Share Blog post
A Mirai-based botnet, called OMG, is being used to turn IoT devices into proxy servers. The strings used in this Mirai variant is ‘/bin/busybox OOMGA’ and ‘OOMGA: applet not found’. Proxies are used by hackers to become anonymous while carrying out malicious activities.
Ursnif malware campaign
Scammers are pretending to be from the Australian Securities and Investment Commission (ASIC) and sending emails infected with the Ursnif malware. These emails have a link that provides an invoice with fake payment details, clicking on which, infects the system with Ursnif malware.
Several security vulnerabilities have been spotted in BitTorrent’s official client, uTorrent. A fix has been released in uTorrent version 22.214.171.124352. uTorrent Web users can update to the latest available build 0.12.0.502.
IOTA won't fix the flaw
A vulnerability has been spotted in IOTA that could open up users to a replay attack. IOTA was developed to enable fee-less microtransactions for the Internet of Things. However, IOTA denied to fix the issue as it believes this is a situation that will occur only in extreme circumstances.
GitLab fixes issues
Security researchers discovered several bugs in GitLab that would allow hackers to hijack domains by exploiting a weakness in the way GitLab handles domain verification. Researchers were able to hijack 700 domains and subdomains. GitLab fixed the issue, and urged users to verify domain ownership by adding a DNS TXT record containing a token generated by GitLab.
The Colorado’s Department of Transportation (CDOT) has been hit by SamSam ransomware, resulting in shutdown of more than 2,000 computers. The malware infected these systems, encrypted files and demanded to pay the ransom in Bitcoins. Interestingly, the ransomware only hit systems functioning on Windows OS.
LA Times website mines Monero
The Los Angeles Times website has been mining cryptocurrencies. This happened after the newspaper's IT staffers left at least one of the publication's Amazon Web Services (AWS) S3 cloud storage buckets open. Users are advised to install antivirus or ad-blockers to stay safe from cryptocurrency miners.
Data breach HardwareZone (HWZ)
Around 685,000 users registered with HardwareZone (HWZ) became victims of a data breach, after losing their profile data. The breach was discovered after a suspicious posting was made on the forum site.
Posted on: February 22, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.