Cyware Daily Threat Intelligence November 22, 2018

Top Malware Reported in the Last 24 Hours

New Mirai variant
The first non-IoT version of the notorious botnet/malware Mirai was recently discovered by security experts. The new Mirai variant targets Linux servers and shares several similarities with the original Mirai malware. However, unlike the original Mirai, which relies on botnets for propagation, the new variant is delivered via exploit kits. The malware conducts brute force attacks against targeted Linux servers, attempting to steal credentials via Telnet. It can also launch DDoS attacks.

Android malware
ESET security researcher Lukas Stefanko discovered 13 malware-laced apps on the Google Play Store that had been installed over 560,000 times. Of the 13 malicious apps, two were trending, before the entire bunch was taken down by Google's security team. The malicious apps once installed on devices, downloads an APK that allows attackers to install data-stealing malware on the infected device. These fake apps focus on harvesting personal data & credentials from and injecting malicious libraries into a victim's phone.

Top Breaches Reported in the Last 24 Hours

Amazon data breach
Amazon suffered a data breach just days before Black Friday. The breach was caused due to a technical issue in Amazon's website and led to the compromise of some customers' names and email addresses. Amazon has refrained from disclosing any further details about the cause of the breach and how many users it affected. However, the tech giant said that the issue has been fixed and that affected customers have been notified. Amazon also told customers that they do not need to change their account passwords as the breach was not a result of any wrongdoing at their end.

USPS breach
The US Postal Service (USPS) was hit by a data breach that left the account details of more than 60 million users exposed to anyone with an account on usps[.]com. The breach was caused due to a year-old API bug could allow threat actors to not just access, but also alter users' account details. The breach could have allowed hackers the ability to access users' email address, username, user ID, account number, street address, phone number, mailing campaign data and more. 




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.