![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2019-14287 – Sudo Flaw Lets Linux Users Run Commands As Root
October 15, 2019![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – Cisco IOS XE Software Web UI Command Injection Vulnerabilities
October 15, 2019![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2019-14287 – Sudo Flaw Lets Linux Users Run Commands As Root
October 15, 2019![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – Cisco IOS XE Software Web UI Command Injection Vulnerabilities
October 15, 2019Severity
High
Analysis Summary
Attackers have created an elaborate scheme to distribute a cryptocurrency trading program that installs a backdoor on a victim’s Mac or Windows PC.
Security researcher MalwareHunterTeam discovered a scheme where an attacker has created a fake company that is offering a free cryptocurrency trading platform called JMT Trader. When this program is installed, it will also infect a victim with a backdoor Trojan.
This scheme starts with a professionally designed web site where the attackers promote the JMT Trader program .
![JMT Trader Web Site](https://www.bleepstatic.com/images/news/security/j/jmt-trader/jmttrading-site.jpg)
To help promote the site and program, they also created a Twitter account that is used to promote the fictitious company.
![Twitter Account](https://www.bleepstatic.com/images/news/security/j/jmt-trader/twitter-account.jpg)
Impact
- Financial loss
- Exposure of sensitive information
Indicators of Compromise
Malware Hashes
MD5
- 48971e0e71300c99bb585d328b08bc88
- c4aa6f87124320eadc342d2fe7364896
SH256
- 9bf8e8ac82b8f7c3707eb12e77f94cd0e06a972658610d136993235cbfa53641
- 4d6078fc1ea6d3cd65c3ceabf65961689c5bc2d81f18c55b859211a60c141806
- 07c38ca1e0370421f74c949507fc0d21f4cfcb5866a4f9c0751aefa0d6e97542
SHA1
4fcc84583126689d03acf69b9fca5632f7d44752
Remediation
- Block all threat indicators at your respective controls.
- Always be suspicious about emails sent by unknown senders.
- Never click on the links/attachments sent by unknown senders.