{"id":4518,"date":"2021-10-04T08:00:00","date_gmt":"2021-10-04T06:00:00","guid":{"rendered":"https:\/\/xopero.com\/blog\/?p=4518"},"modified":"2023-12-07T12:08:57","modified_gmt":"2023-12-07T11:08:57","slug":"grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug","status":"publish","type":"post","link":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/","title":{"rendered":"GriftHorse malware \/ New Windows domains backdoor \/  iPhone Apple Pay + Visa bug"},"content":{"rendered":"\n<p>Welcome to&nbsp;<a href=\"https:\/\/xopero.com\/blog\/en\/category\/security-center\/\" target=\"_blank\" rel=\"noreferrer noopener\">Security Center<\/a>&nbsp;\u2013 our weekly update on the most devastating cyberattacks, high-severity vulnerabilities, and biggest data leaks \u2013 precisely selected by our editors.<\/p>\n\n\n\n<p>Don\u2019t miss it out!&nbsp;<a href=\"https:\/\/xopero.com\/newsletter\/\" target=\"_blank\" rel=\"noreferrer noopener\">Sign up now<\/a>&nbsp;and have it delivered to your inbox each Monday to start a week safe and sound. Additionally, you will receive a portion of the hottest company news and access to selected technical articles written by our experts with advice and tricks for more effective protection of your IT infrastructure.<\/p>\n\n\n\n<p>In the meantime, let\u2019s check what happened in the cyber-world last week.<\/p>\n\n\n\n<!--more-->\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<a name=\"paragraph-1\"><\/a>\n\n\n<h2 class=\"wp-block-heading\" id=\"grifthorse-android-malware-hit-10-million-devices-in-70-countries\"><strong>GriftHorse Android malware hit 10 million devices in 70 countries<\/strong><\/h2>\n\n\n<p>In this new financial scam, bad actors are using a trojan called GriftHorse. After infecting the device, the apps bombard the phone with deceptive alerts, offering a free gift to the user after clicking on it. These then redirect the users to a geo-specific webpage to submit their phone numbers to verify, but in reality, they submit their numbers to a premium SMS service that will charge their phone bill for more than $42 (\u00a330 \u2013\u20ac36) per month.<\/p>\n\n\n\n<p>Scammers had created around 200 authentic-looking applications for a varied set of categories, including lifestyle, tools, entertainment, dating, and personalization &#8211; making this campaign the most widespread scam discovered in 2021.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.hackread.com\/grifthorse-android-malware-70-countries\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Read more<\/a><\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<a name=\"paragraph-2\"><\/a>\n\n\n<h2 class=\"wp-block-heading\" id=\"nobelium-uses-custom-malware-to-backdoor-windows-domains\"><strong>Nobelium uses custom malware to backdoor Windows domains<\/strong><\/h2>\n\n\n<p>Microsoft has discovered new malware used by the Nobelium hacking group &#8211; the threat actor behind last year&#8217;s SolarWinds supply-chain attack &#8211; to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers. The malware, dubbed by Microsoft researchers FoggyWeb, is a passive and highly targeted backdoor that abuses the Security Assertion Markup Language (SAML) token. It is designed to help the attackers remotely exfiltrate sensitive information from compromised AD FS servers by configuring HTTP listeners for actor-defined URIs to intercept GET\/POST requests sent to the AD FS server matching the custom URI patterns.<\/p>\n\n\n\n<p>Organizations that believe they might&#8217;ve been breached or compromised are advised to audit on-premises and cloud infrastructure, including configuration, per-user and per-app settings, forwarding rules, and other changes the actor might have made to maintain their access. Then additionally remove user and app access, review configurations for each, and re-issue new, strong credentials and use a hardware security module (HSM).<\/p>\n\n\n\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-nobelium-uses-custom-malware-to-backdoor-windows-domains\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Read more<\/a><\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<a name=\"paragraph-3\"><\/a>\n\n\n<h2 class=\"wp-block-heading\" id=\"researchers-discover-bypass-bug-in-iphone-apple-pay-visa-to-make-contactless-payments\"><strong>Researchers discover bypass 'bug&#8217; in iPhone Apple Pay, Visa to make contactless payments<\/strong><\/h2>\n\n\n<p>Thanks to these new mobile security issues attackers could bypass an Apple iPhone&#8217;s lock screen to access payment services and make contactless transactions. The vulnerability occurs when Visa cards are set up in Express Transit mode in an iPhone&#8217;s wallet feature. Express mode has been designed with commuters in mind, when they may want to quickly tap and pay at a turnstile to access rail, for example, rather than hold up a line due to the need to go through further identity authentication.<\/p>\n\n\n\n<p>The issue is caused by the use of a unique code &#8211; nicknamed &#8222;magic bytes&#8221; &#8211; that is broadcast by transit gates and turnstiles to unlock Apple Pay. The attack can be triggered by capturing and then broadcasting the &#8222;magic bytes&#8221; and then modifying a set of other variables.