Cyware Daily Threat Intelligence October 3, 2018

Top Malware Reported in the Last 24 Hours

DanaBot
New DanaBot campaigns have been discovered targeting victims in the US. The banking trojan was first discovered in May 2018 and has since undergone several upgrades, adding new modules. The malware's latest version makes reverse engineering extremely challenging. Since the malware first emerged, it has targeted countries such as Australia Germany, Poland, Italy, and Austria.

Hidden Cobra
The North Korean threat actor Hidden Cobra has been spotted using the FASTCash to target banks in Asia and Africa. The group has been targeting retail payment systems within banks to enable fraudulent ATM cash withdrawals. Experts believe that the actors used spear-phishing emails in targeted attacks against bank employees. The actors also used Windows-based malware to explore a bank’s network to identify the payment switch application server. The cybercriminals also moved laterally across the network using stolen credentials. 

Top Breaches Reported in the Last 24 Hours

Apollo
Apollo, a sales engagement startup acknowledged having suffered a data breach that saw hackers steal a database that contained over 200 million contact records. The contacts pertained to clients from over 10 million companies. The compromised data could include name, email address, company names, and other business contact information. Some client-imported data was also accessed without authorization during the breach. 

Recipe Unlimited
Canadian restaurant chain Recipe Unlimited was hit by a malware attack that took down thousands of its restaurants across the country. Certain restaurants such as Swiss Chalet, Harvey's, Milestones, Kelseys, Montana's, Bier Markt, East Side Mario's, The Landing Group of Restaurants and Prime Pubs were affected by the breach. Some restaurants were temporarily shut down while others were unable to process credit and debit card payments. As a precaution, Recipe Unlimited took a number of its systems offline and suspended internet access at affected locations.




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.