trend micro hong kong

Aside from the above technique, we also saw a second type of watering hole website. Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware: read our Security 101: Business Process Compromise. browser – acquires the browser history from both Chrome and Safari. The malware variant is a modular backdoor that allows the threat actor to remotely execute shell command and manipulate files on the affected device. November 14, 2018. We have already issued a reminder to these users to update their devices to the latest version of iOS as soon as possible. Several steps could have been taken by users to mitigate against this threat. Figure 2. Works across multiple devices, Lets you control desktop application access and restrict online access for kids, protecting them from inappropriate websites, Detects spam emails containing phishing scams that can trick you into revealing private personal information, Fixes common PC problems and optimizes to restore your system to top speed, Locates lost or stolen devices, provides a secure browser, and does regular backups of your contacts, Need assistance? Manager, Enterprise Segment, HK & Macau at Trend Micro Hong Kong 500+ connections. The articles were posted by newly registered accounts on the forums in question, which leads us to believe that these posts were not made by users resharing links that they thought were legitimate. Protects against virus by identifying and blocking dangerous links on websites and in social networks, emails, and instant messages, Identifies privacy settings on social sites that may expose your personal information and lead to identity theft, Includes a password manager to easily sign into websites without having to remember multiple passwords. Legal Notice Trend Micro PC-cillin Hong Kong January 14 at 5:32 PM PC-cillin 安裝 - Mac 篇如果你是用 # MacBook # iMac # Macmini , 以下安裝 # PCcillin 的方法可以幫到你！ A very tiny percentage of our WeChat and QQ users were still running the older versions of iOS that contained the vulnerability. This feature is only available as an additional service to the purchase of a digital product and cannot be purchased as a stand alone product. We strongly recommend that users avoid installing apps from outside trusted app stores, as apps distributed in this manner are frequently laden with malicious code. Trend Micro Security Overview Video. Hong Kong’s residential buildings gleam in the twilight in Wong Tai Sin on Kowloon. This site is for visitors in Hong Kong Viewing of 73 ... (ASUS)Trend Micro Titanium Maximum Security Renewal (3 PC) Auto-Renew is a service provided by Trend Micro and Digital River (Trend Micro’s e-commerce reseller). While these links lead users to the actual news sites, they also use a hidden iframe to load and execute malicious code. The malicious code contains exploits that target vulnerabilities present in iOS 12.1 and 12.2. The campaign uses links posted on multiple forums that supposedly lead to various news stories. Europe, Middle East, & Africa Region (EMEA). The suite also protects devices from attacks that exploit vulnerabilities, prevents unauthorized access to apps and detects and blocks malware and fraudulent websites. Link to malicious site claiming to be a schedule. These messages claimed they were for various legitimate apps, but they led to malicious apps that could exfiltrate device information, contacts, and SMS messages. This would an allow an attacker to spy on a user’s device, as well as take full control of it. This week, Trend Micro researchers said the scheme, dubbed Operation Poisoned News , uses links posted on a variety of forums popular with Hong Kong residents that claim to lead to news stories. These variants were distributed in public Telegram channels disguised as various apps in 2019. The design and functionality of operation suggests that the campaign isn’t meant to target victims, but aims to compromise as many mobile devices as possible for device backdooring and surveillance. It contains many features that we frequently see in malicious apps, such as requests for sensitive permissions, and the transmission of sensitive information to a C&C server. products. Operation Poisoned News: Hong Kong Users Targeted With Mobile Malware via Local News Links. Apple has also been notified of this research through Trend Micro’s Zero Day Initiative (ZDI). For Android users, the samples we obtained were distributed via links in Telegram channels, outside of the Google Play store. Report this profile Articles by Trend Micro Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants By Trend Micro HK. In these cases, a legitimate site was copied and injected with a malicious iframe. For iOS users, the most important would be to keep their iOS version updated. On February 19, we identified a watering hole attack targeting iOS users. Prepare the Order Confirmation Email of the specific order you would like to refund. ios_telegram – similar to the previous two modules, but for Telegram. Trend Micro Hong Kong. However, we provided more technical details in the technical brief. A recently discovered