Cyware Daily Threat Intelligence December 6, 2018

Top Breaches Reported in the Last 24 Hours

Humble Bundle breach
The popular online gaming subscription site Humble Bundle suffered a data breach that was caused a bug in the website. The bug allowed hackers access to users' data. The hackers(s) behind the attack combined the flaw with a credential stuffing attack to gain access to sensitive information. The breach did not expose names, passwords, billing data or payment information. However, attackers were able to access the Humble Monthly subscription status of users. Although the data stolen by the attackers was not related to customers' personal information, it could still be used by attackers to launch phishing attacks or scams. 

Top Malware Reported in the Last 24 Hours

Zekapab
The Russian cyberespionage group Fancy Bear was spotted distributing the Zekapab (aka Zebrocy) malware, using Brexit themed lures, in a new phishing campaign. The malware was used against US think tanks, government agencies, universities, political organizations, and others. The lure was also used by the hackers in another campaign that targeted NATO members, Central Asian countries and Russia's neighboring nations. 

SilverHawk
The Syrian Electronic Army was recently found targeting the Middle East in a new campaign. The hacker group was found delivering SilverHawk - an Android spyware that is designed to create fake updates for communication apps like WhatsApp and Telegram. The group also created MS Word and YouTube fakes filled with the SilverHawk spyware. 

Android malware
Numerous malicious voice communication and messaging apps on Google Play have been discovered on Google Play. These messaging platforms leverage modular downloaders to contact C&C servers, obtain payloads, and serve up fake surveys designed to steal user data. The malware exfiltrates data such as names, phone numbers and home addresses.




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.