Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence May 07, 2018 - Featured Image

Daily Threat Briefing May 7, 2018

Top Malware Reported in the Last 24 Hours

Chthonic trojan
Hailing from the family of ZeusVm, the Chthonic banking trojan uses phishing campaigns in the form of Word documents with malicious 'exe' code embedded in it. The malware is designed to mainly exploit the CVE-2014-1761 flaw. After infecting a system, the Chthonic banking trojan collects data stored in the local system.

SynAck ransomware
A new ransomware, named SynAck, has been spotted using the Doppelganging technique in order to escape antivirus detection. The ransomware uses the technique to leverage NTFS transactions to launch a malicious process from the transacted file. After infecting a system, the ransomware collects computer and user names, OS version info, unique infection ID, session private key and some random data.

Backdoor removed from npm
The npm registry unpublished a backdoor and three other packages. The said backdoor was masquerading as a cookie parsing library and was named getcookies. Package containing potential backdoor was found on the express-cookies and http-fetch-cookies modules, and on the popular mailparser package depending upon http-fetch-cookies.

Related Threat Briefings