Cyware Daily Threat Intelligence October 10, 2018

Top Malware Reported in the Last 24 Hours

Ursnif
A new phishing campaign distributing the Ursnif malware has been discovered. The cybercriminals behind the campaign were using a new technique that involves using hijacked e-mail accounts to send the malware camouflaged as a part of an ongoing e-mail conversation thread. The campaign has been targeting victims across North America and Europe. Ursnif is capable of stealing data such as email credentials, browser cookies, financial information, and video screen grabs.

Panda Banker
The Panda Banker trojan was recently found being delivered via the Emotet malware's distribution platform. Panda Banker, which is a variant of the Zeus banking trojan, first emerged in 2016. Previously, the malware was distributed via the Angler, Neutrino, and Nuclear exploit kits. Panda Banker is capable of stealing banking information, credit card data, as well as cryptocurrency wallet data. The current campaign has been targeting victims across the US, Canada, and Japan. So far, the cybercriminals behind the campaign have targeted banks, credit card companies, a porn video streaming service and an e-commerce firm. 

Top Breaches Reported in the Last 24 Hours

Hetzner data breach
Hetzner recently suffered a breach which may have compromised the personal information of its customers. The breach likely exposed customers' names and email addresses, their phone numbers, bank account details, identity number, and VAT numbers. The firm has notified its customers about the breach and has also conducted a comprehensive security audit. 

SpankChain hack
SpankChain, a cryptocurrency based on the adult industry, was hacked and around $40,000 worth of Ethereum was stolen. SpankChain utilizes Ethereum and a smart token named BOOTY which is used to tip adult models during live cam shows. The attackers exploited a bug in the network's payment channel smart contract, which allowed attackers to freeze $40,000 worth of SpankChain BOOTY tokens. 

DDoS attack
Multiple gaming firms were hit by a slew DDoS attacks. Those affected include Final Fantasy XIV’s creator Square Enix and Ubisoft. Other games affected in the DDoS attack include the Rainbow Six Siege, For Honor, and Assassin's Creed Odyssey.





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.