Chili’s Restaurant Reveals Payment Card Breach

In the last week, officials have discovered a data breach that affects an unknown number of the chain’s 1,600 restaurants across the country. It is believed that the breach could affect customers who visited the restaurant between March and April of this year, and likely includes all payment information, though Chili’s doesn’t retain any additional customer data.

StalinLocker Requires Puzzle Code to Stop Deletion

A new screen-locking malware has been spotted that avoids the ransom and moves quickly to locking the entire screen. Once the lock screen is in place, a 10-minute countdown begins, and requests the user enter a specific code or it will begin deleting the contents of every mapped drive on the computer. Along with running a countdown timer, a picture of Joseph Stalin is displayed across the screen and the USSR anthem plays in the background.

Mexican Bank Funds Transferred Illicitly

Within the past month, the Interbank payment systems of the Mexican Central Bank were compromised, leaving millions of dollars unaccounted for. Abusing the interbank payment system allowed the attackers to immediately make the transfers and withdraw in cash. Even though some of the transfers were stopped for being suspicious, the final estimate rests at over $20 million. Fortunately for the bank’s customers, it appears that the stolen funds were from the bank’s accounts, not their clients.

Latest Dharma Ransomware Variant Uses .bip Extension

The most recent variant of the Dharma/Crysis ransomware has made some subtle changes since its previous iteration. Using a compromised RDP service, attackers are able to manually install the Dharma variant, which begins encrypting all files, including mapped and unmapped network drives with a .bip extension. Even though decryption hasn’t yet been made freely available, victims are still encouraged to attempt restoring from an external backup, as this variant will completely remove all shadow copies from the system.

Danish Train Network Hit with DDoS Attack

Thousands of Danish passengers found themselves unable to purchase train tickets from multiple sources after a DDoS attack took down the purchasing system. Some were fortunate enough to be able to purchase tickets directly from train officials, as even their staff was having difficulties communicating both internally and externally regarding the issue. Luckily, the systems were quickly restored to normal operation with no residual problems.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This