Cyware Daily Threat Intelligence October 13, 2017

Share Blog post

Top Malware Reported in the Last 24 Hours
DoubleLocker ransomware
The infamous ransomware DoubleLocker is distributed as a fake Adobe Flash Player through compromised websites. As soon as it is launched, the app requests activation of the malware’s accessibility service, named “Google Play Service”. After the malware obtains the accessibility permissions, it uses them to activate device administrator rights and set itself as the default Home application, without the user’s consent.

ATMii malware
Backdoor.Win32.ATMii, a new malware, has been discovered to be targeting ATMs running on Windows 7 and Windows Vista. Although, ATMii won't run on most ATMs in use today as most ATMs today use a streamlined version of Windows XP. The attacker copy dll and exe files on the ATM's storage drive and run exe.exe and injects the malicious code.

Locky variant
Locky ransomware’s ykcol code has got a new facelift from its original authors. This Locky variant was part of a September spam blast, sent through notorious Necrus botnet, targeting 3 million inboxes within a three-hour period. The Locky ransomware is amending the .ykcol extension to all encrypted files.


 Tags

Posted on: October 13, 2017

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!