Cyware Daily Threat Intelligence July 12, 2018

Top Malware Reported in the Last 24 Hours
YiluzhuanqianSerd malware
YiluzhuanqianSerd is a Linux-based malware that infects systems running Linux and IoT devices with a cryptocurrency miner. The malware searches for SSH ports and connected devices with an exploitable remote desktop protocol (RDP) port. The cryptominer that  YiluzhuanqianSerd drops transfers funds to a Chinese scam website.

OSX. Dummy malware
The OSX.Dummy malware poses as administrators, moderators and key figures in the cryptocurrency community. The macOS malware targets cryptocurrency investors and opens up a backdoor on infected systems. In this case, the malware targeted the cryptocurrency community via Slack and Discord.

Top Vulnerabilities Reported in the Last 24 Hours
New Spectre vulnerabilities
Security researchers have discovered two new Spectre vulnerabilities - Spectre 1.1 and Spectre 1.2. The former leverages speculative stores to create buffer overflows and affects billions of devices powered by modern processors, including Intel and AMD processors. Spectre 1.2 only affects CPUs that don't have read/write protections enabled, instead, relying on lazy PTE enforcement.

Cisco IP Phone and  StarOS flaw
Two new Cisco vulnerabilities were discovered - an IP phone firmware bug and a StarOS flaw. Cisco IP Phone flaw could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The  Cisco StarOS bug could allow remote hackers to create a denial of service (DoS) condition.

IBM privilege escalation vulnerabilities
IBM's DB2 was discovered containing multiple vulnerabilities. The first flaw exists due to a flaw in systems that invoke the tool with elevated privileges. The flaws could allow hackers to execute arbitrary code and launch privilege escalation attacks. 

Top Breaches Reported in the Last 24 Hours
Bancor breach
The cryptocurrency conversion platform Bancor was hit by hackers and over $13.5 million worth of tokens were stolen. The hackers made away with $12.5 million in Ether, $1 million in Pundi X’s NPXS token and $10 million in Bancor’s BNT. However, the Israeli firm said that no user wallets were compromised. The Bancor site was taken down following the attack.

 VSDC hack
The website of the popular audio and video editing and converting software provider VSDC was hacked.  The website was attacked thrice - on June 18, July 2, and July 6. During the attacks, the hackers changed the download links on the VSDC website with links that redirected users to malicious links that served up three different malware strains. 





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.