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.zdnet.com\/article\/researchers-discover-bypass-bug-in-iphone-visa-apple-pay-to-make-contactless-payments\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Read more<\/a><\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<a name=\"paragraph-4\"><\/a>\n\n\n<h2 class=\"wp-block-heading\" id=\"more-it-security-mustreads\">More IT security must-reads<\/h2>\n\n\n<ol class=\"wp-block-list\"><li>BloodyStealer: Advanced New Trojan Targets Accounts of Popular Online Gaming Platforms (<a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Dark Reading<\/a>)<\/li><li>Urgent Chrome security update released to patch widely exploited 0-day (<a href=\"https:\/\/www.hackread.com\/chrome-security-update-released-patch-0-day\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Hack Read<\/a>)<\/li><li>ERMAC, a new banking Trojan that borrows the code from <a href=\"https:\/\/xopero.com\/blog\/en\/cerberus-out-alien-malware-in-there-is-a-new-and-dangerous-android-banking-trojan-in-the-wild\/\">Cerberus malware<\/a> (<a href=\"https:\/\/securityaffairs.co\/wordpress\/122657\/malware\/ermac-banking-trojan.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Security Affairs<\/a>)<\/li><li>Scalper bots are now targeting graphics card vendors (<a href=\"https:\/\/www.zdnet.com\/article\/scalper-bots-are-now-targeting-graphics-card-vendors\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">ZDNet<\/a>)<\/li><li>A New <a href=\"https:\/\/xopero.com\/blog\/en\/new-jupyter-malware-steals-browser-data-first-then-opens-backdoor-and-steals-even-more\/\">Jupyter Malware<\/a> Version is Being Distributed via MSI Installers (<a href=\"https:\/\/thehackernews.com\/2021\/09\/a-new-jupyter-malware-version-is-being.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The Hacker News<\/a>)<\/li><li>New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack (<a href=\"https:\/\/thehackernews.com\/2021\/09\/new-tomiris-backdoor-found-linked-to.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The Hacker News<\/a>)<\/li><li>Defend against zero-day exploits with Microsoft Defender Application Guard (<a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/09\/29\/defend-against-zero-day-exploits-with-microsoft-defender-application-guard\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Microsoft Blog<\/a>)<\/li><li>Fortinet, Shopify and more report issues after root CA certificate from Lets Encrypt expires (<a href=\"https:\/\/www.zdnet.com\/article\/fortinet-shopify-others-report-issues-after-root-ca-certificate-from-lets-encrypt-expires\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">ZDNet<\/a>)<\/li><li>Update Google Chrome ASAP to Patch 2 New Actively Exploited Zero-Day Flaws (<a href=\"https:\/\/thehackernews.com\/2021\/09\/update-google-chrome-asap-to-patch-2.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">The Hacker News<\/a>)<\/li><li>QNAP fixes bug that let attackers run malicious commands remotely (<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/qnap-fixes-bug-that-let-attackers-run-malicious-commands-remotely\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Bleeping Computer<\/a>)<\/li><\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to&nbsp;Security Center&nbsp;\u2013 our weekly update on the most devastating cyberattacks, high-severity vulnerabilities, and biggest data leaks \u2013 precisely selected by our editors. Don\u2019t miss it out!&nbsp;Sign up now&nbsp;and have it delivered to your inbox each Monday to start a week safe and sound. Additionally, you will receive a portion of the hottest company news and access to selected technical articles written by our experts with advice and tricks for more effective protection of your IT infrastructure. In the meantime, let\u2019s check what happened in the cyber-world last week.<\/p>\n","protected":false},"author":1,"featured_media":2447,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[470],"tags":[],"class_list":["post-4518","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersec-news","post--single"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>GriftHorse malware \/ New Windows domains backdoor<\/title>\n<meta name=\"description\" content=\"Explore the intricacies of cybersecurity in our latest blog post. Learn about potential threats like the GriftHorse malware.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/\" \/>\n<meta property=\"og:locale\" content=\"pl_PL\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GriftHorse malware \/ New Windows domains backdoor\" \/>\n<meta property=\"og:description\" content=\"Explore the intricacies of cybersecurity in our latest blog post. Learn about potential threats like the GriftHorse malware.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/\" \/>\n<meta property=\"og:site_name\" content=\"Xopero Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/XoperoSoftware\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-04T06:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-07T11:08:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2020\/04\/security-center-en.