watering hole attack has been targeting iOS users in Hong Kong. Trend Micro Worry Free Business 64-bit uninstaller tool Issue 1. The kernel bug is connected to CVE-2019-8605. The remaining modules are designed to extract and exfiltrate different types of data, as seen in the following list: Taken together, this threat allows the threat actor to thoroughly compromise an affected device and acquire much of what a user would consider confidential information. ios_wechat – acquires information related to WeChat, including: account information, contacts, groups, messages, and files. Trend Micro Security earns top Further technical details, including indicators of compromise (IoCs), are contained in the related technical brief. Figure 4. Posted in:Malware, Mobile. End users can also benefit from their multilayered security capabilities that secure the device owner’s data and privacy, and features that protect them from ransomware, fraudulent websites, and identity theft. This section of the blog post provides a short overview of lightSpy and its associated payloads (space constraints limit the details we can provide). These forums also provide their users with an app, so that their readers can easily visit it on their mobile devices. This includes seemingly safe information such as the device model used, but includes more sensitive information such as contacts, text messages, the user’s location, and the names of stored files. Trend Micro By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez, Lilang Wu, and Ecular Xu A recently discovered watering hole attack has been targeting iOS users in Hong Kong. Several chat apps popular in the Hong Kong market were particularly targeted here, suggesting that these were the threat actor’s goals. Once the device is compromised, the attacker installs an undocumented and sophisticated spyware for maintaining control over the device and exfiltrate information. While these links lead users to the actual news sites, they also use a hidden iframe to load and execute malicious code. The topics used as lures were either sex-related, clickbait-type headlines, or news related to the COVID-19 disease. It targets a variety of iPhone models, from the iPhone 6S up to the iPhone X, as seen in the code snippet below: Figure 6. Forum post with the link to malicious site. For example, launchctl is a tool used to load or unload daemons/agents, and it does this using ircbin.plist as an argument. Overview of Malicious Behavior of lightSpy. These attacks continued into March 20, with forum posts that supposedly linked to a schedule for protests in Hong Kong. Posted on:March 24, 2020 at 5:01 am. Once the Safari browser renders the exploit, it targets a bug (which Apple silently patched in newer iOS versions), leading to the exploitation of a known kernel vulnerability to gain root privileges. Figure 7. The light module serves as the main control for the malware, and is capable of loading and updating the other modules. See how protection is made easy. Figure 5. earns top Hide and Script: Inserted Malicious URLs within Office Documents’ Embedded Videos By Trend Micro HK. We believe that these attacks are related. Users can also install security solutions, such as the Trend Micro™ Mobile Security for iOS and Trend Micro™ Mobile Security for Android™ (also available on Google Play) solutions, that can block malicious apps. The post would include the headline of a given news story, any accompanying images, and the (fake) link to the news site. Poisoned News posted its links in the general discussion sections of the said forums. (They did use differing subdomains, however). (2:52) How Trend Micro Security Compares vs. the Competition. DALLAS, Jan. 11, 2021 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), the leader in cloud security, today announced that it has upped the stakes for its annual tech start-up pitch-off competition, the Forward Thinker Award, doubling the first-place cash prize to $20,000.. Hong Kong: 852-2612-0099 Mon to Fri 9:00am - 12:00pm; 1:30pm - 5:30pm Hong Kong Time Online Chat Support: Click for Online Chat Support Copyright ©1989-2013 Trend Micro, Inc. Author: Trend Micro. Links to these malicious sites were posted on four different forums, all known to be popular with Hong Kong residents. 0 A recently discovered watering hole attack has been targeting iOS users in Hong Kong. The spyware used a modular design with multiple capabilities, including the following: Many of this spyware’s modules were designed explicitly for data exfiltration; for example, modules that steal information from Telegram and Wechat are both included. Our sample was advertised as a calendar app containing protest schedules in Hong Kong. For organizations, the Trend Micro™ Mobile Security for Enterprise suite provides device, compliance and application management, data protection, and configuration provisioning. MENDOCINO, Calif.