Go to listing page

Cyware Daily Threat Intelligence, June 28, 2022

Cyware Daily Threat Intelligence, June 28, 2022

Share Blog Post

Imagine infiltrating the networks of nearly 50 victim organizations in a matter of just two months! Black Basta is the talk of the cybersecurity town these days for achieving the devilish feat. Accompanying it is the LockBit gang that just rolled out a bug bounty program, with awards up to $1 million. It is offering pay-outs to those who help them find vulnerabilities in their code and data leak site.

Furthermore, a new Android threat aimed at the users of a Spanish bank has been spotted in the wild. It can harvest the bank's login credentials through deftly crafted phishing pages.


Top Breaches Reported in the Last 24 Hours


Ransomware attack on research university
The Medical University of Innsbruck, Austria, suffered a cyberattack, triggering an outage on its system networks. The university called for a manual process for setting up new credentials for students and employees. Vice Society, a notorious ransomware group, claimed responsibility for the attack as it leaked an extensive list of stolen data.

Tencent-owned QQ reported a breach
Tencent is looking into a hacking incident at QQ, a Chinese instant messaging software. Users have reported that their QQ numbers were being stolen and exploited to send advertisements to their friends. It was found that users had mistakenly scanned an unauthenticated QR code for a game login, from where hackers obtained the data.

Skimmers pilfer data from bank’s ATM
Several customers of California-headquartered Bank of the West apparently lost their debit card numbers and PINs to skimmers installed at the bank's ATMs. Cybercriminals can use this stolen data to generate fake cards and attempt cash withdrawals. Experts have been able to identify all the affected accounts.

Top Malware Reported in the Last 24 Hours


New Android banking trojan
Revive, a previously undocumented Android malware was seen targeting users of the Spanish financial services company, BBVA. Hackers lured users into downloading a fake app posing as the bank's original 2FA app. The malicious app reportedly draws inspiration from an open-source spyware called Teardroid.

Highly-motivated RaaS group
Black Basta, a RaaS syndicate, has crippled as many as 50 victims in the U.S., Canada, the U.K, New Zealand, and Australia, within two months of launching. Researchers have warned of the threat it poses to various industries, such as manufacturing, transportation, cosmetics, telcos, pharmaceuticals, plumbing and heating, automobile dealers, and retail.

Lockbit 3.0 is here
LockBit’s new version has officially been announced by the cybercriminal gang. Dubbed LockBit 3.0, it is touted as the first ransomware to lay out a bug bounty program. The reward ranges from $1,000 to $1 million. The group has added the privacy coin Zcash as a payment option, which is available besides Monero and Bitcoin.

Top Vulnerabilities Reported in the Last 24 Hours


Bug found in latest OpenSSL version
The recently released OpenSSL library version 3.0.4 was found infected with a remote memory-corruption bug on x64 systems with the AVX-512 instruction set. According to Tomáš Mráz of the OpenSSL Foundation, it is merely a bug that makes the 3.0.4 release unusable on AVX-512 capable machines. While there isn’t any official patch release, the bug has been fixed.

 Tags

android app
malicious qr codes
bank of the west
web skimmers
medical university of innsbruck
zcash
black basta
openssl library
lockbit 30
revive
tencent qq
vice society

Posted on: June 28, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.