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1843\" \/>\n\t<meta property=\"og:image:height\" content=\"481\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"xopero_blogger\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xoperobackup\" \/>\n<meta name=\"twitter:site\" content=\"@xoperobackup\" \/>\n<meta name=\"twitter:label1\" content=\"Napisane przez\" \/>\n\t<meta name=\"twitter:data1\" content=\"xopero_blogger\" \/>\n\t<meta name=\"twitter:label2\" content=\"Szacowany czas czytania\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minuty\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/\"},\"author\":{\"name\":\"xopero_blogger\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#\\\/schema\\\/person\\\/cab3d3cda6e8a1aecfa8abea8827b17c\"},\"headline\":\"GriftHorse malware \\\/ New Windows domains backdoor \\\/ iPhone Apple Pay + Visa bug\",\"datePublished\":\"2021-10-04T06:00:00+00:00\",\"dateModified\":\"2023-12-07T11:08:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/\"},\"wordCount\":670,\"publisher\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xopero.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/security-center-en.png\",\"articleSection\":[\"Cybersec news\"],\"inLanguage\":\"pl-PL\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/\",\"url\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/\",\"name\":\"GriftHorse malware \\\/ New Windows domains backdoor\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xopero.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/security-center-en.png\",\"datePublished\":\"2021-10-04T06:00:00+00:00\",\"dateModified\":\"2023-12-07T11:08:57+00:00\",\"description\":\"Explore the intricacies of cybersecurity in our latest blog post. Learn about potential threats like the GriftHorse malware.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/#breadcrumb\"},\"inLanguage\":\"pl-PL\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pl-PL\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/#primaryimage\",\"url\":\"https:\\\/\\\/xopero.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/security-center-en.png\",\"contentUrl\":\"https:\\\/\\\/xopero.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/security-center-en.png\",\"width\":1843,\"height\":481},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/en\\\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Strona g\u0142\u00f3wna\",\"item\":\"https:\\\/\\\/xopero.com\\\/blog\\\/pl\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GriftHorse malware \\\/ New Windows domains backdoor \\\/ iPhone Apple Pay + Visa bug\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/xopero.com\\\/blog\\\/\",\"name\":\"Xopero Blog\",\"description\":\"Backup &amp; Recovery\",\"publisher\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/xopero.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pl-PL\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#organization\",\"name\":\"Xopero Software\",\"url\":\"https:\\\/\\\/xopero.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pl-PL\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/xopero.com\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/03\\\/xopero-niebieskie.png\",\"contentUrl\":\"https:\\\/\\\/xopero.com\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/03\\\/xopero-niebieskie.png\",\"width\":500,\"height\":132,\"caption\":\"Xopero Software\"},\"image\":{\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/XoperoSoftware\\\/\",\"https:\\\/\\\/x.com\\\/xoperobackup\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/opero-sp-z-o-o-\\\/?viewAsMember=true\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCRPWyeo1apjSgkDW3hZpB9g?reload=9\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/xopero.com\\\/blog\\\/#\\\/schema\\\/person\\\/cab3d3cda6e8a1aecfa8abea8827b17c\",\"name\":\"xopero_blogger\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pl-PL\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/49b4a2bbd1b6df951fc556f7478f5fb20bb41aeebf08473e459b28c5da9947f7?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/49b4a2bbd1b6df951fc556f7478f5fb20bb41aeebf08473e459b28c5da9947f7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/49b4a2bbd1b6df951fc556f7478f5fb20bb41aeebf08473e459b28c5da9947f7?s=96&d=mm&r=g\",\"caption\":\"xopero_blogger\"},\"sameAs\":[\"https:\\\/\\\/xopero.com\"],\"url\":\"https:\\\/\\\/xopero.com\\\/blog\\\/author\\\/xopero_blogger\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GriftHorse malware \/ New Windows domains backdoor","description":"Explore the intricacies of cybersecurity in our latest blog post. Learn about potential threats like the GriftHorse malware.