Cyware Daily Threat Intelligence October 18, 2018

Top Breach Incidents Reported in the Last 24 Hours


Slovak Foreign Ministry breached
Recently, Slovak Foreign and European Affairs Ministry was hit by a massive-scale cyber-attack. This attack was uncovered due to the non-standard behavior of the computers. The attackers carried out this campaign with the goal of filtering sensitive data and then transferring them to servers abroad.  Slovak PM ensured that an investigation is ongoing and they’ll be investing more in cyber defenses.

Millions of voter info leaked
A misconfigured AWS S3 bucket operated by the Tea Party Patriots Citizens Fund (TPPCF) leaked info of over 527,000 voters. As a result, names, contact numbers, states of residence, and voter ID numbers of thousands of people got compromised. The exposed data also includes strategy documents, call scripts, marketing assets, and other files revealing a focused effort to politically mobilize US voters. Attackers can not only read the files but also can modify them.

Top Malware Released in the Last 24 Hours


MartyMcFly malware campaign
A new cyber-attack campaign was carried out against the Italian Naval industry where the MartyMcFly malware was used. The campaign started with a well-crafted email, detailing spare parts matching the real engine parts. It targeted the right office asking for naval engine spare parts prices. Two malicious email attachments were used. The first one was a company profile, aiming to present the company who was asking for spare parts. The 2nd one was a Microsoft.XLSX where the list of the needed spare parts was available. The attacker asked for a quotation of the entire spare part list available on the spreadsheet.

GandCrab developers released decryption keys
The GandCrab developers have released the decryption keys for Syrian victims in an underground hacking and cybercrime forum. This initiative was taken in response to a Tweet where a Syrian victim asked for help after photos of his deceased children were encrypted. The release includes keys for GandCrab version 1.0.0 through 5.0 and each line contains the victim ID, version, and decryption key.






  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.