Products
Cyber Fusion Center

Stay ahead of threats with our cyber fusion solutions for threat intelligence sharing and analysis, threat response, and security automation.
Learn More

Threat Intelligence Platforms (TIP)

Intel Exchange

Intel Exchange Lite

Collaborate
Security Orchestration and Automation (SOAR)

Respond

Orchestrate
Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension
Partners

Partners & Integrations

Learn how our solutions seamlessly connect with other tools and technology partners to fit your security needs.

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login
Resources

Resources Library

Stay updated on the cyber threat landscape with free daily alerts, the latest industry reports, security trends, and more.

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy
Company

Contact Us

Get in touch with our team to learn more about our solutions and how they can help your organization.

Get in Touch

Leadership

Careers
We’re Hiring

Cyware in the News

Press Releases

Compliance

Login

Go to listing page

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in March 2018

Threat Intelligence

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in March 2018

Share Blog Post

March has witnessed a number of big data breaches, cyber incidents, emergence of new malware, disclosure of vulnerabilities and new scams targeting people from different sections of the society. The biggest names that grabbed headlines were Facebook - that suffered a data breach impacting at least 50 million people, Memcached based DDoS attack - the biggest and baddest of them all DDoS attacks, and disclosure by the U.S government authorities about a series of campaign run Russian hackers targeting critical infrastructure.

Amongst these, the malware cryptocurrency miners and ransomware continued to fight the battle for dominance with the former taking an edge. Other interesting malware discovered this month were Qrypter, CannibalRAT, ThreadKit and GoScanSSH. Several vulnerabilities with high severity were also disclosed. However, adequate patches were also released by the respective companies for protecting their customers.

The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in March, 2018.

Malware

New Malware Used in Attacks Aimed at Inter-Korean Affairs

Python-Written CannibalRAT Used in Targeted Attacks

Beware of Thanatos, the latest cyber-extortion scam

Sure, I’ll take that! New ComboJack Malware Alters Clipboards to Steal Cryptocurrency

Millions of Office 365 Accounts Hit with Password Stealers

Updated Avzhan DDoS bot spotted in Chinese drive-by attack

"Fakeapp" Android Malware Steals Facebook Credentials, Logs into Accounts

McAfee Uncovers Operation Honeybee, a Malicious Document Campaign Targeting Humanitarian Aid Groups

GandCrab Ransomware Version 2 Released With New .Crab Extension & Other Changes

Gozi ISFB Remains Active in 2018, Leverages “Dark Cloud” Botnet For Distribution

RedDrop malware runs up big bills on Android smartphones and spies on users

MIRUS malware infects html files with CoinHive scripts: Quick Heal

Coinminer Comes with a Process "Kill List" to Keep Competitors at Bay

Leaked source code for Ammyy Admin turned into FlawedAmmyy RAT

Qwerty Ransomware Utilizes GnuPG to Encrypt a Victims Files

New cryptojacking attack uses WannaCry exploit to mine on Windows servers

CCleaner Incident Investigation Reveals Possible Stage 3 Payload

Sophisticated False Flags Planted in Olympic Destroyer Malware

Memcached DDoS Attack: Kill Switch, New Details Disclosed

Qrypter RAT Hits Hundreds of Organizations Worldwide

"OceanLotus" Spies Use New Backdoor in Recent Attacks

Greedy cybercriminals host malware on GitHub

Middleboxes in Turkish telecom redirecting users to nation-state spyware

Hancitor: fileless attack with a DLL copy trick

Sigma Ransomware Being Distributed Using Fake Craigslist Malspam

Campaign Possibly Connected to “MuddyWater” Surfaces in the Middle East and Central Asia

China-Linked Spies Used New Malware in U.K. Government Attack

Slingshot malware that attacks routers may be state-sponsored espionage tool

Android Malware Intercepts Phone Calls to Connect Banking Users to Scammers

Zenis Ransomware Encrypts Your Data & Deletes Your Backups Canonical Releases Malware attack on 400k PCs caused by backdoored BitTorrent app

RottenSys: 'Aggressive' malware found pre-installed on five million Android devices

POS malware evolves to target chip and PIN-protected cards

Meet the Scarlett Johansson PostgreSQL malware attack

GandCrab Ransomware Crooks take Agile Development Approach

New PoS Malware Pinkkite takes Flight

Hermes ransomware distributed to South Koreans via recent Flash zero-day

Cryptocurrency Miner Distributed via PHP Weathermap Vulnerability, Targets Linux Servers