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/","og_locale":"pl_PL","og_type":"article","og_title":"GriftHorse malware \/ New Windows domains backdoor","og_description":"Explore the intricacies of cybersecurity in our latest blog post. Learn about potential threats like the GriftHorse malware.","og_url":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/","og_site_name":"Xopero Blog","article_publisher":"https:\/\/www.facebook.com\/XoperoSoftware\/","article_published_time":"2021-10-04T06:00:00+00:00","article_modified_time":"2023-12-07T11:08:57+00:00","og_image":[{"width":1843,"height":481,"url":"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2020\/04\/security-center-en.png","type":"image\/png"}],"author":"xopero_blogger","twitter_card":"summary_large_image","twitter_creator":"@xoperobackup","twitter_site":"@xoperobackup","twitter_misc":{"Napisane przez":"xopero_blogger","Szacowany czas czytania":"3 minuty"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/#article","isPartOf":{"@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/"},"author":{"name":"xopero_blogger","@id":"https:\/\/xopero.com\/blog\/#\/schema\/person\/cab3d3cda6e8a1aecfa8abea8827b17c"},"headline":"GriftHorse malware \/ New Windows domains backdoor \/ iPhone Apple Pay + Visa bug","datePublished":"2021-10-04T06:00:00+00:00","dateModified":"2023-12-07T11:08:57+00:00","mainEntityOfPage":{"@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/"},"wordCount":670,"publisher":{"@id":"https:\/\/xopero.com\/blog\/#organization"},"image":{"@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2020\/04\/security-center-en.png","articleSection":["Cybersec news"],"inLanguage":"pl-PL"},{"@type":"WebPage","@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/","url":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/","name":"GriftHorse malware \/ New Windows domains backdoor","isPartOf":{"@id":"https:\/\/xopero.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/#primaryimage"},"image":{"@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2020\/04\/security-center-en.png","datePublished":"2021-10-04T06:00:00+00:00","dateModified":"2023-12-07T11:08:57+00:00","description":"Explore the intricacies of cybersecurity in our latest blog post. Learn about potential threats like the GriftHorse malware.","breadcrumb":{"@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/#breadcrumb"},"inLanguage":"pl-PL","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/"]}]},{"@type":"ImageObject","inLanguage":"pl-PL","@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/#primaryimage","url":"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2020\/04\/security-center-en.png","contentUrl":"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2020\/04\/security-center-en.png","width":1843,"height":481},{"@type":"BreadcrumbList","@id":"https:\/\/xopero.com\/blog\/en\/grifthorse-malware-new-windows-domains-backdoor-iphone-apple-pay-visa-bug\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Strona g\u0142\u00f3wna","item":"https:\/\/xopero.com\/blog\/pl\/"},{"@type":"ListItem","position":2,"name":"GriftHorse malware \/ New Windows domains backdoor \/ iPhone Apple Pay + Visa bug"}]},{"@type":"WebSite","@id":"https:\/\/xopero.com\/blog\/#website","url":"https:\/\/xopero.com\/blog\/","name":"Xopero Blog","description":"Backup &amp; Recovery","publisher":{"@id":"https:\/\/xopero.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xopero.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pl-PL"},{"@type":"Organization","@id":"https:\/\/xopero.com\/blog\/#organization","name":"Xopero Software","url":"https:\/\/xopero.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"pl-PL","@id":"https:\/\/xopero.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2019\/03\/xopero-niebieskie.png","contentUrl":"https:\/\/xopero.com\/blog\/wp-content\/uploads\/2019\/03\/xopero-niebieskie.png","width":500,"height":132,"caption":"Xopero Software"},"image":{"@id":"https:\/\/xopero.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/XoperoSoftware\/","https:\/\/x.com\/xoperobackup","https:\/\/www.linkedin.com\/company\/opero-sp-z-o-o-\/?viewAsMember=true","https:\/\/www.youtube.com\/channel\/UCRPWyeo1apjSgkDW3hZpB9g?reload=9"]},{"@type":"Person","@id":"https:\/\/xopero.com\/blog\/#\/schema\/person\/cab3d3cda6e8a1aecfa8abea8827b17c","name":"xopero_blogger","image":{"@type":"ImageObject","inLanguage":"pl-PL","@id":"https:\/\/secure.gravatar.com\/avatar\/49b4a2bbd1b6df951fc556f7478f5fb20bb41aeebf08473e459b28c5da9947f7?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/49b4a2bbd1b6df951fc556f7478f5fb20bb41aeebf08473e459b28c5da9947f7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/49b4a2bbd1b6df951fc556f7478f5fb20bb41aeebf08473e459b28c5da9947f7?s=96&d=mm&r=g","caption":"xopero_blogger"},"sameAs":["https:\/\/xopero.com"],"url":"https:\/\/xopero.com\/blog\/author\/xopero_blogger\/"}]}},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/posts\/4518","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/comments?post=4518"}],"version-history":[{"count":3,"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/posts\/4518\/revisions"}],"predecessor-version":[{"id":5374,"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/posts\/4518\/revisions\/5374"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/media\/2447"}],"wp:attachment":[{"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/media?parent=4518"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/categories?post=4518"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xopero.com\/blog\/wp-json\/wp\/v2\/tags?post=4518"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}