Cyware Daily Threat Intelligence May 07, 2018

Share Blog post

Top Malware Reported in the Last 24 Hours
Chthonic trojan
Hailing from the family of ZeusVm, the Chthonic banking trojan uses phishing campaigns in the form of Word documents with malicious ‘exe’ code embedded in it. The malware is designed to mainly exploit the CVE-2014-1761 flaw. After infecting a system, the Chthonic banking trojan collects data stored in the local system.

SynAck ransomware
A new ransomware, named SynAck, has been spotted using the Doppelgänging technique in order to escape antivirus detection. The ransomware uses the technique to leverage NTFS transactions to launch a malicious process from the transacted file. After infecting a system, the ransomware collects computer and user names, OS version info, unique infection ID, session private key and some random data.

Backdoor removed from npm
The npm registry unpublished a backdoor and three other packages. The said backdoor was masquerading as a cookie parsing library and was named getcookies. Package containing potential backdoor was found on the express-cookies and http-fetch-cookies modules, and on the popular mailparser package depending upon http-fetch-cookies.


 Tags

Posted on: May 07, 2018

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!