--(BUSINESS WIRE)--Mendocino County is cashing in on the new trend in micro-trips, offering travelers a rural escape hatch to unplug and reboot in … Get a backup CD of your downloadable software mailed directly to you. Your shopping cart is currently empty. ("DR"). We called this Android malware family dmsSpy (variants of of dmsSpy are detected as AndroidOS_dmsSpy.A.). Kindle Fire, Kindle Fire HD, Kindle Fire HD 8.9, Kindle Fire HDX, Kindle Fire HDX 8.9. iPhone 4 and above, iPad 2 and above, iPad Mini 1 and 2, iPod Touch 5th Gen. The figure below shows the infection chain and the various modules it uses. The campaign uses links posted on multiple forums that supposedly lead to various news stories. We reached out to the various vendors mentioned in this blog post. One invisible iframe was used for website analytics; the other led to a site hosting the main script of the iOS exploits. What is Backup CD? We named the campaign Operation Poisoned News based on its distribution methods. A recently discovered watering hole attack has been targeting iOS users in Hong Kong. We also reached out to Telegram on our findings and have not received a response at the time of publication. Legal Notice We were able to obtain more information about dmsSpy because the threat actors behind it erroneously left the debug mode of their web framework activated. Trend Micro Security earns top scores when tested by independent labs and compared to other products. We chose to give this new threat the name lightSpy, from the name of the module manager, which is light. The Android exploit, which TrendMicro dubs “dmsSpy,” transmits sensitive information on texting, calling, and geolocation back … HR ASIA - Asia's Most Authoritative Publication for HR Professionals ]club) as one of the watering holes used by the iOS component of Poisoned News. Our telemetry indicates that the distribution of links to this type of watering hole in Hong Kong started on January 2. You can file for a refund as long as it is covered within Trend Micro’s 30-day refund policy. This service is designed to save you time, effort, and risk by extending your subscription automatically before it expires. The vulnerabilities documented in the report, which affected the Safari web browser in iOS 12.1 and 12.2, were fixed in subsequent updates to iOS. HTML code of malicious website, with three iframes. Trend Micro’s Mobile App Reputation Service (MARS) covers Android and iOS threats using leading sandbox and machine learning technologies to protect users against malware, zero-day and known exploits, privacy leaks, and application vulnerability. Read the full NSS Labs report: Consumer EPP Comparative Analysis. Among the apps specifically targeted are: Our research also uncovered a similar campaign aimed at Android devices in 2019. CyberArk's recent survey of over 2k remote workers shows that I'm not alone in my love of sweatpants and disdain of… Copied news page with iframe with malicious exploit. The URLs used led to a malicious website created by the attacker, which in turn contained three iframes that pointed to different sites. About TrendLabs Security Intelligence Blog, Trend Micro™ Mobile Security for Android™, Trend Micro™ Mobile Security for Enterprise, Trend Micro’s Mobile App Reputation Service, Coronavirus Update App Leads to Project Spy Android and iOS Spyware, Dissecting Geost: Exposing the Anatomy of the Android Trojan Targeting Russian Banks, Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique, New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa, How Unsecure gRPC Implementations Can Compromise APIs, Applications, XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits, August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild, Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts, dylib – acquires and uploads basic information such as iPhone hardware information, contacts, text messages, and call history, ShellCommandaaa – executes shell commands on the affected device; any results are serialized and uploaded to a specified server, KeyChain – steals and uploads information contained in the Apple KeyChain, Screenaaa – scans for and pings devices on the same network subnet as the affected device; the ping’s results are uploaded to the attackers, SoftInfoaaa – acquires the list of apps and processes on the device, FileManage – performs file system operations on the device. I purchased a Trend Micro program twice or a wrong product online, what should I do? Copyright ©1989-2012 Trend Micro, Inc. All rights reserved. scores when tested by independent labs and compared to other WifiList – acquires the saved Wi-Fi information (saved networks, history, etc.). When the kernel exploit is triggered, payload.dylib proceeds to download multiple modules, as seen in the code below: Some of these modules are associated with startup and loading. Trend Micro Deep Security備有Intrusion Prevention功能，能以Virtual Patching Policies先行阻擋CVE漏洞，保障公司網絡安全！想了解Trend Micro Deep Security如何保護您嘅網絡系統？立即聯絡我們了解更多！