At a glance.
- Emotet was the biggest holiday threat.
- Earth Wendigo targets emails in Taiwan.
- Outcome of the data breach at the Hackney council.
- A cannabis producer's data breach buzz kill.
And the award for best holiday threat goes to...
The Emotet Trojan has returned to first place in Check Point Software Technologies’ Global Threat Index for December, after falling to fifth place in November. It took the lead after a spam campaign over the holidays that targeted 100,000 users daily and impacted 7% of organizations globally. Emotet likely owes its success to recent advancements to the Trojan, which include improved detection evasion features, new malicious payloads, and an upgraded email campaign. Runners-up for the top spot are Trickbot and Formbook, while Hiddad is the leading mobile malware and MVPower DVR Remote Code Execution is the most exploited vulnerability.
“Earth Wendigo” targets Taiwanese email system.
Hackers hack Hackney.
Hackers have released documents that appear to be stolen during a recent ransomware attack on Hackney Council in London, reports Sky News. The incident, which occurred in October 2020, was investigated by the UK's National Cyber Security Centre and the Ministry of Housing. Now Pysa/Mespinoza cybercriminal group have posted documents they claim belong to the Council on the darkweb, documents with file names like "passportsdump" and "staffdata." Though the Council has not stated whether they paid the requested ransom at the time of the attack, the publication of the data appears to be a threat. A Council spokesperson stated “We understand and share the concern of residents about any risk to their personal data, and we are working as quickly as possible with our partners to assess the data and take action, including informing people who are affected.”
A snake in the grass.
After infiltrating the systems of leading Canadian cannabis producer Aurora Cannabis on Christmas Day, a hacker is selling the stolen data on an underground forum, BleepingComputer reports. Posting sample pictures of the stolen files, the hacker is asking for one bitcoin for the 50GB of data, which include images of checks, passports, and business documents. The hacker claims he contacted Aurora to negotiate a ransom, and has even reached out to employees to let them know he still has access to their system, but his emails, he says, have gone unanswered.