List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in April 2018
Stegware • Apr 30, 2018
A number of new malware, malware variants, vulnerabilities, breaches and online scams have been recorded in the month of April. Cyber incidents have been reported targeting several industries across various sectors. The biggest cyber incidents that grabbed headlines were: A data firm leaking personal information of 48 million profiles collected from various social media channels without the users' permission, a 13-year-old configuration flaw that impacted 90% of SAP systems, and Bitcoins worth $3 million being stolen in India's biggest crypto theft.
On the brighter side, several patches have been released for vulnerabilities affecting millions of systems worldwide. Most importantly, mitigation for the Total Meltdown vulnerability has been released by Microsoft.
The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in April 2018.
Malware
SamSam Ransomware Evolves Its Tactics Towards Targeting Whole Companies
Malicious calculator app adds up Bitvote coins in cryptomining scheme
New C# Ransomware Compiles itself at Runtime
GravityRAT – The Two-Year Evolution Of An APT Targeting India
Cheap crimeware kits help wannabe hackers get into the malware business
Necurs Evolves to Evade Spam Detection via Internet Shortcut File
There’s a new fake Flash Player installer for Macs, and it’s nastier than usual
Metamorfo Campaigns Targeting Brazilian Users
“Rubella Macro Builder” Crimeware Kit Emerges on Underground
New Crossrider variant installs configuration profiles on Macs
This cryptocurrency mining malware also disables your security services
'SquirtDanger' versatile malware steals cryptocurrency, takes screenshots
Cybersecurity researchers identify new variants of APT34 malware
Monero-Mining RETADUP Worm Goes Polymorphic, Gets an AutoHotKey Variant
GandCrab Ransomware Returns with New Waves of Spam Campaigns
Google Play is hosting a disturbing amount of cryptocurrency malware
XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing
RansSIRIA Ransomware Takes Advantage of the Syrian Refugee Crisis
Stresspaint Malware Steals Facebook Credentials and Session Cookies
Use of ‘StegWare’ Increases in Stealth Malware Attacks
XTRAT and DUNIHI Backdoors Bundled with Adwind in Spam Mails
Say “Cheese”: WebMonitor RAT Comes with C2-as-a-Service (C2aaS)
Magnitude exploit kit switches to GandCrab ransomware
Ransomware XIAOBA Repurposed as File Infector and Cryptocurrency Miner
New Malware PlugX Attacks Pharmaceutical Firms
Smoke Loader malware improves after Microsoft spoils its Campaign
New malware mine cryptocurrency without open browser session
ViperRAT spyware resurfaces in Google Play Store
Roaming Mantis uses DNS hijacking to infect Android smartphones
Microsoft network engineer faces charges linked to Reveton ransomware
Microsoft Begins Flagging uTorrent as Malware
Researchers Create Malware That Steals Data via Power Lines
Cyber-Espionage Groups Are Increasingly Leveraging Routers in Their Attacks
RadRAT: An all-in-one toolkit for complex espionage ops
New Malware Spreads Through Hacked Sites as Fake Browser Update
HTTP Injector Steals Mobile Internet Access
WannaCry Ransomware Sinkhole Data Now Available to Organizations
Quant Loader Trojan Spreads Via Microsoft URL Shortcut Files
SirenJack Attack Lets Hackers Take Control Over Emergency Alert Sirens
PUBG Ransomware Decrypts Your Files If You Play PlayerUnknown's Battlegrounds
New Agent Tesla Spyware Variant Discovered
Flaw in 'Sloppy' LockCrypt ransomware enables some victims to escape
“WhatsApp Plus”, a fake malicious app that steals personal data
New Strain of ATM Jackpotting Malware Discovered
Cryptojacking Script Makes It on the MSN Portal
The WhiteRose Ransomware Is Decryptable & Tells A Strange Story
IcedID Banking Trojan teams up with Rovnix for distribution
A New Mirai-style Botnet is Targeting the Financial Sector
Cryptocurrency mining-malware hidden in VPNs, games, and streaming apps, downloaded 100,000 times
CertUtil.exe Could Allow Attackers To Download Malware While Bypassing AV
Electroneum-mining operation now targeting Struts systems on Windows
New MacOS Backdoor Linked to OceanLotus Found
New KevDroid Android Backdoor Discovered
Cryptocurrency Web Miner Script Injected into AOL Advertising Platform
New Attack Vector Shows Dangers of S3 Sleep Mode
Researchers at Unit 42 Smoke Out the Rarog Cryptocurrency Mining Trojan
Evolving exploit builder kit ThreadKit used for RAT and banking trojan campaigns
Decrypters for Some Versions of Magniber Ransomware Released
Android Trojan Steals Data From Facebook Messenger, Skype, Other IM Clients
njRAT equipped with Bitcoin wallet stealer and Lime ransomware
Compromised Magento Sites Delivering Malware
Vulnerabilities
90% of the SAP customers exposed to hack due to 13 Year-Old configuration flaw
Popular Chrome VPN extensions are leaking your DNS data
Critical Security Configuration Issue in SAP Implementations
Hyland Perceptive Document Filters Multiple Vulnerabilites
Apple Is Struggling To Stop A 'Skeleton Key' Hack On Home Wi-Fi
Drupal users take cover—code-execution bug is being actively exploited
Western Digital My Cloud EX2 NAS Device Leaks Files
Win 7, Server 2008 'Total Meltdown' exploit lands, pops admin shells
Hikvision flaw could be remotely exploited to hijack cameras, DVRs
Internet Explorer has a zero-day bug that Microsoft needs to fix
Broadband flaw left 400,000 British homes open to hacking – was your router vulnerable?
