're caught out. This is one of the most popular games in the world — the threat is serious. 'With approximately 65% of Minecraft's player base under the age of 21,' Check Point says, 'the platform presents an attractive target for cyber criminals looking to exploit a large, engaged, and often less-protected audience.' That last point is critical. Minecraft is hugely popular amongst kids, which is one of the least cyber aware groups around. Casual downloads from a wide array of websites haunts parents the world over. And attackers know this all too well. BBC News says 'the game seems able absorb the attention of children for up to hours at a time – no mean feat in our distraction-filled age. Some parents fear their children's interest in Minecraft can border on obsession, or even addiction, as they struggle to tear them away from the computer screen.' FEATURED | Frase ByForbes™ Unscramble The Anagram To Reveal The Phrase Pinpoint By Linkedin Guess The Category Queens By Linkedin Crown Each Region Crossclimb By Linkedin Unlock A Trivia Ladder Set against the backdrop of the game, the movie and even the Happy Meal, Check Point now warns it has 'uncovered a multistage malware campaign in which the malware itself was embedded within fake Minecraft mods, shared on GitHub to specifically target active players.' And that includes all those young players. The attack is built around 'a Java downloader, a second-stage stealer, and a final advanced stealer that harvests passwords, crypto wallets, and other sensitive data.' And while many of the players may not have much in the way of crypto and high-value passwords themselves, often the shared devices they're using will do. Check Point says more than a million Minecraft players 'actively mod Minecraft.' It has become part of the landscape, opening the door to random installs and downloads. 'Part of its appeal comes from the ability to customize and enhance the game through mods, user-created tools that improve gameplay, fix bugs, and add new content.' Check Point says this is 'likely' Russian villainy at work. 'Russian-language comments and behavior aligned with the UTC+3 time zone suggest the malware was developed by a Russian-speaking attacker.' Check Point detected a campaign against players using the Stargazers Ghost Network, which it says 'operates under a distribution-as-a-service (DaaS) model, leveraging multiple GitHub accounts to spread malicious links and malware at scale.' Masquerading as cheat tools like Oringo and Taunahi, the files 'look legitimate, targeting players seeking new tools and enhancements. In reality, they contain a Java-based downloader, a small piece of malware designed to quietly install additional malicious software on the victim's device.' The mod is coded to check whether it's operating in a virtual environment — which might mean a security analyst's machine — to avoid detection. 'If no virtual environment or analysis tools are detected, it proceeds to the next phase.' This second-stage is the download of a malware payload 'designed to steal sensitive information. This is followed by a third and final component: a more advanced spyware tool capable of harvesting credentials from web browsers, cryptocurrency wallets, and applications such as Discord, Steam, and Telegram.' The malware can even capture screenshots from a user's device and transmit this to its handlers. 'Stolen data is discreetly bundled and exfiltrated via Discord, a tactic that allows the activity to blend in with legitimate traffic.' Minecraft is the perfect 'playground for cyber criminals,' given its install base, the ease of pushing out downloads, and the cyber naivety of many users. 'Because files often appear harmless and can slip past traditional defenses, any Minecraft player is at risk.' The researchers warn users to do the following:
Economic Times
20-06-2025
- Economic Times
Minecraft players target of online criminals posing as coders, why it's a big concern and how can gamers stay safe
How does the malware gets triggered Live Events How can gamers stay safe online Use of strong passwords Regularly updating software and devices Monitoring the account activity Restricting the amount of personal info Avoid using public WIFI for gaming Backup your account information Download games from legitimate sources (You can now subscribe to our (You can now subscribe to our Economic Times WhatsApp channel The users of Minecraft are on the target of criminals posing as game coders online and tricking them into using malware designed to steal crucial data. This came to light after analysts traced two pieces of malware spread which seemed like Russian gangs on the code-sharing site GitHub, according to cybersecurity firm Check Point, ItGiving details about the malware, the researchers of Check Point said that the malware is developed by a Russian-speaking threat actor and contains several artefacts written in the Russian language, Sky News reported. The malware has been designed to steal from bank accounts, cryptocurrency wallets, browsers and other computer about the malware spread, Graeme Stewart, head of public sector at Check Point, said that it was similar to the way "gangs operate to take down retail. They create this and then they float it out for people to use it, he them as "modern-day bank heist guys," Stewart said that they are involved in all this just for the money. "They're scraping these details from Minecraft to get into people's crypto wallets, trying to steal bank details, trying to commit bank fraud," he allows users to modify the game as they play along. All players can do anything from fixing bugs to changing how the game looks. The hacking software is hidden inside the code of Minecraft modifications. They are pieces of code that permit users to change the things tend to take a wrong turn when users download the malicious code and place it into their Minecraft application. Unlike their expectations, the users don't get the ability to create "funny maps" or modify the game as promised. The next time when they load the game, the malware gets triggered and starts actively stealing data, according to getting active, the malware starts stealing names, addresses, emails, bank details from the card, he further stated. What makes this malware spread a cause of concern is the fact that of the 200 million people who play Minecraft every month, around 1 million modify the are several smooth ways through which all the gamers who actively participate in online gaming can enjoy their experience while staying safe from hackers and cyber attackers:
Time of India
20-06-2025
- Time of India
Minecraft players target of online criminals posing as coders, why it's a big concern and how can gamers stay safe
The users of Minecraft are on the target of criminals posing as game coders online and tricking them into using malware designed to steal crucial data. This came to light after analysts traced two pieces of malware spread which seemed like Russian gangs on the code-sharing site GitHub, according to cybersecurity firm Check Point, It Giving details about the malware, the researchers of Check Point said that the malware is developed by a Russian-speaking threat actor and contains several artefacts written in the Russian language, Sky News reported. The malware has been designed to steal from bank accounts, cryptocurrency wallets, browsers and other computer applications. Speaking about the malware spread, Graeme Stewart, head of public sector at Check Point, said that it was similar to the way "gangs operate to take down retail. They create this and then they float it out for people to use it, he said. Describing them as "modern-day bank heist guys," Stewart said that they are involved in all this just for the money. "They're scraping these details from Minecraft to get into people's crypto wallets, trying to steal bank details, trying to commit bank fraud," he added. How does the malware gets triggered Live Events Minecraft allows users to modify the game as they play along. All players can do anything from fixing bugs to changing how the game looks. The hacking software is hidden inside the code of Minecraft modifications. They are pieces of code that permit users to change the game. The things tend to take a wrong turn when users download the malicious code and place it into their Minecraft application. Unlike their expectations, the users don't get the ability to create "funny maps" or modify the game as promised. The next time when they load the game, the malware gets triggered and starts actively stealing data, according to Stewart. After getting active, the malware starts stealing names, addresses, emails, bank details from the card, he further stated. What makes this malware spread a cause of concern is the fact that of the 200 million people who play Minecraft every month, around 1 million modify the game. How can gamers stay safe online There are several smooth ways through which all the gamers who actively participate in online gaming can enjoy their experience while staying safe from hackers and cyber attackers: These methods include: Use of strong passwords Regularly updating software and devices Monitoring the account activity Restricting the amount of personal info Avoid using public WIFI for gaming Backup your account information Download games from legitimate sources
