Cyware Daily Threat Intelligence November 5, 2018

Top Malware Reported in the Last 24 Hours

Fbot vs Trinity
IoT botnets Fbot and Trinity are locked in a turf war over unsecured Android devices with exposed ADB ports. These exposed ADB ports can allow attackers to gain control over vulnerable Android devices and steal data and mine for cryptocurrencies. On any given day, there are around 30,000 to 35,000 Android devices that have their ADB ports exposed. This indicates that both Fbot and Trinity have a substantial number of potential devices that they can infect and use to mine for cryptocurrencies. 

New ransomware
A new ransomware has been discovered that installs DiskCryptor on the infected computer and reboots the computer. DiskCryptor encrypts the whole disk and then prompts the user to enter a password on reboot. The cybercriminals operating the new ransomware are likely hacking into Remote Desktop Services and installing the ransomware manually onto targeted devices. To stay safe, users are advised to disable RDPs or use VPNs to ensure that remote access is limited only to the VPN account holder. 

Top Breaches Reported in the Last 24 Hours

Veeco
Veeco Instruments Inc., a company that manufactures equipment used to make semiconductors, was recently hacked. The firm believes that the attack was orchestrated by a highly sophisticated threat actor. The Securities and Exchange Commission filing did not specify when the intrusion happened but said the attack ‘may have an adverse effect’ on the company's financial condition.

EasyDNS
EasyDNS accidentally leaked cloaked contact details of around 1,500 domain owners in Whois query results for a little over 24 hours. The breach exposed identity and contact details, such as names, phone numbers, email addresses, and postal addresses. The breach was caused by a bug in the software used by EasyDNS. The software provider Tucows is the second largest domain registrar in the world and its software is used by EasyDNS to manage domain names. EasyDNS is giving a $7.50 credit for all domains affected. Anyone who paid for Whois privacy as an add-on can contact the support team to get a refund.




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.