Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence October 1, 2018 - Featured Image

Daily Threat Briefing Oct 1, 2018

Top Malware Reported in the Last 24 Hours

Fruitfly malware

The Fruitfly malware was created back in 2003 and was used to infect victims and take control of their Mac systems to steal files, keyboard strokes, and spy on them via webcam. The malware can also record the conversations of those nearby the device by using the device's microphone. The FBI recently discovered that Fruitfly has been used by an Ohio-based cybercriminal to spy on people for 14 years.

GhostDNS

A wave of botnet attacks targeting Brazillian banks has been discovered by security experts. Over 100,000 routers had their DNS settings modified to redirect victims to phishing pages. The botnet, nicknamed GhostDNS, is capable of compromising around 70 different routers. This module uses 69 attack scripts that can brute-force the passwords of 47 different routers and firmware packages. It also bypasses the authentication procedures for some routers and alters DNS settings. Some experts believe that this module uses stolen Shodan API key to identify vulnerable routers it can exploit using the Shodan IoT search engine.

Top Breaches Reported in the Last 24 Hours

Facebook hack

Facebook recently acknowledged that it suffered a data breach that resulted in 50 million users accounts having been compromised. The social media giant estimated that an additional 40 million user accounts may also have been affected by the attack. The breach was caused when attackers exploited a vulnerability that existed since 2017. The hackers exploited a flaw in Facebook's "View As" feature. This flaw emerged when Facebook made changes to its video uploading feature in 2017. The social media is still investigating the incident and is yet to determine the identity of the attackers.

British MPs data leaked

The personal data of some high-profile British MPs and journalists were inadvertently exposed by a conference app. The breach was caused by the UK Conservative Party's official conference app. The bug publicly exposed every journalist, politician and attendee’s mobile number. Email addresses and other personal information was also exposed.

Related Threat Briefings