Cyware Daily Threat Intelligence November 9, 2018

Top Malware Reported in the Last 24 Hours

Android spyware
A spyware disguised as an Android banking app was discovered on Google Play. The fake app, called Movil Secure, steals users' device data and messages, which are later leveraged in SMiShing campaigns. The spyware gathers device identifiers such as device ID, OS version, and Country Code when it first launches. The threat actors behind the app have already started using the data collected for SMiShing attempts. In a post in the app’s reviews section, one victim said it was a scam that targeted his bank card. Fortunately, Google has removed the fake app from the Play Store. 

Malware evolving into cryptominers 
Researchers have discovered that malware variants and evolving to become capable of conducting cryptocurrency-related attacks. Recently, both the Dridex and Gozi malware variants have evolved and begun targeting cryptocurrency exchanges.  A recent surge in the number of targeted cryptocurrency exchanges in its configuration files was found since last year.

Top Breaches Reported in the Last 24 Hours

DJI breach
A flaw in Chinese drone manufacturer's software caused a breach. The bug could have allowed an attacker could access private data like photos and videos taken during drone flights. It can also expose flight logs that include location data. Researchers also found flaws in DJI’s apps and its web-based FlightHub site. 2 bugs were found working together to create the account takeover issue. 

Canada Post leak
Canada Post leaked data of 2% of the Ontario Cannabis Store (OCS) customer base. The personal data of around 4,500 customers were left exposed by the breach. The information includes names, nominated signatories, postcodes, delivery dates of consignments, business addresses, OCS reference numbers, Canada Post tracking numbers, and OCS corporate names. Canada Post and OCS are working together to investigate how this breach took place. Canada Post said that customers' delivery addresses and payment information were not compromised by the breach.




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.