Cyware Weekly Threat Intelligence - November 15–19

Weekly Threat Briefing • November 19, 2021
Weekly Threat Briefing • November 19, 2021
The Good
Bringing in a bit of positive news for victims of cyber fraud, the U.S. Justice Department seized tens of millions of dollars worth of cryptocurrency from the now-defunct BitConnect. It is planning on selling those to compensate the victims. In other news, the U.S. Treasury Department and Israel announced to form a task force that would deal with the burgeoning ransomware threats.
The Bad
Coming to the bad parts, the week saw quite a lot of malicious cyber activity. Let’s start with Candiru, the Israeli spyware vendor, that reportedly conducted watering hole attacks in the U.K and the Middle East. More details on the Robinhood breach came forth as the data of 7 million customers was put up for sale on a hacking forum. The worst of it all comes in the form of Emotet, which is supported by TrickBot in its apparent comeback after an extensive takedown by global law enforcement authorities. Seems like malware attacks are about to rise.
New Threats
“Baby shark doo, doo, doo, doo.” There’s a baby Shark(Bot) in the threat landscape. The Android banking trojan has already ensnared victims associated with 27 financial organizations across the U.K, the U.S., and Italy. While we are on the topic of trojans, we must tell you that GravityRAT is back in a new malware campaign that is targeting high-profile Indian officials. Attacks on WordPress seem to be ceaseless as another 300 sites were hacked and threatened with a fake ransomware notice.