Malware authors are constantly developing existing malware to launch catastrophic attacks worldwide. A new variant of Lemon_Duck cryptomining malware that is capable of infecting Linux systems has come to light in the last 24 hours. The variant includes an exploit for a SMBGhost flaw affecting Windows systems and is capable of targeting servers running on Redis and Hadoop instances.
Additionally, a new Anubis info-stealing trojan was also spotted in the wild. The trojan, which borrows its code from Loki malware, is capable of stealing system information.
Researchers also demonstrated a new attack technique that can enable attackers to make fraudulent purchases using contactless VISA cards. The attack relies on a tool called Tamarin, developed by the researchers.
Top Breaches Reported in the Last 24 Hours
NCR Corporation attacked
NCR Corporation was infected by the Lethic trojan that is capable of remote access, lateral movement, and downloading additional payloads. The incident poses a potential supply chain risk to the customers associated with the popular point-of-sale and ATM software developer.
Valley Health Systems affected
The Valley Health Systems has been attacked by REvil ransomware. Following the attack, the healthcare organization lost information related to its clients, employees, and patients.
Top Malware Reported in the Last 24 Hours
New Variant of Lemon_Duck malware
A new variant of Lemon_Duck cryptomining malware has been found targeting Linux machines via SSH brute force attacks. The new variant also exploits an SMBGhost bug in Windows systems and is able to target servers running Redis and Hadoop instances. To make sure that it survives between system reboots, this new malware variant gains persistence by adding a cron job.
New Anubis trojan
Microsoft has detected a new piece of malware, called Anubis, in the wild. It draws code from Loki malware. The malware is designed to steal information from infected Windows systems.
Top Vulnerabilities Reported in the Last 24 Hours
New attack technique
Researchers have discovered an attack technique that can be used to bypass PIN codes for VISA contactless payments. The attack can be executed using four components - two Android phones, a special app called Tamarin, and a VISA contactless card. The attack, if abused in reality, can allow criminals to make fraudulent purchases by impersonating the owner.