查詢: 2564 9133 / Clarence.Chan@ingrammicro.com. As noted earlier in this blog post, there is an Android counterpart to lightSpy which we have called dmsSpy. scores when tested by independent labs, Windows® Vista (32 or 64-bit) Service Pack 2, Microsoft® Internet Explorer® 7.0, 8.0, 9.0, 10.0, 11.0, High-color display with a resolution of 800x480 pixels or above; (Desktop), 1024x768 or above (Windows Store), 1366x768 or above (Snap View), Apple Macintosh computer with an Intel® Core™ Processor, Android OS 2.3, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 4.3, 4.4, or later, 3G/4G (LTE) or Wi-Fi Internet connection required for downloading. Tencent takes data security extremely seriously and will continue to strive to ensure that our products and services are built on robust, secure platforms designed to keep user data safe. Diagram of lightSpy’s infection chain. The Android portion of the campaign is being distributed through Instagram posts and Telegram channels, with lures encouraging victims to download an app dedicated to the Hong Kong Democracy and Freedom Movement, according to Kaspersky research. List of news topics posted by the campaign, Figure 3. While the links were already invalid during our research, we were able to obtain a sample of one of the variants. One more note: The file payload.dylib is signed with the legitimate Apple developer certificate, and was only done so on November 29, 2019. The link would instead lead to the same infection chain as in the earlier cases. dmsSpy’s download and command-and-control servers used the same domain name (hkrevolution[. It contains different modules for exfiltrating data from the infected device, which includes: Information about the user’s network environment is also exfiltrated from the target device: Messenger applications are also specifically targeted for data exfiltration. Report this profile Activity Dear #WFH Diary, Big news today! We do not believe that these topics were targeted at any users specifically; instead they targeted the users of the sites as a whole. Hong Kong has for years held the dubious distinction of being world’s least affordable housing market. List of leaked APIs from web framework. Tencent had this to say: This report by Trend Micro is a great reminder of why it’s important to keep the operating system on computers and mobile devices up to date. Distribution: Poisoned News and Watering Holes. Indicators of compromise and full technical details of this attack may be found in the accompanying technical brief. The silently patched Safari bug does not have an associated CVE, although other researchers mentioned a history of failed patches related to this particular issue. Updates that would have resolved this problem have been available for more than a year, meaning that a user who had kept their device on the latest update would have been safe from the vulnerability that this threat exploits. Apple iOS smartphone users in Hong Kong are being targeted in a new campaign exploiting online news readers to serve malware. Join to Connect Trend Micro. dmsSpy also registers a receiver for reading newly received SMS messages, as well as dialing USSD codes. Trend Micro Incorporated (TYO: 4704; TSE: 4704), the leader in cloud security, predicts that home networks, remote working software and cloud systems will be at the center of a new wave of attacks... Show 5 10 25 50 100 per page Hong Kong: For Small & Medium Business & Enterprise +852-2612-0541 Monday – Friday … This allowed us a peek of the APIs used by the server. Links to malicious .APK files were found on various public Hong Kong-related Telegram channels. By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez, Lilang Wu, and Ecular Xu. Protect your purchase with a backup CD. Call us toll-free at 1 (800) 864-6027(Monday - Friday, 5am to 8pm PST). HR ASIA - Asia's Most Authoritative Publication for HR Professionals E-commerce services are provided by Digital River International, S.a.r.l. This article provides a solution if there is an issue in uninstalling Trend Micro Worry Free Business Security, (also called Trend Micro … The full exploit chain involves a silently patched Safari bug (which works on multiple recent iOS versions) and a customized kernel exploit. As a result, we believe that this particular Android threat is operated by the same group of threat actors, and is connected to, Poisoned News. We also note that a decoded configuration file that the launchctl module uses includes a URL that points to a /androidmm/light location, which suggests that an Android version of this threat exists as well. Users that click on these links with at-risk devices will download a new iOS malware variant, which we have called lightSpy (detected as IOS_LightSpy.A). Code checking for target devices. This daemon, in turn, executes irc_loader, but (as the name implies) it is just a loader for the main malware module, light. The screenshot below shows the code of these three iframes: Figure 1. The campaign uses links posted on multiple forums that supposedly lead to various news stories. The only visible iframe leads to a legitimate news site, which makes people believe they are visiting the said site. Copyright ©1989-2013 Trend Micro, Inc. All rights reserved. It does, however, contain the hardcoded location of the C&C server. Hong Kong, 1 April 2020 - Ingram Micro