Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Dec 30, 2020

Looks like bad actors are honing their craft with Golang-based malware. Now, researchers have come across a new self-spreading malware that is actively dropping XMRig miners on Windows and Linux servers. Written in Go language, the malware has been in the wild since early December.

An instance of malicious hackers installing keyloggers on Usenet site NZBGeek has also come to the light in the past 24 hours. Reportedly, the attackers planted the malware after hacking the site’s database and stealing the credit card details of users.

Top Breaches Reported in the Last 24 Hours

GenRx Pharmacy attacked

More than 130,000 patients have been alerted about a potential ransomware attack on GenRx Pharmacy. The attack occurred earlier this year and has affected patients’ first and last names, addresses, phone numbers, dates of birth, gender, health plan, and prescription information.

Voyager Digital LLC halts trading

The Voyager cryptocurrency brokerage platform was forced to halt its trading operations after suffering a cyberattack that targeted their DNS configuration. The firm states that the attack was not successful and that all funds and cryptocurrency assets are safe.

NZBGeek hacked

A data breach at NZBGeek allowed hackers to copy its database. As a result, the personal details of all the users were exposed. The attackers also installed a keylogger to abuse the site in the future. Among the data leaked, includes usernames, encrypted passwords, email addresses, and last connected IP addresses.

Wasabi down

Cloud storage provider Wasabi suffered an outage after a domain—wasabisys.com—was suspended for hosting malware. The mishap led to the registrar suspending the domain, which, in turn, caused the storage service to go offline.

Top Malware Reported in the Last 24 Hours

New Golang-based malware

A newly discovered Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since December. The malware includes worm-like capabilities that enable it to spread to other systems via brute-force attacks.

Top Scams Reported in the Last 24 Hours

FinCEN alerts about COVID-related scam

The U.S. Financial Crimes Enforcement Network (FinCEN) has issued an alert about COVID-19 vaccines-related scams. Fraudsters are attempting to capitalize on the situation by selling counterfeit goods, conducting phishing, and delivering malware, among others. Last week, several U.S. government organizations had issued a warning of increasingly frequent fraud and phishing attacks, aimed at gathering personally identifiable information and stealing money.

Related Threat Briefings