The month of April saw no decline in malware attacks, scams and breaches. As usual, the threat actors were at their best in disrupting the smooth operation of public and private organizations.
A variety of new malware were discovered targeting both companies and users, resulting in the loss of data and disruption of services. This includes the names of HOPLIGHT, PreAMo, NamPoHyu, RobbinHood, vXCrypter and Xwo. New details about the sophisticated supply chain attack named ‘ Operation ShadowHammer’ attack had resurfaced last month. It was found that the attack had targeted six other major companies in Asia apart from compromising 1 million ASUS users.
In a major data breach incident, the infamous ‘GnosticPlayers’ hacker had made a comeback with his fifth set of stolen data. The hacker had put up nearly 65.5 million records on sale on the Dream Market forum. He was selling the data for 0.8463 Bitcoin on the dark web. Security experts also came across a new dark market named Genesis that was selling digital fingerprints of over 60,000 users.
Popular social media platform, Facebook was in soup last month, for secretly collecting email contacts of 1.5 million users and storing millions of Instagram users' passwords in a readable format. Apart from Facebook, LinkedIn also came under the radar for leaking approximately 60 million user records online. A major phishing attack was also reported by India’s largest IT outsourcing and consulting organization Wipro that might have impacted at least a dozen of the company's clients.
The past month also witnessed some major security updates from Oracle, Microsoft and Adobe. While Oracle released security patches for 297 bugs, Microsoft issued updates for 74 flaws. Adobe, on the other hand, published security patches for 43 vulnerabilities found across its products.
The following is a consolidated list of all major data breaches, malware, vulnerabilities and scams reported in April, 2019.