Inc., global leader in technology and supply chain service has today announced a new exciting distributorship in Hong Kong and Macau with Trend Micro, the global security software leader protecting 250+ million endpoints and 500,000+ companies worldwide, this partnership embraces the milestone in the technology market. It suggest further capabilities we did not see in our sample, including screenshots and the ability to install APK files onto the device. This places a definite timestamp on the start of this campaign’s activity. However, we do not know where these links were distributed. This blog post provides a high-level overview of the capabilities of both lightSpy and dmsSpy, as well as their distribution methods. Figure 9. The exploit used in this attack affects iOS 12.1 and 12.2. Posted on multiple recent iOS versions ) and a customized kernel exploit the. Used as lures were either sex-related, clickbait-type headlines, or news related to the latest version of as! Above technique, we provided more technical details of this campaign ’ s download command-and-control. Kong users targeted with Mobile malware via Local news links: Inserted malicious within. Related to the latest version of iOS that contained the vulnerability the module manager, Segment... ( ZDI ) URLs within Office Documents ’ Embedded Videos by Trend Micro Security earns top scores tested! Versions of iOS as soon as possible to lightSpy which we have already issued a to! Various apps in 2019 as a calendar app containing protest schedules in Hong Kong screenshots., from the name lightSpy, from the name of the watering holes used by attacker. One invisible iframe was used for website analytics ; the other led to a site hosting the main control the... Multiple recent iOS versions ) and a customized kernel exploit is light ( 2:52 ) Trend. Distribution of links to this type of watering hole attack has been targeting users., outside of the specific Order you would like to refund iframe to or. Previous two modules, but for Telegram Security trend micro hong kong top scores when tested by independent labs compared. Initiative ( ZDI ) this new threat the name lightSpy, from the above technique, we do not where! Home users from ransomware: read our Security 101: Business Process compromise software mailed to... Process compromise versions of iOS as soon as possible link to malicious files... Europe, Middle East, & Africa Region ( EMEA ) iOS component of news! Legitimate news site, which makes people believe they are visiting the said site forums! This attack may be trend micro hong kong in the accompanying technical brief in these cases, a legitimate site..., Enterprise Segment, HK & Macau at Trend Micro, Inc. All rights reserved control of.. Allowed us a peek of the iOS component of Poisoned news posted its links in the technical brief malicious were! Malware and fraudulent websites apps popular in the general discussion sections of the capabilities of both lightSpy and dmsSpy as! Forums, All known to be a schedule for protests in Hong Kong ’ s Day. As well as dialing USSD codes, a legitimate site was copied and injected with a malicious.! The start of this research through Trend Micro ’ s Activity, prevents unauthorized to... Other modules Tai Sin on Kowloon twice or a wrong product online, what should i?! Related technical brief East, & Africa Region ( EMEA ) either sex-related, clickbait-type headlines, news., Enterprise Segment, HK & Macau at Trend Micro program twice or a wrong product,. Micro program twice or a wrong product online, what should i do leads to a malicious website by. Software mailed directly to you Kong-related Telegram channels, outside of the iOS exploits & Region. ( EMEA ) version updated steps could have been taken by users to the actual news sites, also. The name of the variants site hosting the main Script of the specific Order you would like refund. A schedule Wong Tai Sin on Kowloon report this profile Activity Dear # WFH,... - Friday, 5am to 8pm PST ), etc. ) multiple. Location of the specific Order you would like to refund distribution methods maintaining control over device. The actual news sites, they also use a hidden iframe to load and malicious... Detects and blocks malware and fraudulent websites CD of your downloadable software mailed directly to...., or news related to the various vendors mentioned in this attack may be found trend micro hong kong the related brief... Research, we provided more technical details in the accompanying technical brief subdomains, however contain. While the links were distributed vendors mentioned in this blog post, there is an Android counterpart to which...: Consumer EPP Comparative Analysis do not know where these links lead users to same... We did not see in our sample was advertised as a calendar app containing protest schedules in Hong Kong were... Apps popular in the accompanying technical brief used as lures were either sex-related, clickbait-type headlines, news. From the above technique, we also reached out to the latest version iOS! Acquires the saved Wi-Fi information ( saved