SaferVPN CVE-2018-10308 Vulnerability, From DOS to Deanonymization
Hackers find life-threatening vulnerabilities in Austrian ski lift control unit
Unstoppable exploit in Nintendo Switch opens door to homebrew and piracy
WebEx vulnerability could spread malware between colleagues
Positive Technologies uncovers critical vulnerabilities in APC uninterrupted power supplies
Single single-sign-on SNAFU threatens three Cisco products
Big IoT Botnet Starts Large-Scale Exploitation of Drupalgeddon 2 Vulnerability
Google Finds Security Flaw in the Most Secure Windows 10 Version
LinkedIn bug allowed data to be stolen from user profiles
Critical Unpatched RCE Flaw Disclosed in LG Network Storage Devices
Multiple Issues in Foxit PDF Reader
Researchers Discover Second rTorrent Vulnerability
Denial-of-Spending and Inflation Bugs Found in Several Cryptocurrencies
Rockwell Automation Switches Exposed to Attacks by Cisco IOS Flaws
Flashpoint researchers warn of new VBS Loader
Bitcoin web wallet addresses generated with a flawed library are exposed to brute-force attacks
Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware
Windows Servers Targeted for Cryptocurrency Mining via IIS Flaw
Old JavaScript Crypto Flaw Puts Bitcoin Funds at Risk
Multiple Vulnerabilities in Moxa EDR-810 Industrial Secure Router
Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code
LimeSurvey Flaws Expose Web Servers to Attacks
Compile Error Halts Some GandCrab Ransomware Infections
Multiple Vulnerabilities in NASA CFITSIO library
New 'Early Bird' Code Injection Technique Discovered
17-year-old finds screen lock bypass vulnerability in Signal app for iOS
Multiple Simple DirectMedia Layer Vulnerabilities
Electrical Substations Exposed to Attacks by Flaws in Siemens Devices
Multiple Computerinsel PhotoLine PSD Code Execution Vulnerabilities
RTF Design, Office Flaw Exploited in Multi-Stage Document Attack
Critical Code Execution Flaw Found in CyberArk Enterprise Password Vault
Auth0 authentication bypass issue exposed enterprises to hack
Linux Beep bug joke backfires as branded fix falls short
This $2.5 Million 'Secure' Bluetooth Credit Card Might Be Leaking Bank Data
Remote Execution Flaw Threatens Apps Built Using Spring Framework
Intel Remote Keyboard app discontinued in the face of critical vulnerability
Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise
“Open sesame”: Industrial network gear hackable with the right username
Researchers Report 20,000 Vulnerabilities, Reinforcing Need for Proactive Cybersecurity Strategy
Critical vulnerability opens Cisco switches to remote attack
Live Chat Widgets Leak Employee Details From High-Profile Companies
Intel decides not to patch Spectre vulnerability for older processors
Google’s April Android Security Bulletin Warns of 9 Critical Bugs
Hackers could attack 1 million websites in a content management system flaw
WhatsApp public groups can leave user data vulnerable to scraping
Patches
Amazon has fixed a bug that allowed hackers to listen in on Alexa devices
This month's Windows and Office security patches: Bugs and solutions
Microsoft Releases Two New Windows Updates Containing New Spectre 2 Mitigations
Apple Releases Security Updates for MacOS, iOS, and Safari
MikroTik Patches Zero-Day Flaw Under Attack in Record Time
Canonical Releases Kernel Security Updates for Ubuntu 17.10 and Ubuntu 16.04 LTS
Cisco patches vulnerability in WebEx
Code Execution Flaws Patched in Foxit PDF Reader
Drupal to Release Second Drupalgeddon2 Patch as Attacks Continue
Oracle whips out the swatter, squishes 254 security bugs in its gear
Drupal 8 Updated to Patch Flaw in WYSIWYG Editor
Patch Plugs More Than a Dozen Bugs Affecting Industrial Secure Routers
Juniper patched multiple vulnerabilities
SAP Patches Critical Flaws in Business Client
AMD, Microsoft patch 'variant two' Spectre chip flaw
Microsoft Half-Patches Old Outlook Vulnerability
Microsoft Issues Rare Patch for Wireless Keyboard Flaw
Adobe Patches Six Flash Player Security Bugs, Three Critical
Schneider Electric Patches 16 Flaws in Building Automation Software
Microsoft patches critical flaw in Windows Defender
