Go to listing page

Cyware Daily Threat Intelligence, April 26, 2021

Cyware Daily Threat Intelligence, April 26, 2021

Share Blog Post

It’s quite a distressing moment in the cyber threat landscape as data leak incidents see an upsurge. Government domains from across the world became the victim of one of the largest data leak incidents of the year after researchers found a staggering 3.28 billion passwords exposed on a cybercrime forum. Data belonging to American citizens is also at risk as a hacker who goes by the online name of Pompurin has leaked a database containing 263GB worth of personal data on a hacking forum. Moreover, the ShinyHunters threat actor group returned with a fresh set of records stolen from BigBasket, only to be dumped on a dark web forum for free.

Threat actors are also being countered actively as European law enforcement agencies have made a successful attempt to wipe out Emotet trojan by using a customized DLL code.

Top Breaches Reported in the Last 24 Hours

BigBasket users affected
ShinyHunters has dropped a set of 20 million records allegedly belonging to BigBasket users on a popular hacking forum. The attacker claims the data was stolen in November 2020, following which the company had filed a case with the cybercrime police. The leaked data includes email addresses, SHA1 hashed passwords, addresses, phone numbers, and other assorted information of users.

Radixx targeted
A malware attack on Radixx has triggered an outage in its flight reservation systems. The firm is working on the recovery process and has reported the incident to the FBI.

American citizens’ data leaked
A hacker who goes by the online name of Pompurin has leaked a database containing personal and sensitive household data of over 250 million American citizens and residents. The leaked information contains full names, phone numbers, email addresses, dates of birth, marital status, gender, and physical addresses of users.

Data leaked from govt. domains
In yet another data leak incident, a staggering 3.28 billion passwords linked to 2.18 unique email addresses were exposed on a cybercrime forum. The leaked details were claimed to be stolen from government domains from across the world, including the U.S., the U.K, Australia, Brazil, and Canada.

Manga website hacked
A scanlation website called MangaDex.org was hacked to steal credentials of users and leak them on the internet. Following the hack, the site went offline for a few days.

Top Malware Reported in the Last 24 Hours

Tracking down Emotet
European law enforcement agencies used a customized DLL to wipe out the notorious Windows malware Emotet. The specially-crafted DLL caused the software to self-destruct. With this, the researchers believe that all services related to Emotet, along with the run key in the Windows registry, may have been terminated.

Top Vulnerabilities Reported in the Last 24 Hours

Exploiting FileZen flaws
Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen to steal sensitive data from businesses. The two flaws are tracked as CVE-2021-5639 and CVE-2021-20655. While the former is a directory traversal issue, the latter is an arbitrary code execution vulnerability. Soliton has addressed both flaws in FileZen solutions with the release of firmware versions V4.2.8 and V5.0.3.

 Tags

radixx
emotet trojan
bigbasket
shinyhunters threat actor group
manga website

Posted on: April 26, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.