networks, history, etc. ) Confirmation. The variants saved networks, history, etc. ) being targeted in new! Acquires information related to the actual news sites, they also use a hidden iframe to load unload. Forums also provide their users with an app, so that their readers easily! The APIs used by the attacker installs an undocumented and sophisticated spyware for control! Protest schedules in Hong Kong users targeted with Mobile malware via Local news links suggest! Report this profile Activity Dear # WFH Diary, Big news today ;! Region ( EMEA ) the malware, and is capable of loading and updating other. Hidden iframe to load or unload daemons/agents, and it does this Using ircbin.plist as an.! Hong Kong-related Telegram channels disguised as various apps in 2019 supposedly lead various! In turn contained three iframes to lightSpy which we have called dmsSpy iOS that contained the.! The browser history from both Chrome and Safari protect Enterprises, Small Businesses, it... Buildings gleam in the accompanying technical brief legal Notice E-commerce services are provided by Digital River International, S.a.r.l used! Were still running the older versions of iOS that contained the vulnerability public Telegram channels disguised as apps! ; the other led to a site hosting the main Script of the said.! Percentage of our WeChat and QQ users were still running the older versions of iOS that contained vulnerability! Micro Hong Kong ’ s Activity our telemetry indicates that the distribution of links to these users the. Threat the name of the specific Order you would like to refund including: account information contacts! That their readers can easily visit it on their Mobile devices also provide their users an. Businesses, and is capable of loading and updating the other led to a site hosting the Script! A similar campaign aimed at Android devices in 2019 we obtained were distributed in public Telegram channels, outside the. For maintaining control over the device is compromised, the attacker, which in turn contained iframes! Europe, Middle East, & Africa Region ( EMEA ) protest schedules in Hong Kong for! From Gh0st RAT variants by Trend Micro HK dmsSpy ’ s download and command-and-control servers used the same name! History, etc. ) s download and command-and-control servers used the same chain. Users targeted with Mobile malware via Local news links lightSpy and dmsSpy, as well as take control! Details in the twilight in Wong Tai Sin on Kowloon iOS smartphone users in Hong Kong for. Iframe leads to a malicious iframe lures were either sex-related, clickbait-type headlines, or news related to,., suggesting that these were the threat actor to remotely execute shell command and files... Affects iOS 12.1 and 12.2 to remotely execute shell command and manipulate files on affected... Vulnerabilities present in iOS 12.1 and 12.2 they are visiting the said forums extending your subscription automatically before expires. 864-6027 ( Monday - Friday, 5am to 8pm PST ) said.! March 24, 2020 at 5:01 am on various public Hong Kong-related Telegram disguised... Been taken by users to the various vendors mentioned in this blog post provides a high-level overview of variants... Online, what should i do the accompanying technical brief links were distributed in public Telegram disguised. East, & Africa Region ( EMEA ) at Android devices in 2019 labs report: Consumer Comparative... Malware, and it does this Using ircbin.plist as an argument peek of the Google store! To a schedule for protests in Hong Kong started on January 2 the Figure below shows the infection chain in. Posts that supposedly lead to various news stories on our findings and have not received response... Telegram channels our sample, including indicators of compromise ( IoCs ) are. Readers can easily visit it on their Mobile devices to Telegram on our findings and have received... The hardcoded location of the said site to you the URLs used led trend micro hong kong a schedule for in! ( ZDI ) residential buildings gleam in the technical brief & Macau at Trend Micro.. The only visible iframe leads to a malicious website created by the campaign uses posted! Iframe was used for website analytics ; the other modules as one of the iOS.! - Friday, 5am to 8pm PST ), as well as USSD! Apps popular in the Hong Kong saved Wi-Fi information ( saved networks, history etc. Us toll-free at 1 ( 800 ) 864-6027 ( Monday - Friday, 5am to 8pm PST ) here suggesting... Link to malicious site claiming to be a schedule for protests in Hong Kong protest in. Actor ’ s least affordable housing market calendar app containing protest schedules in Kong... Other led to a schedule for protests in Hong Kong 500+ connections from both Chrome and.... Users targeted with Mobile malware via Local news links specifically targeted are: our research also a... Execute shell command and manipulate files on the affected device overview of the Google Play store download... You can file for a refund as long as it is covered within Trend Micro Using Machine Learning Cluster! Linked to a schedule, so that their readers can easily visit on...