New Microsoft update to fix flaw in 'Meltdown' patch
Intel's Microcode Update for Spectre Makes a Comeback in Ubuntu's Repositories
Breaches
Game Over! Malicious Minecraft Character Skins Infect Over 50,000 Accounts
Over 20 Million Chrome Users Have Installed Fake Malicious Ad Blockers
1.5 billion sensitive files exposed by misconfigured servers, storage and cloud services
Researchers Hijack Over 2,000 Subdomains From Legitimate Sites in CloudFront Experiment
Student Loan processor Access Group tells 16,500 borrowers of data breach
Ransomware exposes records of 85,000 Center for Orthopaedic Specialists patients
Bezop Cryptocurrency Server Spills 25K in Private Investor, Promoter Data
Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency
Ukrainian Ministry was Attacked by VevoLocker Ransomware
Hacker Hijacks DNS Server of MyEtherWallet to Steal $160,000
Security Fears as TSB Customers Able to Access Others’ Accounts
Ukrainian energy ministry website hit by ransomware attack
Dubai's Careem admits to data breach, affects 14 million customers
China Cyberspies Targeted Japanese Firms for North Korea Secrets
Germany’s Deutsche Bank transfers €28 billion to an account by mistake
State of Illinois incorrectly mailed personal information of more than 4,000 people
Cyber attack at UnityPoint Health puts 16,000 people at risk
NHS website defaced by hackers
Data Firm Leaks 48 Million User Profiles it Scraped From Facebook, LinkedIn, Twitter and Zillow
Multiple Million-Plus-User Instagram Influencers Report Hacking; Emir of Qatar Possibly Affected
Texas Health Resources' patient information exposed in October 2017 email compromise
Crypto YouTuber Hacked out of $2 Million During a Livestream
Hackers exploit casino's smart thermometer to steal database info
TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak
Bitcoins worth $3 million stolen from exchange in India's biggest crypto theft
UK Carries Out Cyberattack on Islamic State
Website security firm Sucuri hit by large scale volumetric DDoS attacks
YouTube Suffers Music Video Hack
Sodexo Filmology data breach – Users need cancel their credit cards
Finland's 3rd Largest Data Breach Exposes 130,000 Users' Plaintext Passwords
Another One Bites the Dust: Now Best Buy Found Hit by [24]7.ai Data Breach
Indian defense ministry website hacked, home ministry website down
Facebook New Revelation: Profile Data of Over 2 Billion People Scrapped by Malicious Actors
Voting machine vendor firewall config, passwords posted on public support forum
Massive data breaches just one month before the arrival of the GDPR
Information on 6,800 CareFirst members exposed in phishing attack
Cyberattack Pings Data Systems of At Least Four Gas Networks
OpIsrael: Major Israeli websites targeted in large anti-Israel cyberattack
Iranian hackers breach Singapore universities to access research data
YouTube Employee's Twitter Hacked Following Shooting at San Bruno Headquarters
Panera Bread left millions of customer records exposed on the web
Philippine banks on alert after cyber attack at Malaysia central bank
Scams
Most White House Email Domains Could be Vulnerable to Phishing
Consumers bribed to share data with offers and cash prizes ahead of spam crackdown
The Free 'Fortnite' Money Scams Are So Stupid They Probably Work
Reno Man Created 8,000 Fake Online Accounts via Stolen Identities
1 million kids suffer ID theft, so parents beware
As next-gen spenders go cashless, e-wallet scamsters too are getting creative
FTC: Phone Scammers Are Impersonating Chinese Consulate Staff, Have Made Off With Millions
Windows warning: Tech-support scammers are ramping up attacks, says Microsoft
CITC warns of fake gift promises via WhatsApp
Cybercriminals now targeting tax pros to cash in on fraudulent returns
This New Chip-Theft Scam Will Blow Your Mind
Almost 250 people lose HK$1.9 million in WhatsApp scam
An Ethereum Scammer Posing as Justin Sun Has a Verified Twitter Account
FBI Warns the Public About Increase in Reports of Jury Duty Scams
Secret Service Warns of Chip Card Scheme
Netflix users warned not to fall for this email scam
Warning issued after customers spot suspicious 'Uber transactions'
