Clipboard Hijacker Malware

45f6ca06-eec3-4ffc-9a71-7659da5cd9f7

 

Cryptocurrency Clipboard Hijackers, a recently discovered form of malware, scans 2.3 million cryptocurrency addresses to swap legitimate destinations with addresses the attackers control.

Clipboard Hijacker malware scans the Windows clipboard for cryptocurrency addresses and switches legitimate destination addresses for addresses owned by attackers. As a result, the coins in transit end up with cybercriminals instead of the intended recipients. Clipboard Hijackers are not a new threat, but this one shows attackers are getting more advanced.

Source: Dark Reading

How do you protect yourself?

Proper security measures must be in place to defend against Clipboard Hijacker Malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from cryptocurrency-mining malware.

 

CVE-2018-13784

Threat Meter

 

PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.

Source: CVE

How do you protect yourself?

Upgrade to PrestaShop 1.7.3.4 and 1.6.1.20. These versions fix security and PHP compatiblity issues.

 

Nozelesn Ransomware

Threat Meter

 

A distribution campaign for a new ransomware called Nozelesn is currently underway that is targeting Poland. This campaign started July 1st and we already have reports from victims in our forums and numerous cases have been spotted.

The ransomware will encrypt a user’s files and append the .nozelesn extension to the encrypted file’s name.

The ransomware will also create ransom notes on the computer named HOW_FIX_NOZELESN_FILES.htm. This ransom note contains instructions on how to login to a TOR payment server at lyasuvlsarvrlyxz.onion to receive instructions. It also contains a unique personal code that the victim will be need in order to login to the server.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Nozelesn ransomware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.