Go to listing page

Cyware Daily Threat Intelligence, April 04, 2022

Cyware Daily Threat Intelligence, April 04, 2022

Share Blog Post

Meet Borat, a new and powerful malware that includes the capabilities of RAT, spyware, and ransomware. Not only these, but the malware is also capable of launching DDoS attacks. According to researchers, Borat is being offered for sale on underground forums.

Meanwhile, Discord hacking has emerged as the newest threat for NFT buyers as researchers uncover a new wave of phishing attacks. The attackers targeted the Discord channels of Bored Ape Yacht Club, Nyoki, Doodles, Kaiju Kingz, and Shamanz to exfiltrate digital JPEGs of users. In other news, a Germany-based mattress company informed its customers about a Magecart attack that affected their credit and personal data.

Top Breaches Reported in the Last 24 Hours

Iberdrola hit with a cyberattack
Iberdrola, the parent company of Scottish Power, has suffered a cyberattack that affected the personal data of millions of customers.. The compromised data includes ID numbers, phone numbers, email addresses, and home addresses of customers. However, no financial information was stolen in the incident.

Emma Sleep Company affected
A Magecart attack at Emma Sleep Company affected the credit or debit card details of its customers. The attackers injected the malicious code into the checkout page to steal personal information and credit card data.

Trezor users affected
A compromised Trezon hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them. Attackers leveraged one of the newsletters hosted at MailChimp to launch the attack. The notifications prompted recipients to download a fake Trezor Suite software that would steal their recovery seeds.

Top Malware Reported in the Last 24 Hours

Borat RAT discovered
Researchers discovered a new RAT named Borat that is capable of conducting DDoS and ransomware attacks. Other capabilities include recording keystrokes, capturing videos from the webcam, stealing credentials from Chromium-based web browsers, and pilfering Discord tokens from infected systems.

Top Vulnerabilities Reported in the Last 24 Hours

GitLab patches a critical vulnerability
GitLab has reset the passwords of some user accounts after patching a critical account takeover vulnerability. The flaw affected GitLab Community Edition (CE) and Enterprise Edition (EE) versions prior to 14.7.7, 14.8.5, and 14.9.2. It is tracked as CVE-2022-1162 and has a CVSS score of 9.1. It could allow attackers to take over accounts.

Top Scams Reported in the Last 24 Hours

NFT projects hacked in a phishing scam
Discord communities of multiple major NFT projects were hacked as part of a phishing scam to trick users into handing over their digital JPEGs. Some of the affected projects were Bored Ape Yacht Club, Nyoki, Doodles, Kaiju Kingz, and Shamanz. The ultimate goal was to trick users into clicking a link to mint a fake NFT by sending ETH and in some instances an NFT to wrap into a token.

Chocolate-themed scam
Cadbury UK has issued a warning to its 315,000 followers on Twitter about a scam that steals their personal information. The scam, which goes with the title ‘Free easter chocolate basket,’ is making the rounds on WhatsApp and social media sites. The recipients are asked to click on a link to claim the free gift. But, before that, the recipients are asked to answer a series of questions appearing on the screen.


emma sleep company
borat rat
magecart attack
bored ape yacht club
kaiju kingz

Posted on: April 04, 2022

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.