Cyware Daily Threat Intelligence February 02, 2018

DDG Botnet
A new Monero mining botnet, dubbed DDG Botnet, has been targeting Redis and OrientDB servers via a brute-force attack on credentials dictionary. Until now, the miner has affected nearly 4,400 servers and has mined over $925,000 worth of Monero.

Hancitor Trojan
The Hancitor Trojan, also known as Chanitor, has been spotted evading antivirus detection. According to an AV company, only 3 antivirus engines out of 59 managed to detect the latest spam campaign. The malware was first spotted in 2014 and typically uses standard spam email as its attack vector. Flaw in CODESYS
Security researchers have discovered a critical flaw in the web server component of 3S-Smart Software Solutions’ CODESYS WebVisu product. Exploiting this flaw will allow hackers to execute arbitrary code remotely on IC products, affecting hundreds of ICS products.

New Adobe Flash zero-Day vulnerability
South Korea’s Internet & Security Agency (KISA) discovered a new zero-day vulnerability in the Flash player. The vulnerability is known to affect Flash Player 28.0.0.137 and all versions before that. Users are advised to uninstall Flash Player 28.0.0.137 until a new patch is released.

Siemens patches flaws
Three flaws discovered in Siemens TeleControl Basic product have been patched. Users are recommended to update their systems to new versions. BeeToken phishing scam
Cyber criminals hijacked BeeToken’s ICO, BeeNest, and stole the email and Telegram details of BeeToken’s customers. Using these details, scammers tricked customers into sending their funds to a different wallet instead of the official BeeToken wallet. It has been estimated that scammers have made as much as US$1 million using this scam.

Bangor Hospital loses patient data
East Maine Medical Center of Bangor revealed that an employee misplaced a hard drive containing medical information of the center’s 660 patients. The hard drive contained names, dates of birth, medical record numbers, one-word condition descriptors, and images.