Go to listing page

Cyware Daily Threat Intelligence February 01, 2018

Cyware Daily Threat Intelligence February 01, 2018

Share Blog Post

Top Malware Reported in the Last 24 Hours
Scarabey ransomware
A new variant of the Scarab ransomware, dubbed Scarabey, has been discovered. Compared to Scarab, Scarabey has a different mode of distribution and also has a different payload code. The ransomware spreads itself using spam emails, which infect systems running on Windows OS.

MindLost ransomware
Security researchers have discovered a new ransomware called MindLost, that encrypts files on the attacked computer systems and redirects users to an online payment portal to pay the ransom via credit or debit card. The ransomware targets a few file extensions like .c, .jpg, .mp3, .mp4, .pdf, .png, .py, and .txt.

W32/StartPage.NIK!tr malware
The W32/StartPage.NIK!tr malware is still being used to launch cyber attacks against educational institutions. The malware spreads as a .CAB file on Windows systems. Most of the malware that falls under this detection is BHO's (browser helper object) and are intended to hijack user's browser in particular IE.

Top Vulnerabilities Reported in the Last 24 Hours
Exploits for Meltdown and Spectre
Cybercriminals are actively developing malware and remote codes that can exploit the Meltdown and Spectre flaws. Around 119 malware samples have already been discovered by security experts.

WannaMine uses NSA exploit
A new Monero cryptocurrency mining worm, WannaMine is using the EternalBlue exploit to attack remote systems. The worm uses built-in Windows components such as WMI and PowerShell to do its work. Since it download any applications, it is difficult to detect.


Posted on: February 01, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.