Cyware Daily Threat Intelligence July 30, 2018

InstallCore Adware
Security researchers have spotted cybercriminals using a new adware delivery method. It involves clone websites that use legitimately-looking domain names to trick victims into downloading famous apps, which are infected in with malware. The campaign was discovered distributing the InstallCore adware

CoinVault
The cybercriminals behind the CoinVault ransomware have infected over 1,400 computers across 20 nations. The ransomware first appeared in 2014 and was developed by two cybercriminals, who were recently arrested and sentenced to 240 hours of community service. The ransomware authors made around $12,000 from their attacks. 

LockCrypt 
Security researchers have uncovered that the LockCrypt ransomware's encryption key can be recovered if one has access to around 25KB of known plaintext. The ransomware uses home-made, weak custom encryption and the disassembling of the encryption functions of the malware is similar to a Python code function.  Boys Town National Research Hospital breach
Boys Town National Research Hospital suffered a data breach after cybercriminals gained access to hospital records via a compromised employee account. The personal and medical information of 105,309 patients and employees is likely stolen. Names, dates of birth, Social Security Numbers, treatment information, health insurance items, login credentials and even some financial data may have been compromised.

KickICO hack
KickICO was hit by hackers and lost around $7.7 million in cryptocurrencies on July 26. The attackers managed to access to the attackers gained access to the account of the KickCoin (KICK) token smart contract on the KickICO platform. The firm claims to have fixed the issue and has also promised a full refund for the hacked accounts.

Blue Springs Family Care breach
Missouri-based Blue Springs Family Care fell victim to a ransomware attack which may have compromised the personal healthcare information (PHI) of over 44,000 patients. The attackers accessed names, home addresses, dates of birth, Social Security numbers, account numbers, driver’s license numbers, disability codes, and diagnoses.