Cyware Daily Threat Intelligence October 1, 2018

Top Malware Reported in the Last 24 Hours

Fruitfly malware
The Fruitfly malware was created back in 2003 and was used to infect victims and take control of their Mac systems to steal files, keyboard strokes, and spy on them via webcam. The malware can also record the conversations of those nearby the device by using the device's microphone. The FBI recently discovered that Fruitfly has been used by an Ohio-based cybercriminal to spy on people for 14 years. 

GhostDNS
A wave of botnet attacks targeting Brazillian banks has been discovered by security experts. Over 100,000 routers had their DNS settings modified to redirect victims to phishing pages. The botnet, nicknamed GhostDNS, is capable of compromising around 70 different routers. This module uses 69 attack scripts that can brute-force the passwords of 47 different routers and firmware packages. It also bypasses the authentication procedures for some routers and alters DNS settings. Some experts believe that this module uses stolen Shodan API key to identify vulnerable routers it can exploit using the Shodan IoT search engine.

Top Breaches Reported in the Last 24 Hours

Facebook hack
Facebook recently acknowledged that it suffered a data breach that resulted in 50 million users accounts having been compromised. The social media giant estimated that an additional 40 million user accounts may also have been affected by the attack. The breach was caused when attackers exploited a vulnerability that existed since 2017. The hackers exploited a flaw in Facebook's "View As" feature. This flaw emerged when Facebook made changes to its video uploading feature in 2017. The social media is still investigating the incident and is yet to determine the identity of the attackers.

British MPs data leaked
The personal data of some high-profile British MPs and journalists were inadvertently exposed by a conference app. The breach was caused by the UK Conservative Party's official conference app. The bug publicly exposed every journalist, politician and attendee’s mobile number. Email addresses and other personal information was also exposed. 




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.