Hackers are using a devious new trick to infect your devices
Two new website domain name extensions have just been launched, and hackers are already abusing them to trick people into downloading malicious files.
JaneWalter
Hackers have long used lookalike domain names to trick people into visiting malicious websites, but now the threat posed by this tactic could be about to ramp up significantly. That’s because two new domain name extensions have been approved which could lead to an epidemic of phishing attempts.
The two new top-level domains (TLDs) that are causing such consternation are the .zip and .mov extensions. They’ve just been introduced by Google alongside the .dad, .esq, .prof, .phd, .nexus, .foo names.
Sora Shimazaki / PexelsBut the reason why .zip and .mov have generated such controversy is that they impersonate popular file extensions used on Windows and macOS computers. That makes them ripe for malevolent trickery.
Many messaging apps and social media websites automatically convert a word ending in a TLD to a website link, meaning that simply telling a friend about a file you want to send them could transform your words into a clickable URL. If a hacker has already registered that URL and is using it for nefarious purposes, your friend could be sent to a harmful website.
Bleeping Computer demonstrated the problem with an example message that read, “First extract the test.zip file and then look for test.mov. Once you have the test.mov file, double-click on it to watch the video.” If a hacker has registered the test.zip and test.mov domains, the message recipient could visit the link in the message and find themselves at risk of downloading an infected file. After all, they might naturally expect that the URL they visit will contain the file they’ve been told to download.
Already being abused
The risk isn’t just theoretical. In fact, cybersecurity firm Silent Push Labs has already seen this kind of sleight of hand out in the wild, with phishing websites being created at microsoft-office.zip and microsoft-office365.zip, which likely attempt to steal user login credentials by impersonating the official Microsoft website. Needless to say, you shouldn’t visit these websites due to the threat they pose.
While there are plenty of legitimate uses for the .zip and .mov domains, such as for file compression apps or video-streaming platforms, there also appears to be potential for abuse — something that hackers are apparently already taking advantage of.
If you see a link that ends in .zip or .mov and it appears to be linked to a large company, first research that the domain actually belongs to that company before clicking on the link. In fact, you shouldn’t visit any website or download any file sent by someone you do not trust, regardless of whether the .zip or .mov TLDs are involved. Using an antivirus app and a healthy dose of skepticism should go a long way to mitigating the myriad threats online — including from hackers making use of these new domains.
Editors' Recommendations
Microsoft just gave you a new way to stay safe from viruses This clever browser extension could banish viruses for good No, 1Password wasn’t hacked – here’s what really happened If you use this free password manager, your passwords might be at risk LastPass reveals how it got hacked — and it’s not good news
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
This devious scam app proves that Macs aren’t bulletproof
Pirated software can cause all kinds of headaches, but Mac users might have thought themselves largely immune thanks to Apple’s reputation for solid security. Yet, that complacency could prove quite problematic, as a new strain of nearly undetectable malware has shown.
According to research from security firm Jamf Threat Labs, pirated versions of Apple’s Final Cut Pro moviemaking app have been modified to contain cryptojacking payloads. When installed, the app starts using your Mac to mine the Monero cryptocurrency behind your back, potentially slowing down your machine as system resources are illegitimately gobbled up.
This major Apple bug could let hackers steal your photos and wipe your device
Apple’s macOS and iOS are often considered to be more secure than their rivals, but that doesn’t make them invulnerable. One security team recently proved that by showing how hackers could exploit Apple’s systems to access your messages, location data, and photos -- and even wipe your device entirely.
The discoveries were published on the blog of security research firm Trellix, and will be of major concern to iOS and macOS users alike, since the vulnerabilities can be exploited on both operating systems. Trellix explains that Apple patched the exploits in macOS 13.2 and iOS 16.3, which were released in January 2023, so you should update your devices as soon as you can.
Hackers used 30,000 computers for record-breaking DDoS attack
Hackers launched a record-breaking distributed denial of service (DDoS) attack over the weekend, employing a network of botnets to make requests from over 30,000 IP addresses.
While that isn't a big network of computers, the onslaught was able to exceed 71 million requests per second (rps), surpassing the previous record of 46 million rps set in June 2022 by 35%. This is what's known as a volumetric attack that consumes the target website's bandwidth by sending large amounts of data from multiple sources at once.
