Reading Time: ~ 2 min.
DDoS Attack Strikes U.S. Health Department
Amidst the panic caused by the novel coronavirus, millions
of people began navigating to the
U.S. Department of Health’s website to find more information on the
illness, but instead found the site to be offline after a DDoS attack
overwhelmed its servers. This comes as only one of many unfortunate attacks
that are being used to spread disinformation and panic, as well as delay
healthcare workers from assisting patients or working towards slowing the
overall spread of the illness.
Netfilim Ransomware Uses Old Code but New Tactics
Researchers have been tracking the spread of a new
ransomware variant known as ‘Netfilim,’
which has been on a steady rise since February. By utilizing a large portion of
code from another ransomware variant, Nemty, it has a quick distribution rate
and keeps with the promised threat of releasing all stolen data within a week
of encryption. It does differ from Nemty in its payment process, however, relying
solely on email communication rather than directing the victim to a payment
site that is only accessible through a Tor browser, leaving .NETFILIM as the
appended extension for all encrypted files.
US Loan Database Exposed
A database containing millions of financial
documents and other highly sensitive information was found freely
accessible through an unsecured Amazon web service bucket. Contained within the
425GB of data were credit reports, Social Security numbers, and personally
identifiable information for thousands of individuals and small businesses. The
database itself is connected with a loan app that was developed by two major
New York funding firms, Advantage Capital and Argus Capital.
Malicious Coronavirus Mapping Apps Spreading More than Misinformation
Many malware authors have been capitalizing on the recent coronavirus
(COVID-19) epidemic by way of phishing campaigns and newly renamed ransomware
variants. Their latest endeavor is an app used to reportedly “track” the spread
of coronavirus across the globe, but has instead been dropping malicious
payloads on unsuspecting victims’ devices. Some of these apps can lock devices
and demand a ransom to unlock it, while others deliver full ransomware payloads
that can encrypt and upload any files to another remote server. Fortunately,
researchers worked quickly to engineer up a decryption key for victims.
Magecart Group Targets NutriBullet Website
Following a network breach in late February, Magecart
scripts were found to be actively stealing payment card information from NutriBullet
websites up to present. The specific organization, known as Group 8, has been
using similar Magecart scripts for over two years and have claimed over 200
unique victim domains. Despite several contact attempts from the researchers
who found the skimmers, no changes have been made to the affected sites,
leaving current and new customers vulnerable.
The post Cyber News Rundown: DDoS Strikes U.S. Health Department appeared first on Webroot Blog.