Go to listing page

Cyware Daily Threat Intelligence November 16, 2018

Cyware Daily Threat Intelligence November 16, 2018

Share Blog Post

The Malware Reported in the Last 24 Hours

Trickbot vs Emotet
Security experts have discovered that Trickbot has overtaken Emotet as the top-ranking malware threat. Trickbot has infected numerous victims across Europe, the Middle East, and Africa. However, the US was hit the hardest by the banking malware. Trickbot targets a wide array of international banks via its webinjects, it is also capable of stealing cryptocurrency from Bitcoin wallets. Trickbot typically spreads via malicious spam campaigns. It can spread via spear-phishing emails disguised as unpaid invoices or requests to update account information. 

The TA505 threat group, which is considered to be one of the most prolific financially motivated hacker group, has been observed delivering the Khalesi malware. tRAT is a new remote access trojan that is believed to contain reconnaissance functionalities. Experts believe that TA505 may be testing out tRAT to determine its effectiveness. TA505 is responsible for cyber attacks using the banking Trojan Dridex in 2014 and the Locky ransomware in 2016 and 2017.

Top Breaches Reported in the Last 24 Hours

the Dutch branch of the French Film production and distribution company Pathe suffered a data breach. The firm lost over 19 million euros to BEC scammers and the lost funds may or may not have been recovered. The cybercriminals targeted the email IDs of the CEO and tricked the firm into paying out over 19 million euros. The BEC scammers are believed to have had a good idea of the company’s internal workings in order to carry out this attack. They were successful in hindering the Chief Financial Officer from confirming the transactions via phone. 

Health data breach
Midlands Regional Hospital in Tullamore was hit by a ransomware attack. The attack affected the organization's Laboratory Information System and associated IT infrastructure. The organization said that no patient records and the wider health services remained unaffected. It is still unclear whether the organization received a ransom demand or whether they ended up paying the cybercriminals. 


health data breaches
khalesi malware
ta505 group

Posted on: November 16, 2018

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite