Cyware Daily Threat Intelligence, September 07, 2020

Share Blog Post

Malware attacks have been one of the biggest security threats for many organizations for over a decade. Throwing light on the growing threats, researchers have discovered two new malware recently. While one is a new skimming malware called Baka, the other is a variant of Thanos ransomware. The Baka skimmer is observed to have infected several merchant websites around the world. On a tangent, the new variant of Thanos ransomware is attempting to drop ransom notes on compromised systems by overwriting the computers’ Windows Master Boot Records (MBR).

Meanwhile, the infamous NetWalker ransomware claimed its latest victim by targeting Argentina’s official immigration agency, Dirección Nacional de Migraciones. The incident had temporarily halted the Argentinian border crossing process.

Top Breaches Reported in the Last 24 Hours

NetWalker attacks
Argentina’s official immigration agency, Dirección Nacional de Migraciones, has suffered an attack by NetWalker ransomware. This temporarily halted border crossing into and out of the country. To prevent the ransomware from infecting more devices, computer networks and control posts were shut down.

Service NSW breached
Service NSW revealed that the personal information of over 180,000 customers was stolen in a cyberattack that occurred earlier this year. The incident occurred after 47 staff email accounts were broken into by attackers. As a result, 738 GB of data, which comprised 3.8 million documents were pilfered from the email accounts.

Telmate leaks data
Telmate’s GettingOut dating app had leaked a database containing tens of millions of call logs, private messages, and personal information about U.S. prison inmates. Among the personal information exposed, the unsecured database included dates of birth, full names, email addresses, physical addresses, and facility IDs of individuals.

Top Malware Reported in the Last 24 Hours

New Baka skimmer
Visa has issued a warning about new digital skimming malware called Baka. Discovered first in February, the skimmer code includes both card-stealing and anti-analysis capabilities. Although it is unclear how the malware spreads, Visa claims that it has identified the malware on several merchant websites around the world.

New Variant of Thanos
A new variant of Thanos ransomware is making attempts to deliver ransom notes on compromised systems by overwriting the computers’ Windows Master Boot Records (MBR). Researchers note that even though the ransomware fails to overwrite the MBR, it still drops a ransom note in a regular way and asks victims to pay $20,000 to recover their data.

Top Vulnerabilities Reported in the Last 24 Hours

WhatsApp discloses six bugs
WhatsApp has disclosed six security vulnerabilities that could allow attackers to execute remote code on victims’ devices. The flaws are identified as CVE-2020-1894, CVE-2020-1891, CVE-2020-1890, CVE-2020-1889, CVE-2020-1886, and CVE-2020-11928. These flaws affect different versions of WhatsApp for Android, WhatsApp Business for Android, WhatsApp for Desktop, and WhatsApp for iPhone.

 Tags

windows master boot records mbr
telmate
netwalker ransomware
thanos ransomware
whatsapp
baka skimmer

Posted on: September 07, 2020

Get the Daily Threat Briefing delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!