Cyware Daily Threat Intelligence

Daily Threat Briefing • Dec 27, 2017
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Dec 27, 2017
Top Malware Reported in the Last 24 Hours
Digimine malware
In a recent discovery, a new malware has been identified, dubbed as Digimine. It is used to mine Monero cryptocurrency for its owners. Victims are sent a video file via a friend on Facebook. If they attempt to watch the video, it runs an AutoIt script. Digimine also installs an auto-start entry into the registry to ensure that it is started as soon as the computer is turned on.
Bladabindi malware
Recently, two new threats of Bladabindi Malware family have been discovered, hosted on a website. Both malware looks like a legitimate app that users have to install in order to access the media file hosted on the website. Two samples are identified as "6thClient.exe" and "Firefox.exe".
Loki infostealer
Recently patched remote code execution vulnerability (CVE-2017-11882) in Microsoft Office is exploited to deliver a modified version of Loki information-stealing malware. Loki campaign uses compromised emails to send spammed messages to the account's contact list. Attackers use Loki as a conduit for further attacks.