Cyware Daily Threat Intelligence April 17, 2018

Top Malware Reported in the Last 24 Hours
Smoke Loader malware
The authors of Smoke Loader have revamped its infection technique and introduced 64bit payload. Significant changes have been made to the malware in order to bypass Windows Defender and other Antivirus software after Microsoft came out with its countermeasures. The current version injects itself into a running instance of Windows Explorer instead of creating a hallow process.

PlugX malware
The PlugX remote access trojan (RAT) has been found spreading via campaigns targeting pharmaceutical organizations in Vietnam, in order to steal drug formulas and business information. Once infecting a system, the malware allows hackers to modify files, log keystrokes, steal passwords and capture screenshots of user activity.

VBScript Downloader
A new VBScript downloader, dubbed ARS VBS Loader, has been found affecting computers running the Microsoft Windows operating system that supports Windows 10. It is a spin-off of a downloader called SafeLoader VBS. The downloader uses fake email attachments to trick users into clicking on them.

Top Breaches Reported in the Last 24 Hours
Instagram accounts hacked
Reports have been released that several Instagram accounts have been hacked, leading to assumptions that the Instagram servers have been compromised. Researchers are suspecting a group called the Saudi Electronic Army behind the breach. However, Instagram says that the problem is a result of a system bug.

Patient data exposed
An unauthorized third party might have gained access to Texas Health Resources last October. The event was part of a larger incident affecting multiple entities across the country. Exposed patient information included names, medical record numbers, birth dates, addresses, insurance information, and clinical information of around 4000 patients.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.