Top Malware Reported in the Last 24 Hours
Kodi cryptomining campaign
A new campaign that involves Kodi add-ons infected with and spreading a cryptocurrency mining malware has been discovered. The campaign has been targeting both Windows and MacOS users. In this campaign, the legitimate Kodi add-ons are replaced with malicious ones which mine Monero with the resources of Kodi users.
An evolved variant of the Tsunami/Kaitent botnet was recently discovered. The new variant uses multiple features from an open-source project called Aboriginal Linux. Over 40,000 IP addresses are associated with this botnet, which is capable of downloading files from remote servers.
A new malware sample that uses features of PowerShell to evade detection has been discovered by security researchers. The malware's rare obfuscation technique succeeds in bypassing most antivirus products. The malware also abuses Microsoft's built-in DPAPI SecureString to evade detection.
Top Breaches Reported in the Last 24 Hours
EOSBet wallet hacked
EOSBet was hacked and around $200,000 was stolen from the wallet. The attackers exploited vulnerabilities in the EOS Smart Contract to steal the funds. Experts have found out that hackers were able to call EOSBet’s ‘transfer’ function externally using a fake hash. This duped the EOSBet’s system to illegally send a huge amount of EOS. The scammers associated with this campaign got inspired by Twitter’s cryptocurrency scambots and invaded the EOS blockchain.
Blastchat data leak
The messaging app Blastchat exposed users passwords, phone numbers, usernames, and emails. The breach occurred because Blastchat did not employ encryption for communication between the centralized service and the devices. Blastchat has been taken down its app from both Google Play and the App Store.
Posted on: September 14, 2018