Cyware Daily Threat Intelligence November 19, 2018

A new ransomware that appends the encrypted files with .BlackHat extension has been discovered by security researchers. Dubbed as BlackHat, the ransomware makes entries in the Windows Registry to achieve persistence. Files that are encrypted by the ransomware include audio files, video files, document files, image files, backup files, and banking credentials, etc.

The GandCrab ransomware family which emerged in late January 2018, has witnessed a roaring success. Depending on the victim's profile and the type of encrypted data, the ransomware demands a ransom that could range from $600 to $700,000 per victim. GandCrab's version 4 and 5 has been estimated to have infected around 500,000 victims worldwide since July 2018. The interesting aspect of GandCrab ransomware is that it adopts DASH and Bitcoin payments.

Passwords of some Instagram users could have been exposed due to a serious security flaw. The flaw lies in Instagram's 'Download Your Data' tool which was introduced in April in the wake of EU's GDPR. The number of persons affected is unknown. However, the company has started notifying the affected users about the leak. 

Hackers have managed to hack into York Council's environment app, named One Planet York app and gained access to personal data of users. The data accessed includes names, addresses, postcode, email addresses and telephone numbers of users. The City of York Council has contacted the police and has permanently taken down its One Planet York app. Users are advised to delete the app from their devices.

European online contact lens supplier Vision Direct has suffered a data breach that may have resulted in the compromise of personal and payment card information of many of its customers. The stolen data includes full name, billing address, email address, password, phone number. Card number, expiry date and CVV number are among the data compromised in payment card information.