Go to listing page

Cyware Daily Threat Intelligence October 24, 2018

Cyware Daily Threat Intelligence October 24, 2018

Share Blog Post

Top Malware Reported in the Last 24 Hours

A newly discovered Mac malware dubbed OSX.SearchAwesome is capable of injecting malicious scripts, keylogging and cryptomining. The malware, which comes loaded in a fake app called spinstall, can also intercept encrypted web traffic to serve up ads. It can also install tools that allow attackers to conduct man-in-the-middle attacks. The Mac adware can also connect to a malicious website and download additional malware, siphon off sensitive data, and capture browsing data.

Chalubo is a recently discovered Linux malware that has been targeting attacks against Internet-facing SSH servers on Linux-based systems alongside IoT systems. The IoT malware contains obfuscation features and also borrows code from the Mirai and Xor.DDoS botnets. 

Malware campaign
A new malware campaign has been spotted targeting victims in Brazil. The phishing campaign drops a banking malware on targeted victims that only activates when it detects Portuguese as the language. The malware abuses two legitimate Windows files that manage certificates for the Windows operating system.

Top Breaches Reported in the Last 24 Hours

Cathay Pacific
Hong Kong-based airline Cathay Pacific suffered a massive data breach. Around 9.4 million customers' data was compromised by the breach. The firm discovered that the data was stolen by hackers. The data stolen by the hackers include passengers' names, nationality, dates of birth, phone numbers, email, addresses, passport numbers, identity card numbers, frequent flyer program membership numbers, customer service remarks, and travel histories. 

US Democratic Party data leaked
Rice Consulting, a consulting firm handling political fundraisers for the Democratic Party accidentally exposed corporate and customer data. The leaked data included databases storing voter records, which was stored on an unsecured network attached storage (NAS) device. The misconfigured NAS server contained detailed information on Rice Consulting clients, including in-depth details on thousands of past fundraisers. Exposed information included names, phones, emails, addresses, contracts, meeting notes, and more.


cathay pacific
data breach
chalubo botnet
malware campaign

Posted on: October 25, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.