Go to listing page

Cyware Daily Threat Intelligence, April 19, 2021

Cyware Daily Threat Intelligence, April 19, 2021

Share Blog Post

Advanced cyber threats are constantly evolving, with malware threats leading the pack. In the past 24 hours, security researchers detected one new malware variant and two new malware strains. The new variant is related to the XCSSET Mac malware and is capable of stealing confidential information from cryptocurrency apps.

The other two newly discovered malware are NitroRansomware and Pink malware. While NitroRansomware demands a Discord Nitro gift code to decrypt victim files, Pink malware has the ability to take full control of a targeted device via WhatsApp.

Top Breaches Reported in the Last 24 Hours

MCB affected
Matthew Clark Bibendum (MCB), a distributor of alcoholic beverages and soft drinks in the U.K and Ireland, is working to restore its IT systems following a cybersecurity incident. The company is in the process of informing its customers and suppliers of the incident.

Credit card details on the sale
Credit card details of nearly 1 million people who purchased online on Domino’s Pizza India are being sold for over $550,000 on the dark web. Apart from credit card details, the details also include names, phone numbers, and email addresses. 

Hacker selling sensitive data
A hacker appears to be selling sensitive data stolen from OTP-generating companies. The impacted firms include Google, Facebook, Amazon, Emirates, Apple, Microsoft, Signal, Telegram, and Twitter. Nearly 50GB of exfiltrated data is estimated to be on sale.  

Top Malware Reported in the Last 24 Hours

New XCSSET variant
A new variant of XCSSET Mac malware that targets Xcode developers has been improved to steal confidential information from cryptocurrency apps. The new version includes the ability to abuse the development version of the Safari browser to plant JavaScript backdoors in websites via Universal Cross-Site Scripting (UXSS) attacks.

NitroRansomware
A new ransomware called NitroRansomware encrypts victims’ files and demands a Discord Nitro gift code to decrypt files. The ransomware is distributed as a fake tool stating it can generate free Nitro gift codes. The ransomware appends .givemenitro extension to encrypted files. 
 
New Pink malware
WhatsApp users are being targeted by a new Pink malware that takes full control of a targeted device. The malware is distributed via a link that claims to turn the application’s theme from its trademark green to pink. If a user ends up clicking on the link, their phones might get hacked and they may even lose access to their WhatsApp account. 

 Tags

matthew clark bibendum mcb
xcsset mac malware
nitroransomware
pink malware
discord nitro gift code

Posted on: April 19, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.