Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence July 27, 2018 - Featured Image

Daily Threat Briefing Jul 27, 2018

Top Malware Reported in the Last 24 Hours

**Aurora and Kardon malware loaders
** Two new malware loaders have been detected - Kardon and Aurora. While Aurora can allow cybercriminals to create botnets, Kardon comes equipped with a complete botshop. These new loaders have been advertised on lower-tier Russian-language forums since March and May respectively. Researchers believe that both loaders may follow SmokeLoader's path, ending up being sold on high-end Russian cybercrime forums.

**Underminer
** A new exploit kit has been discovered, name Underminer, which distributes a cryptocurrency miner called Hidden Mellifera. The exploit kit is believed to be developed by the same cybercriminals behind the 2017 browser-hijacking malware Hidden Soul. Underminer transfer a malware to infected systems via TCP tunnels.

**GZipDe malware
** A new encrypted malware called GZipDe has been detected. The malware uses old macros to subvert system processes and enable backdoor device access. Users are urged to disable macros by default to protect devices from such malware.

Top Scams Reported in the Last 24 Hours

**SIM swap scam
** Sim swap scams, which were widespread in the US and Europe, have now become increasingly common in India. In the current cases in India, victims are asked to share their Aadhaar number and forward a text message. Most of the recipients fall for the trick and fail to realize that the scammers already have their banking details. The attackers only need access to their OTPs to gain access to victims' banking credentials.
Users are advised to be cautious about calls on verification of any sort.

**Colorado phishing scam
** A phishing campaign was discovered targeting home improvement tradespeople in Boulder County, Colorado. The phishing email purports as coming from the Boulder County Government and contains a malicious attachment that contains link leads to a compromised site containing the phishing page. The campaign is designed to harvest victims' email credentials. The site hosting the phishing page has not been taken down, so it's possible that people could still become victims.

Related Threat Briefings