Cyware Daily Threat Intelligence September 14, 2018

Top Malware Reported in the Last 24 Hours

Kodi cryptomining campaign
A new campaign that involves Kodi add-ons infected with and spreading a cryptocurrency mining malware has been discovered. The campaign has been targeting both Windows and MacOS users. In this campaign, the legitimate Kodi add-ons are replaced with malicious ones which mine Monero with the resources of Kodi users. 

Kaiten botnet
An evolved variant of the Tsunami/Kaitent botnet was recently discovered. The new variant uses multiple features from an open-source project called Aboriginal Linux.  Over 40,000 IP addresses are associated with this botnet, which is capable of downloading files from remote servers. 

Powershell malware 
A new malware sample that uses features of PowerShell to evade detection has been discovered by security researchers.  The malware's rare obfuscation technique succeeds in bypassing most antivirus products. The malware also abuses Microsoft's built-in DPAPI SecureString to evade detection. 

Top Breaches Reported in the Last 24 Hours

EOSBet wallet hacked
EOSBet was hacked and around $200,000 was stolen from the wallet. The attackers exploited vulnerabilities in the EOS Smart Contract to steal the funds. Experts have found out that hackers were able to call EOSBet’s ‘transfer’ function externally using a fake hash. This duped the EOSBet’s system to illegally send a huge amount of EOS. The scammers associated with this campaign got inspired by Twitter’s cryptocurrency scambots and invaded the EOS blockchain. 

Blastchat data leak
The messaging app Blastchat exposed users passwords, phone numbers, usernames, and emails. The breach occurred because Blastchat did not employ encryption for communication between the centralized service and the devices. Blastchat has been taken down its app from both Google Play and the App Store. 




  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.