Paradise Ransomware Spreading Through Unusual Attachments

While Paradise ransomware isn’t new to the scene, the latest methods it’s using to spread are a bit surprising. Though it sticks to using email for transmission, it now offers up an IQY attachment instead of a typical word document or excel spreadsheet. These can make a quick connection to a malicious URL prompting the download of the actual ransomware payload. What makes these especially dangerous is that they appear to be simple text files with no internal malicious code, just commands for retrieving it, so it isn’t typically picked up by most security services.

Entercom Data Breach

One of the world’s largest radio broadcasters, Entercom, recently revealed it had fallen victim to a data breach. It was initiated through a third-party service that stored login credentials for Radio.com users and could affect up to 170 million customers. This breach would be the third security incident targeting Entercom in just the last six months. The company has already fallen victim to two separate cyberattacks that caused their systems to be disrupted. Entercom has since implemented several additional security measures and prompted all users to change their passwords, especially if reused on other sites.

Western Union Begins Fraud Payback

Western Union has started paying back roughly $153 million to victims of fraudulent transactions processed by the firm’s payment systems. According to the U.S. Department of Justice, several employees and owners of Western Union locations were involved with allowing these fraudulent payments to be made and failing to properly discipline those individuals. The payback terms have started with 109,000 victims worldwide and will eventually total $586 million in reimbursements.

Whisper App Exposes User Data and Messages

The anonymous messaging app Whisper was recently revealed to own an unsecured database containing a large amount of personal customer records. Two independent researchers first discovered the database, containing over 900 million records and reaching back nearly eight years, and quickly contacted Whisper. The company then locked down the unrestricted access. Though financial or personally identifiable information were not included in the database, the app does track location data that could be used to narrow down a specific user’s location to a home or place of work.

Online Shopper Records Leaked

Up to 8 million sales records were discovered in an unsecured MongoDB database that has been misconfigured for an undetermined amount of time. The researcher who found the database quickly contacted the third-party servicing company that managed the database and it was secured five days later. The database contained roughly four million records pertaining to Amazon UK and eBay alone, comprised mainly of payment and contact information for online shoppers.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This