Cyware Daily Threat Intelligence October 30, 2018

Share Blog post

Top Malware Reported in the Last 24 Hours

CoinTicker
A new Mac malware dubbed CoinTicjer has been discovered. The malware poses as a legitimate mac cryptocurrency app and is capable of installing two backdoors - EvilOSX and EggShell - on infected systems. When executed, the Trojan connects to a remote host and downloads numerous python and shell scripts. These, in turn, download and install two backdoors on to infected computers. 

GPlayed Banking
A new variant of the Android malware GPlayed recently -emerged. The new malware, dubbed GPlayed Banking only targets customers of the Russian state-owned Sberbank. The GPlayed Banking Trojan is disguised as a fake Google app store but actually installs the malware once it is launched. The malware is capable of gaining admin privileges and locking the infected device's screen. The malware also uses detection evasion tools and allows attackers to infect a large number of victims in a short period of time. 

Top Breaches Reported in the Last 24 Hours

Tomorrowland hack
Cybercriminals have managed to steal the personal data of around 64,000 people who attended the 2014 Tomorrowland music festival. The breach occurred after hackers managed to compromise Paylogic's ticketing system, which is used by the festival to sell tickets online. Personal information including users' names, addresses, age, postcodes, and genders may have been compromised. However, organizers said no sensitive information was stolen.

Bank Hack
Hackers hit a Pakistani bank, reportedly stealing around $6 million. Although the breach was confirmed by Bank Islami, the organization denied allegations of having lost such a massive amount of funds. The bank discovered the breach after it detected abnormal transactions coming from Pakistani debit cards outside the country's borders. 

MapleChange hack
The Canadian cryptocurrency MapleChange suffered a breach and suddenly went offline. The sudden shut down of the exchange has sparked concerns about a potential exit scam. However, MapleChange said that it is still functional and investigating the breach. The exchange said that hackers exploited a bug in its software to steal the funds.

 Tags

bank islami
tomorrowland
data breach
gplayed banking
maplechange
cointicker

Posted on: October 30, 2018

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!