Go to listing page

Cyware Daily Threat Intelligence August 11, 2021

Cyware Daily Threat Intelligence August 11, 2021

Share Blog Post

Is it a ransomware or a wiper? A new malware called Chaos has been found to be capable of causing chaos in the wild with multiple malicious capabilities combined into one package. While being advertised as a ransomware for testing purposes, researchers say it is actually a wiper. In another vein, attackers committed the biggest cryptocurrency heist ever from the Poly Network decentralized finance platform.

Microsoft Patch Tuesday is here and it has addressed 44 vulnerabilities, including three zero-day flaws. One of these vulnerabilities is under active exploitation. Peeps! Patch your systems ASAP. The same goes for Magento-powered e-commerce sites which need to be patched for 26 critical and high-severity vulnerabilities. 

Top Breaches Reported in the Last 24 Hours

Crytek admits being breached
Crytek, a game developer and publisher, has admitted to being hit by a cyberattack last year in October. The attack was conducted by the Egregor ransomware gang who encrypted systems and stole customers’ personal information files. This data was later published in the attacker’s leak site on the dark web.  

Biggest cryptocurrency theft ever!
DeFi protocol and network Poly Network suffered a theft of around $611 million in cryptocurrency. The hackers transferred Ethereum, Binance Chain, and Polygon assets to their accounts.   

Hackers threaten to leak data
After attacking Gigabyte, the RansomExx ransomware gang is threatening to leak 112GB of data. This data may also include sensitive documents from Intel, AMD, and Megatrends. 


Top Malware Reported in the Last 24 Hours

New Chaos malware
Chaos, an under-construction malware, is available for testing - as per the advertisements on dark web forums. While it claims to be a ransomware, Chaos is actually a wiper. Judging by the rapid development of the malware, experts surmise that it may soon be released in the wild.

Chinese espionage group targets Israel
A Chinese espionage gang, dubbed UNC215, is attacking Israeli targets. However, the threat actor is seemingly trying to project that it is the work of Iranian hackers. The campaign was initiated in 2019 and abused the Microsoft SharePoint flaw CVE-2019-0604. 

Kaseya’s decryption key leaked
In July Kaseya had obtained a decryption key for the victims of REvil ransomware. Now, a universal decryption key for the same is making the rounds on hacking forums. It is presumed that the poster is an affiliate of the REvil gang and not a victim. 


Top Vulnerabilities Reported in the Last 24 Hours

Magento update released
Adobe issued security updates to address 26 critical flaws in its Magento e-commerce platform. While 20 of these bugs are rated critical, six are rated important. Attackers can exploit these vulnerabilities to implement arbitrary code and take complete control over systems.  

Microsoft Patch Tuesday
Microsoft released patches for at least 44 flaws in its Windows OS and associated products. One of these vulnerabilities—CVE-2021-36948—is being actively exploited by attackers and is found in the Windows Update Medic service. Seven of these flaws are rated critical. 


Top Scams Reported in the Last 24 Hours

New smishing scam impersonates DPD
A new smishing scam is mimicking the international delivery company DPD. The seemingly convincing scam attempts to lure victims into giving away their personal details, including payment information.


 Tags

kaseya ransomware attack
crytek
poly network
sms phishing campaign
microsoft patch tuesday

Posted on: August 11, 2021


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.