Rapid 2.0 Ransomware Released, Will Not Encrypt Data on PCs with Russian Locale

The AVCrypt Ransomware Tries To Uninstall Your AV Software

SANNY Malware Delivery Method Updated in Recently Observed Attacks

GhostMiner Uses Fileless Techniques, Removes Other Miners, But Makes Only $200

Cryptocurrency mining malware uses five-year old vulnerability to mine Monero on Linux servers

TeleRAT, a new Android Trojan that uses Telegram for data exfiltration

TrickBot Banking Trojan Gets Screenlocker Component

'Fauxpersky' malware steals and sends passwords to an attacker's inbox

Panda Banker Zeros in on Japanese Targets

Hajime Botnet Makes a Comeback With Massive Scan for MikroTik Routers

Monero-Mining HiddenMiner Android Malware Can Potentially Cause Device Failure

Hackers spread password stealer malware from YouTube comment section

HiddnAd and Guerilla Adware Removed From the Google Play Store

GoScanSSH Malware Avoids Government and Military Servers

Crypter-as-a-Service Helps jRAT Fly Under The Radar

The DiskWriter or UselessDisk BootLocker May Be A Wiper

Unraveling ThreadKit: New document exploit builder used to distribute The Trick, Formbook, Loki Bot and other malware

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

Dark Caracal Points To Apt Actors Moving To Mobile Targets

Security Alert: Spam Campaign Spreads Adwind RAT variant, Targeting Computer Systems

Vulnerability

Bug In Hp Remote Management Tool Leaves Servers Open To Attack

Remotely Exploitable Flaws Patched in DHCP

Spectre haunts Intel's SGX defense: CPU flaws can be exploited to snoop on enclaves

Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability

Old version of HPE Lights-Out server management contains DoS vulnerability

Security researchers identify new vulnerability affecting Pivotal Spring projects

LTE security holes could lead to fake emergency alerts

Researchers Bypassed Windows Password Locks With Cortana Voice Commands

Open-source Exim remote attack bug: 400,000 servers still vulnerable, patch now

After Oracle WebLogic miner attack, critical Apache Solr bug is now targeted

CIGslip Lets Attackers Bypass Microsoft Code Integrity Guard

Windows RDP flaw: 'Install Microsoft's patch, turn on your firewall'

Several privacy-busting bugs found in popular VPN services

Researchers find critical flaws in SecurEnvoy SecurMail, patch now!

AMD allegedly has its own Spectre-like security flaws

Researchers Discover Security Issue on Chrome RDP

Remotely Exploitable Vulnerability Discovered in MikroTik's RouterOS

CRLF Injection and HTTP Response Splitting Vulnerability

ManageEngine zero-day vulnerabilities impact three out of five Fortune 500's

Researcher demonstrates how vulnerable Ledger Nano S wallets are to hacking

Windows Remote Assistance Tool Can Be Used for Targeted Attacks

Pwn2Own competition flushes out five Apple bugs, four Microsoft flaws

Security flaws in dating app Grindr expose users' location data

macOS Vulnerability Reveals Passwords in Plain Text

Watering Hole Attack Exploits North Korea's Flash Flaw

Vulnerability in iOS camera QR code reader could direct users to malicious websites

Patches

Microsoft announces new updates to protect against Spectre and Meltdown attacks

Emerson Patches Severe Flaw in ControlWave Controllers

Google Patches 11 Critical Bugs In March Android Security Bulletin

Microsoft Releases KB4090913 Update to Fix Critical USB Driver Issue

Intel issues Meltdown/Spectre fixes for Ivy Bridge, Sandy Bridge as patch effort winds down

Cisco Patches Hard-coded Password in PCP Software

Chrome 65 update ready, contains 45 security fixes

SAP Patches Decade-Old Flaws With March 2018 Patches

Patch Tuesday: Adobe patches 7 critical flaws

Spectre/Meltdown Patches for Ubuntu 17.10 for Raspberry Pi 2

Microsoft stops pushing buggy Win7 patch KB 4088875, hopefully as a precursor to yanking it

GitHub Hosts Infostealer

Transport for NSW scrambles to patch servers missing fixes released in 2007

Siemens Patches Flaws in SIMATIC Controllers, Mobile Apps

Google is distributing more Meltdown and Spectre Patches for Chrome OS devices

Drupal Forewarns ‘highly Critical’ Bug To Be Patched Next Week

First OpenSSL Updates in 2018 Patch Three Flaws

Breaches

Marine Forces Data Leak: Highly Sensitive Info of over 21,000 Marines, Sailors and Civilians Exposed

