Cyware Daily Threat Intelligence November 09, 2017

Top Malware Reported in the Last 24 Hours
Bankbook malware
For the third time, the Android banking malware — Bankbook — is riding on an app that is being unintentionally distributed by the Google Play Store. BankBot was first discovered and removed in April 2017 and again in September before being removed again. This time the BankBot has appeared in the Google Play store yet again, having somehow bypassed the application vetting and security protocols.

Backdoor hacking tools
A hacking tool has recently been discovered which is free and allows anyone to find vulnerable internet-connected IP cameras with the faulty GoAhead embedded web server. This PHP script hacking tool is available in multiple popular underground hacking forums and is nothing but a scam.

Netflix-themed phishing
A recently spotted Netflix-themed phishing email campaign purportedly coming from the online streaming service, take the form of a suspension notification. Phishing campaign is conducted through a spam email purportedly coming from Netflix.

Top Breaches Reported in the Last 24 Hours
Charity fund hacked
In a heart-wrenching cyberattack, the Utah Association for Intellectual Disabilities was robbed of all its funds. The organization buys and distributes gifts every Christmas for up to 1,400 adults who are intellectually disabled, without family, and who live in assisted living facilities.

School website hijacked
In an unfortunate incident, pro-ISIS hackers hijacked the websites of roughly 800 US schools and educational districts on Monday, after compromising their web hosting provider. The hacking group Team System Dz claimed responsibility for the cyber-attack.

Top Scams Reported in the Last 24 Hours
Fake Windows Movie Maker website
Fraudsters have been successful at distributing a modified version of Windows Movie Maker that collects money from unwary users. The scammers worked on SEO to make sure users’ search result lead them to the fake website.

Cyber boiler room scam
In a well-thought-out scheme, a scammer ran a cyber boiler room scheme to hack more than 50 online brokerage accounts, causing over $2 million of losses for firms serving those accounts. Therefore, users are strongly advised to use strong credentials to secure their accounts.

Phishing scam
A new phishing campaign is being run by the hackers where invoices are used to lure victims into downloading malicious software. Hackers are targeting financial departments of various organizations to entice victims and carry out their nefarious activity. Users are advised not click on such links.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.