Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence September 17, 2018

Cyware Daily Threat Intelligence September 17, 2018 - Featured Image

Daily Threat Briefing Sep 17, 2018

Top Malware Reported in the Last 24 Hours

Kraken Cryptor

A new version of the Kraken ransomware called Kraken Cryptor 1.5 was found disguised as the legitimate anti-malware program - SuperAntiSpyware. The ransomware has a list of modules and when enabled, the public encryption key, emails, extensions are encrypted by it. The cybercriminals behind the ransomware have been demanding 0.25 bitcoins as ransom.

WannaMine

WannaMine is a fileless, PowerShell-based, Monero-mining malware attack which originated a year ago. The malware is still spreading, now targeting Fortune 500 companies. WannaMine has already infected around 2,000 endpoints. The malware also uses the same leaked NSA exploits that were used by the WannaCry and the NotPtya ransomware variants in 2017.

SAVEfiles ransomware

A newly discovered ransomware variant called SAVEfiles is being distributed by the Fallout exploit kit (EK). Attackers use this EK by hacking into sites or generating new ones that they then host the exploit kit scripts on. It attempts to exploit vulnerabilities in VBScript and Flash Player on visitors’ machines. The ransomware is currently targeting Japan, France, and other nations.

Top Breaches Reported in the Last 24 Hours

Bristol Airport cyberattack

Bristol Airport suffered a ransomware attack that took down the airport's flight display screens for two days. The attack left the information screens completely blank and inoperable. No ransom had been paid to get the systems working again. An airport spokesman said the information screens were taken offline early to contain the attack. Flights were unaffected and there had been no concerns over the safety or security systems installed in the airport. Experts believe that this attack was a speculative attempt rather than a targeted attack.

EOSBet app hacked

The blockchain-based gambling app EOSBet was hit by hackers who stole over $200,000 worth of EOS. Following the attack, the app was taken offline. Experts believe that the attackers exploited a vulnerability in the app's smart contracts system to carry out the attack. The attackers managed to transfer funds to a wallet they controlled, which was designed to look similar to the EOSBet wallet.

Related Threat Briefings