Cyware Daily Threat Intelligence February 27, 2018

Top Malware Reported in the Last 24 Hours
Eviral Trojan
Researchers have come across a new Trojan, dubbed Eviral, that is capable of stealing browser cookies and stored credentials, and has the ability to monitor/modify the Windows clipboard text. The Trojan was being sold on criminal forums. It also lets the hacker control everything from a panel where the stolen data can be easily explored.

BadRabbit ransomware
The BadRabbit ransomware spread using drive-by attacks, presenting itself as a Flash update. Users who clicked on the update were infected by the ransomware. After execution, the ransomware elevated its privileges on the user’s device.

Decrease in RIG EK activities
There has been a decrease in the EK activity over the past year. This year, the exploit kit has been used to spread the Fobos, Ngay, and Seamless campaigns. The decrease can be attributed to multiple causes--ranging from fortification of browser and browser based applications to closure of many sub-domains.

Top Breaches Reported in the Last 24 Hours
Theft of intellectual property
Several Australian universities and NGOs are being targeted by hackers from Iran and China, in order to steal intellectual property. The targets are chosen as these places are abundant with research files on economic policies, defense projects, and technology and medical advancements.

LAPD’s Twitter account hacked
The official Twitter account of the Los Angeles Police Department’s (LAPD) was hacked. Hackers tweeted a message calling the department “white supremacists”. The tweet read "lapdWHITESUPREMACISTS". It is unclear how the breach occurred.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.