Go to listing page

Cyware Daily Threat Intelligence September 11, 2018

Cyware Daily Threat Intelligence September 11, 2018

Share Blog Post

Top Malware Reported in the Last 24 Hours

A new ransomware called PyLocky was found targeting businesses across Europe, primarily France. The ransom notes generated by the ransomware are written in English, French, Italian, and Korean. Although the malware purports to be a variant of the Locky ransomware, the two ransomware variants are not connected in any way.

New malware persistence method
A Norwegian security researcher recently discovered a new trick that can allow malware to achieve persistence leveraging Windows Universal Platform Apps (Appx/UWP). This method allows malware to persist in the infected systems even after reboots. This new process abuses the Windows Registry and tricks Windows users into running a malware’s process after a boot-up.

Big Bang malware campaign
The Big Bang threat group was spotted conducting a new surveillance campaign using a new modular malware. The malware is capable of taking screenshots of the system and sending it to the C2 server, steal files containing certain extensions, reboot systems and destroy executables. 

Top Breaches Reported in the Last 24 Hours

EOS betting app 
EOS betting app DEOSBet was hit by a hacker, which led to the app paying out 24 times to the same user. The hacker collected around 339 EOS at the start of the game and finished up with over 4,700 EOS, which is currently valued at around $24,000. The payouts were apparently automatic, happening just 30 seconds after the bets were placed. EOS eventually detected the hack and fixed the code to ensure that no more payouts were made.

Park by Phone breach
The Cork City council confirmed that its "Park by Phone" service suffered a data breach that affected over 5,000 people. The cybercriminals behind the attack likely accessed personal data such as car registration numbers, email addresses, and mobile phone numbers. However, there is no evidence of any personal bank account or credit or debit card details, account balances, and passwords have been compromised. 


data breaches
eos betting app
park by phone
pylocky ransomware

Posted on: September 11, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.