Cyware Daily Threat Intelligence January 24, 2018

Paradise Ransomware
The Paradise ransomware has resurfaced (last seen in September 2017) launching a new wave of attacks. The malware uses a Ransomware-as- a-Service (RaaS) model and RSA cipher for file encryption.

SpriteCoin
A new ransomware is masquerading as a fake cryptocurrency by pretending to be a password protected storage wallet for SpriteCoin. The malware is aimed at tricking users into believing its a cryptocurrency wallet and offers users to create accounts. As soon as victims do that, their data gets encrypted and demands ransom in Monero cryptocurrency. Flaws in Panic Buttons
Security flaws were found in popular personal protection devices of Wearsafe and Revolar. Exploiting these flaws will allow hackers to access user's location and even disable the device. Wearsafe’s devices were also found to be vulnerable to DoS attacks.

XSS Vulnerability in Microsoft
A client-side cross-site scripting vulnerability has been discovered in Microsoft Academic online service web-application. This security bug allows attackers to inject malicious script code to a client-side browser to application web requests.

Bugs in Electron framework
Security vulnerabilities were found in the Electron framework--used by popular platforms like Skype and Slack--that would allow hackers to execute code remotely. The bug, dubbed the Protocol Handler Vulnerability, has been assigned the number CVE-2018-1000006. Electron has already fixed these issues. Malaysian organ donors
Personal data of over 440,000 organ donors and their next-of-kin has been stolen by hackers. Information included donor’s name, identification card number, race, nationality, address, and phone numbers. Data is leaked from Government Hospitals as well as National Transplant Resource Centers across Malaysia.

Bell Canada
Canada’s largest phone company, Bell Canada confirmed that a breach in their company resulted in data theft of around 100,000 subscribers. Hackers illegally accessed customer information including subscriber names and e-mail addresses. On a brighter side, credit card information of the customers hasn't been stolen.

Anonymous Greece
The hacker group, Anonymous Greece (Greek chapter of the Anonymous hacker clan) claimed to have hacked 16 databases of ERT which contained 60 GB worth of data. The hacker group carried out the breach in response to ERT’s decision to not cover Thessaloniki Macedonia rally live.