Cyware Daily Threat Intelligence April 03, 2018

Lime ransomware
A new strain of njRAT, also known as Bladabindi, was discovered containing a Bitcoin wallet stealer and Lime ransomware. Researchers also found that the malware is served from Australia. It affects the port number 1700 and communicates with the malicious C&C server online2018.duckdns[.]org.

Android Trojan with advanced evasion techniques
A new Android Trojan has been spotted stealing users’ messenger app information. The Trojan is primarily targeting Facebook Messenger, Twitter, Skype and other IM clients. In order to evade dynamic analysis and detection, the malware uses the anti-emulator and debugger detection techniques.

A new Android RAT
Security researchers have discovered two variants of a new Android Remote Access Trojan (RAT) while investigating a fake antivirus malware. While one of these variants targeted Android devices, the other targeted Windows devices. The RAT variants were found to have the same capabilities—the ability to access contacts, SMS data and phone history and even record calls. Panera's Bread website
37 million customers of Panera's Bread were affected after the website leaked customer records for at least eight months. Exposed data included addresses, names, email IDs, birthdays, and the last four digits of their credit cards. An investigation also revealed that the leak affected Panera's commercial division, which encompasses catering companies as well.

ETP’s Pipeline Data System Shutdown
A cyber attack resulted in shutting down of Energy Transfer Partners (ETP), which digitally processes customer transactions for a major pipeline network in the U.S. An ETP spokesperson reported to the press that operations and data remain unaffected by the shutdown. However, it can affect a network of major pipelines owned by subsidiaries.