Go to listing page

Cyware Daily Threat Intelligence, December 30, 2020

Cyware Daily Threat Intelligence, December 30, 2020

Share Blog Post

Looks like bad actors are honing their craft with Golang-based malware. Now, researchers have come across a new self-spreading malware that is actively dropping XMRig miners on Windows and Linux servers. Written in Go language, the malware has been in the wild since early December.

An instance of malicious hackers installing keyloggers on Usenet site NZBGeek has also come to the light in the past 24 hours. Reportedly, the attackers planted the malware after hacking the site’s database and stealing the credit card details of users.

Top Breaches Reported in the Last 24 Hours

GenRx Pharmacy attacked
More than 130,000 patients have been alerted about a potential ransomware attack on GenRx Pharmacy. The attack occurred earlier this year and has affected patients’ first and last names, addresses, phone numbers, dates of birth, gender, health plan, and prescription information.

Voyager Digital LLC halts trading
The Voyager cryptocurrency brokerage platform was forced to halt its trading operations after suffering a cyberattack that targeted their DNS configuration. The firm states that the attack was not successful and that all funds and cryptocurrency assets are safe.

NZBGeek hacked
A data breach at NZBGeek allowed hackers to copy its database. As a result, the personal details of all the users were exposed. The attackers also installed a keylogger to abuse the site in the future. Among the data leaked, includes usernames, encrypted passwords, email addresses, and last connected IP addresses.

Wasabi down
Cloud storage provider Wasabi suffered an outage after a domain—wasabisys.com—was suspended for hosting malware. The mishap led to the registrar suspending the domain, which, in turn, caused the storage service to go offline.
 
Top Malware Reported in the Last 24 Hours

New Golang-based malware
A newly discovered Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since December. The malware includes worm-like capabilities that enable it to spread to other systems via brute-force attacks.

Top Scams Reported in the Last 24 Hours

FinCEN alerts about COVID-related scam
The U.S. Financial Crimes Enforcement Network (FinCEN) has issued an alert about COVID-19 vaccines-related scams. Fraudsters are attempting to capitalize on the situation by selling counterfeit goods, conducting phishing, and delivering malware, among others. Last week, several U.S. government organizations had issued a warning of increasingly frequent fraud and phishing attacks, aimed at gathering personally identifiable information and stealing money.

 Tags

keylogger
nzbgeek
golang based malware
fincen officials
genrx pharmacy

Posted on: December 30, 2020


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.