Cyware Daily Threat Intelligence May 07, 2018

Top Malware Reported in the Last 24 Hours
Chthonic trojan
Hailing from the family of ZeusVm, the Chthonic banking trojan uses phishing campaigns in the form of Word documents with malicious ‘exe’ code embedded in it. The malware is designed to mainly exploit the CVE-2014-1761 flaw. After infecting a system, the Chthonic banking trojan collects data stored in the local system.

SynAck ransomware
A new ransomware, named SynAck, has been spotted using the Doppelgänging technique in order to escape antivirus detection. The ransomware uses the technique to leverage NTFS transactions to launch a malicious process from the transacted file. After infecting a system, the ransomware collects computer and user names, OS version info, unique infection ID, session private key and some random data.

Backdoor removed from npm
The npm registry unpublished a backdoor and three other packages. The said backdoor was masquerading as a cookie parsing library and was named getcookies. Package containing potential backdoor was found on the express-cookies and http-fetch-cookies modules, and on the popular mailparser package depending upon http-fetch-cookies.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.