Cyber News Rundown: Instagram Phishing Campaign
Copyright Phishing Campaign Hits Instagram
Many Instagram accounts were recently compromised after receiving a notice that their accounts would be suspended for copyright infringement if they didn’t complete an objection form within 24 hours. By setting a timeframe, the attackers are hoping that flustered victims would quickly begin entering account credentials into a phony landing page before being redirected to the authentic Instagram login page to appear legitimate.
WordPress Plugin Exploited
Rich Reviews, a vulnerable WordPress plugin that was removed from the main WordPress repository more than six months ago, has been found still active on thousands of websites. This vulnerability allows attackers to download malicious payloads, then redirect victims to phony websites that could further infect their systems. Fortunately, several security companies are working with the plugin’s creators to fix the current vulnerabilities, though these updates won’t reach users until it’s put back on the repository.
Banking Malware Campaign
Hundreds of malware samples have been discovered that target ATMs and can be deployed to obtain sensitive banking information from infected systems. Dtrack, the name of the malware tools, can also be used to steal local machine information, such as keystrokes and browser history, by using known vulnerabilities in network security. This type of attack comes from the Lazarus Group, who have been known to target nations and major financial institutions around the world.
Click2Gov Site Hacked
An online bill paying site used in dozens of cities across the U.S. was recently hacked in at least eight cities, already compromising more than 20,000 individuals from all 50 states. This will be the third breach affecting Click2Gov, all of which used an exploit allowing attackers to gain both remote access to the system and upload any files they choose. Many of the cities that were targeted recently were part of the prior attacks on the Click2Gov portal.
Wyoming Healthcare Hit with Ransomware
Campbell County Health’s computer systems were brought to a halt after suffering a ransomware attack this week. Nearly 1,500 computers were affected and all currently scheduled surgeries and other medical care must be delayed or diverted to another facility. Fortunately, CCH is working quickly to restore all of their systems to normal and determine the exact infection point for the attack.