Equifax discovers another 2.4 million customers hit by data breach

Five Threat Groups Target Industrial Systems: Dragos

GitHub hit with record 1.35-Tbps denial of service attack, more attacks expected

ShopRite pharmacy security breach affects 10K customers

Trustico compromises own customers' HTTPS private keys in spat with partner

Another Ransomware Variant Strikes CDOT Days after Initial Attack

Payment Card Breach Hits Some Applebee's Restaurants

NIS America hacked: Customer payment card data stolen, $5 off next purchase offered as apology gift

Danish mobile network failure hits 450,000 customers

Thieves heist 600 PCs built for digital coin mining in Iceland

123 Reg Backup Snafu Causes Clients to Lose Files Since August 2017

Russia’s Fancy Bear Hacks its Way Into Montenegro

50,000 WordPress Sites Infected with Cryptocurrency Mining Malware

Nike website flaw exposed sensitive server data

Fresno State data breach, 15,000 affected

Microsoft Stops Malware Campaign That Tried to Infect 400,000 Users in 12 Hours

Hidden Cobra Targets Turkish Financial Sector With New Bankshot Implant

Dutch Tax Auth. again targeted in cyber attack

Router-Hacking 'Slingshot' Spy Operation Compromised More Than 100 Targets

Cyber-Espionage Group Infects Victims Through MicroTik Routers

Russian hackers stole 860,000 euros from 32 ATMs belonging to the Raiffeisen Romania in just one night

Data hack impacts thousands of Florida Virtual School Students

Hacking Attack Might Have Breached 135K Outpatient Center Records

HotSpot Shield, PureVPN & ZenMate found leaking users real IP addresses

Jewelry site accidentally leaks personal details (and plaintext passwords!) of 1.3M users

Shipping company staff's details stolen after emails secretly sent to external accounts

Breaches expose 50,000 student and teacher records at Leon County Schools; more districts likely affected

BJC Healthcare data breach, 33,000 affected

Dutch Data Protection Authority accidentally leaked its employees' data

Puerto Rico power utility hacked but customer data not at risk

Russian Hackers Attacked U.S. Aviation as Part of Breaches

National Lottery: 10 Million Players told to Change Passwords as Attackers Hit Online Accounts

Frost Bank announced it has suffered a data breach that exposed check images

Expedia's Orbitz says 880,000 payment cards hit in breach

Atlanta computer systems under siege in possible ransomware attack

Thousands of servers found leaking 750MB worth of passwords and keys

Bulgaria reveals two financial cyber attacks worth 5.2 mln USD

U.S. Treasury Sanctions Iranian Cyber Actors for Malicious Cyber-Enabled Activities Targeting Hundreds of Universities

SAMBA Provides Notice Of Data Incident

Up to 8,000 customers affected by data breach at An Post

Stormont emails hit by cyber-attack

Cyber-attackers target Britain's anti-doping agency

Baltimore's 911 system Hacked?

Boeing confirms malware attack, downplays production impact

Unsecured N.Y. medical practice server exposes 42,000 records

Vanderbilt University researcher's claim breaches linked to patient deaths

Apparent attack by Russian hackers penetrated Germany’s foreign ministry

Google, PlayStation & NRA suffered DDoS attacks via Memcached servers

Monero Mining Malware Attack Linked to Egyptian Telecom Giant

Facebook Sued by Investors Over Voter-Profile Harvesting

Cambridge Analytica used self-destructing email to cover its tracks

Scams

Watch Out for This Clever Credit Card Scam

Scammers targeting Office 365 and DocuSign

Elon Musk targeted in crypto-cash scam

Phishing campaign found to be targeting humanitarian organisations

FBI Richmond Warns the Public of Scammers Using Spoofed Numbers

Fake Fortnite Mobile iOS Invites Being Pushed On Social Sites

Tech support scams using browser lockers rising

Cryptocurrency scammers run off with more than $2 million after ditching their investors

Yet again, Google tricked into serving scam Amazon ads

Scammers Are Using Fake IRS Sites To Steal Your Personal Info

Thieves steal millions of PC Optimum points, go on shopping sprees

Beware of scammers asking for bitcoin payouts this tax season: fraud watchdog

Tags

top malware

march

facebook

data breaches

windows vulnerability

microsoft

cyberattack

Posted on: June 06, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases