Cyware Daily Threat Intelligence August 18, 2017

New Locky variant surfaced
A new version of the infamous Locky ransomware has been discovered recently. The new variant changes its extensions of the encrypted file to .lukitus. It is usually distributed through spam emails containing zip file and infects systems when an unwary victim clicks on it. There is no decryption key available as of now.

FakeToken malware exploits taxi apps
The Android malware steals credit card information using phishing pages via dangerous screen outlays. Also, an encryption module is embedded into the malware that locks user files and steals sensitive information. To prevent infection, you should not download third-party apps from unknown app stores.

SynCrypt ransomware creates furor
The newly found ransomware infects systems and locks files using AES encryption while appending .kk extension to them. When infected, the ransomware displays a ransom note named Readme.html or in a .png format. Like most of the malware, SynCrypt infects machines through spear phishing emails. Scan the infected computer in safe mode using an effective antivirus program. CAN bus vulnerability
All the modern automobiles are at risk of being exploited. The CAN bus vulnerability found in the vehicles allows hackers to control the operations of safety features like air bags, ABS, and power steering. It is a flaw that has seeped in the design and architecture of the CAN bus. The attack is launched by flooding the feature with too many error messages leading to a denial of service.

Security flaws plague VPN provider
During a third-party public security audit of a popular VPN provider, a number of security flaws have come to light. This includes two vulnerabilities in the Chrome extension that allowed the malicious actor to turn off the extension. To find and fix such flaws, a regular public audit becomes a necessity.

Dog-in-the-middle attack
A researcher has devised a new way to exploit devices connected to a Wi-Fi access point. The interesting part is: a dog collar bone is used as an access point for users to connect to it. Aptly named, Dog-in-the-Middle attack it was successfully demonstrated at DefCon 25 conference.