Cyware Daily Threat Intelligence December 17, 2018

Top Breach Incidents Reported in the Last 24 Hours

PewDiePie printer hackers wreak a havoc
Attackers are found manipulating printers to boost the subscriber counts of PewDiePie’s YouTube account. The attack has reportedly affected 1,00,000 printers across offices, businesses, and homes. These devices are being remotely hacked and forced to print a message that instructs the users to subscribe to PewDiePie on YouTube.

Irish workers hit by a phishing scam
Recently, around 185,000 Irish office workers were found to have fallen victims to a phishing scam. The scammers associated with this campaign are found to be working on behalf of the Iranian government who managed to target the US government officials, activists, and journalists. The threat actors are believed to have accessed their Gmail and Yahoo Mail by bypassing its 2FA system.

Top Malware Incidents Reported in the Last 24 Hours

Magecart-style card sniffing tool
Security researchers at Armor Threat Intelligence group found Magecart-style attack tool being openly offered for sale on the Dark Web forums. Just like the previous British Airways or Newegg breach incidents, here also, attackers used their own proprietary payment card sniffing tool. This Magecart-style attack tool is being sold for $1300. The tool is advertised to have 2 components – a standard universal payment card sniffer and a control panel. The attack is said to work on any e-commerce site that employs Magento, OpenCart, or OsCommerce payment forms.

Steganography used on memes
Cybercriminals are found using steganography to embed malicious payloads within memes to spread malware. The malware authors posted 2 tweets featuring malicious memes, which contained an embedded command that is parsed by the malware after it’s downloaded from the Twitter account. This acts as the C&C service for the already-placed malware. It can’t be taken down unless the malicious Twitter account is disabled.

Top Vulnerabilities Reported in the Last 24 Hours

Flaws in high-performance chips
Previously-unknown flaws in the high-performance computer chips are spotted which could lead to failures in modern electronics. The on-chip communication systems could be damaged and the lifetime of the whole computer chip could be shortened by deliberately adding malicious workload. This would include sending software updates which will slow down earlier models.

Flaws in US Ballistic Missile systems
Recently, the US Ballistic Missile Defence Systems (BMDS) failed to clear the DoD IG audit. This is because the systems are controlled by computers and software which are plagued by security loopholes. They are at the risk of being targeted by state-sponsored attacks. Many users didn’t enable the 2FA and were found still using the same username and password to access BMDS network.

Jenkins servers’ flaws
Thousands of Jenkins servers are found to give admin rights to the attackers, as they are exploited and completely controlled for cryptocurrency mining attacks. Two flaws are exploited to gain admin rights and log in using invalid credentials on these servers.





  • Share this blog:
Previous
Cyware Daily Threat Intelligence December 18, 2018
Next
Cyware Daily Threat Intelligence December 14, 2018
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.