NYU Wordpress Theme

Parasitic Android Malware – Loapi

A newly discovered Android Malware called Loapi, which has been dubbed the “jack of all trades” to emphasize its versatility, is among other things, a cryptocurrency miner of the digital currency Monero.

Loapi is distributed through malicious third party applications and most often poses as fake antivirus software. Once installed, it attempts to take control of your phone. A lot of computing power is required to create coins, and devices are essentially hijacked once a user grants permission as part of the application install process. The phone battery will eventually begin to overheat and expand, popping out the phone’s internal components. Additionally this malware has been shown to subscribe to paid services, display an unending series of ads, and participate in distributed denial of service attacks via text messaging. Loapi also sends prompts to the user seeking assignment of administrator privileges. Once these privileges are granted, it then becomes difficult for users to to install security applications.

While not fool-proof, the best recommendation continues to be that users of both Android and Apple devices should only install applications from reliable sources, such as Google Play or Apple’s App Store. If you suspect your device has become infected, we recommend that you shut your phone down immediately, consult with your device manufacturer, and restore following a wipe of your device.

For more information, please see:

WordPress – Large Scale Brute Force Attacks Targeting Administrator Accounts

Wordfence (WordPress Security plugin developer) has detected large scale brute force attacks targeting WordPress website administrator accounts using weak, default or compromised credentials. These attacks are profit-motivated and attempt to compromise administrator login credentials to gain access to sites and embed malware designed to mine the cryptocurrency Monero to generate profit for the malicious actor(s).

Please note that if you are using wp.nyu.edu, you are protected by your unique NYU NetId login credentials and further protected by NYU Multi-Factor Authentication.  If you support web servers where clients perform their own WP installs, please make sure that they receive this notification.

For more information and recommendations, please see:

LinkedIn phishing targeting students

Phishing can come in many guises. People are familiar with emails that ask them to “confirm their details immediately” and know not to click on them. Just as common, though, are social engineering attacks that come through social media, such as Facebook and Twitter. In this case, a community member has reported an event targeting NYU students and alumni via LinkedIn messaging.  Note the initial message which uses urgency and a sort of threat to entice people to click on the link:

(linkedin messaging screen) Seems you have some haters on the NYU Community here is the article (fraudulent tinyURL link)

The link uses a URL shortener to further hide the real destination. If the person does click, they would be taken to a fake Login page , where the URL doesn’t belong to nyu.edu, and the page itself is somewhat suspect. In other cases, the URL may contain “nyu.edu” as part of the address but not the site where the page is hosted, for example: http://www.IamAcrook.com/nyu.edu

page which emulated NYU Login in order to trick people into giving away NYU username and password.


So, remember to be careful of unsolicited messages, whatever platform you get them on.