Cyware Daily Threat Intelligence November 15, 2018

See All
Top Malware Reported in the Last 24 Hours

Mylobot, a sophisticated downloader which is capable of downloading any kind of malicious payload, has been spotted delivering the Khalesi malware. The botnet contains sophisticated anti-analysis techniques like staying hidden for 14 days before connecting to the C2. around 18,000 unique IP addresses, originating from Iraq, Iran, Argentina, China, India, Saudi Arabia, Chile, Russia, Vietnam, and Egypt, were found communicating with Mylobot's C2 servers. 

A new sophisticated malware campaign has been discovered targeting Spain and France. The malware, dubbed DarkGate, is being distributed via Torrent files and is targeting Windows systems. DarkGate comes packed with several functionalities. It is capable of cryptomining, data-stealing and remotely controlling targeted systems. DarkGate also has a ransomware component. The password-stealing component of the malware uses NirSoft tools to access user credentials, browser cookies, browser history, and Skype chats. The malware is believed to be closely related to the password-stealer Golroted.

Top Breaches Reported in the Last 24 Hours

New Jersey-based charity Kars4Kids accidentally leaked over 21,000 customers' and donor's personally identifiable information (PII). The breach was caused due to an unsecured MongoDB server, which contained information such as super admin credentials, usernames, passwords and more. A ransom note within the unsecured database was also discovered. It is still unclear whether malicious threat actors downloaded the entire Kars4Kids’ database or not, but the fact a ransom note was left is a strong indicator something nefarious took place.

Medical breach
The Southwest Washington Regional Surgery Center in Vancouver suffered a data breach that may have exposed personal information of 2,393 patients. Cybercriminals may have accessed patients’ names, Social Security numbers, driver’s license numbers, and medical information. The exposed medical information could potentially include diagnosis, treatment, surgery, medications, lab tests, health insurance information, and credit card numbers.

See Our Products In Action

  • Share this blog:
Cyware Daily Threat Intelligence November 16, 2018
Cyware Daily Threat Intelligence November 14, 2018
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.