Dyre Banking Trojan, Tyupkin ATM Malware, iWorm Botnet and More | TWIC – October 10, 2014
Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
- Enhancements to Dyre Banking Trojan (PhishLabs)
The Dyre banking Trojan made its first debut in June 2014, targeting large financial institutions across the globe. In September, PhishLabs’ R.A.I.D (Research, Analysis, and Intelligence Division) observed a number of enhancements to the banking Trojan that further increases the danger of the threat.
- Huge Data Leak at Largest U.S. Bond Insurer (KrebsOnSecurity)
On Monday, KrebsOnSecurity notified MBIA Inc. — the nation’s largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data.
- Tyupkin: Manipulating ATM Machines with Malware (SecureList)
Earlier this year Kaspersky Lab’s Global Research and Analysis Team performed a forensics investigation into a cyber-criminal attack targeting multiple ATMs in Eastern Europe. A piece of malware was discovered that allowed attackers to empty the ATM cash cassettes via direct manipulation.
- Over 17,000 Mac Machines Affected by ‘iWorm’ Botnet Malware (The Hacker News)
A newly discovered zombie network that exclusively targets Apple computers running Mac OS X across the globe has compromised roughly 17,000 machines so far, giving hackers backdoor access to infected computers, researchers at Russian antivirus firm Dr.Web warned.
- Dairy Queen confirms Backoff Malware Led to Data Breach (CSO)
Minneapolis-based Dairy Queen has confirmed a data breach that impacts 395 stores. The fast food chain says that the source of the breach itself is the same family of POS malware that gained attention earlier this summer after an advisory from the US Secret Service made the rounds.
- Return of the Android SMS Virus – Self-Spreading “Selfmite” Worm Comes Back for More (Naked Security)
Andr/SlfMite-A, an Android virus that works a bit like the email worms of the early 2000s, has made a comeback. The new variant pretends to be a Google Plus app, though of course it is no such thing.