Share Blog post
In a recent discovery, a new malware has been identified, dubbed as Digimine. It is used to mine Monero cryptocurrency for its owners. Victims are sent a video file via a friend on Facebook. If they attempt to watch the video, it runs an AutoIt script. Digimine also installs an auto-start entry into the registry to ensure that it is started as soon as the computer is turned on.
Recently, two new threats of Bladabindi Malware family have been discovered, hosted on a website. Both malware looks like a legitimate app that users have to install in order to access the media file hosted on the website. Two samples are identified as “6thClient.exe” and “Firefox.exe”.
Recently patched remote code execution vulnerability (CVE-2017-11882) in Microsoft Office is exploited to deliver a modified version of Loki information-stealing malware. Loki campaign uses compromised emails to send spammed messages to the account's contact list. Attackers use Loki as a conduit for further attacks.
Posted on: December 27, 2017
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...