Always Providing You With Ongoing Information

Posts tagged ‘Hackers’

WannaCry Ransomeware

wannacrypt ransom note

The worm called WannaCry infected  200,000 computers in more than 150 countries, tied the UK health service in knots, took out the Spanish phone company, made train travelers in Germany chaotic, and took big swipes out of FedEx, Renault, a reported 29,000 Chinese institutions, and networks all over Russia—including the Russian Interior Ministry.

Can you get infected by Wanna Cry Ransomeware?

No. MalwareTech defanged the malware. Although there are a few extraordinary situations where the threat persists (in particular if your network blocks access to one odd website), for most people, WannaCry has been out of commission since late Friday.

Well Do I  need to worry about it right now?

Yes. There have been reports from Matt Suiche of a new WannaCry variant that’s been sinkholed with 10,000 infections logged. The clones are coming, and many of them won’t be easy to stop. You have to get your Windows PC patched now.

FedEx Also Suffers Malware Attack

blacktop3_001

FedEx Corp confirms it has suffered a malware attack on Friday  and said its Windows-based systems were “experiencing interference” due to malware and that it was trying to fix the issue as quickly as possible. Computer systems at companies and hospitals in dozens of countries were hit Friday, apparently part of a huge extortion plot. The so-called ransomware attack appears to exploit a weakness that was purportedly identified by the U.S. National Security Agency and leaked to the internet. It encrypts data on infected computers and demands payment before the information is unencrypted..

A cyberattack that is forcing computer owners to pay hundreds of dollars in ransom to unlock their files has hit almost every corner of the world. This is the biggest ransomware outbreak in history.

Security experts from Kaspersky Lab and Avast Software say Russia was the hardest hit, followed by Ukraine and Taiwan. Researchers believe a criminal organization is behind this, given its sophistication.Russia’s Interior Ministry says it has come under cyber attack. Agency spokeswoman Irina Volk says in a statement carried by Russian news agencies that Friday’s cyber attacks hit about 1,000 computers. She said the ministry’s servers haven’t been affected. Volk also said that ministry experts are now working to recover the system and do necessary security updates.

Russian media also said that the Investigative Committee, the nation’s top criminal investigation agency, also has been targeted. The committee denied the reports.

Megafon, a top Russian mobile operator, also said it has come under cyberattacks that appeared similar to those that crippled U.K. hospitals on Friday.

Microsoft has released fixes for vulnerabilities and related tools disclosed by TheShadowBrokers, a mysterious group that has repeatedly published alleged NSA software code. But many companies and individuals haven’t installed the fixes yet, or are using older versions of Windows that Microsoft no longer supports and didn’t fix.

Hospitals in the U.K. and telecommunications companies in Spain are among those hit by a “ransomware” attack that locked up computer data and demanded payment to free it. The attacks use a malware called Wanna Decryptor, also known as WannaCry.

DarkOverlord Demands Ransom For Unreleased Content From Netflix, Fox and Others

snapshot_139

Jojo Whilden/Netflix

‘TheDarkOverlord stole  next season’s Orange is The New Black content from a third party, and they’re demanding Netflix pay a ransom in order to keep the rest of the season private. Late Friday night, TheDarkOverlord tweeted about content belonging to ABC, FOX, IFC and National Geographic, saying “We’re not playing any games anymore.”

Torrent posted for stolen 'Orange is the New Black' premiere episode

The hackers claim Larson (from Larson studios in Hollywood) agreed to pay up but didn’t, and now they’re trying to squeeze Netflix.  Netflix has said “We are aware of the situation. A production vendor used by several major TV studios had its security compromised and the appropriate law enforcement authorities are involved.”

More Here

TheDarkOverlord says that they have released episodes 2-10 of the 13 episode season in another torrent. They also continued to threaten Netflix and the other studios, saying “You’re going to lose a lot more money in all of this than what our modest offer was. We’re quite ashamed to breathe the same air as you. We figured a pragmatic business such as yourselves would see and understand the benefits of cooperating with a reasonable and merciful entity like ourselves. And to the others: there’s still time to save yourselves. Our offer(s) are still on the table – for now.”

Inmates Create Homemade Computer & Stashed it

Snapshotprison dress3_001

Two inmates incarcerated at Marion Correctional Institution, a low-security, 2,500-capacity facility which used inmate labor to recycle old computers as part of the non-profit RET3 program.Both inmates managed to squirrel away dozens of RET3 parts and construct two new machines inside MCI. The fully functional computers were “hidden on a plywood board in the ceiling above a closet” and subsequently “connected to [Ohio Department of Rehabilitation and Correction’s] computer network.”

According to the 50-page Ohio Inspector General report, the fully functional computers were “hidden on a plywood board in the ceiling above a closet” and subsequently “connected to [Ohio Department of Rehabilitation and Correction’s] computer network.” But wait—there’s more. They were able to run ethernet cables through the ceiling and down to the network switch, where it was connected to port 16, and the inmates were able to obtain internet access via credentials belonging to, a retired prison employee who now works for ODRC as a contractor. Once connected, they were able to download articles on “home-made drugs, plastics, explosives, and credit cards.” One of the inmates, according to the report, also “accessed an article online from the Bloomberg.com site detailing how to submit fraudulent tax returns and have the refunds wired to debit cards,” and stole the identity of another inmate and used his name and social security number to apply for five credit cards. The investigators found a bunch of software useful for hacking and encryption, as well as brute force password crackers, an email spamming program, and a Java-based tool used to commit man-in-the-middle attacks. Likely this cornucopia of illicit programs was how the pair were able to issue “passes for inmates to gain access to multiple areas within MCI” and gain access to “unauthorized inmate records including disciplinary records, sentencing data, and inmate locations.

How they were discovered

The two masterminds were caught due to employee bandwidth throttling. An automated message informed MCI staff that on Friday July 3, 2015 “a computer operating through the ODRC computer network had exceeded a daily internet usage threshold.” The ring of prisoners involved with this data heist have been shipped off to other facilities, and MCI are shouldering the blame for not only allowing it to happen, but failing to notify Ohio State Highway Patrol as regulations.

Dag they should do their time (be good) and apply for a computer job

Data Breaches & Stuffed Animals

screen shot 2017 02 27 at 4.34.08 pmCredit: CloudPets

If you own a stuffed animal from Cloud Pets, you need to change your password to the product. The toys — which can receive and send voice messages from children and parents — have been involved in a data breach dealing with more than 800,000 user accounts.

The breach, which grabbed headlines on Monday, is drawing concerns from security researchers because it may have given hackers access to voice recordings from the toy’s customers. However, the company behind the products, Spiral Toys, is denying that any customers were hacked.

Hackers appear to have accessed an exposed CloudPets’ database, which contained email addresses and hashed passwords, and they even sought to ransom the information back in January.

CloudPets, the brand allegedly made the mistake of storing the customer information in a publicly exposed online MongoDB database that required no authentication to access. That allowed anyone, including hackers, to view and steal the data.

 

Austrian Hotel Shut down By hackers

lilacsuit_001

One of Europe’s largest luxury hotels found itself on the end of an online hostage situation over an undiscovered vulnerability in its electronic key system.

According to the English language Austrian news site The Local, the Romantik Seehotel Jaegerwirt located in the picturesque Alps was hit by a cyberattack that resulted in all its guests being locked out of their rooms.

Activating the door locking mechanism remotely, the hackers were able to put the hotel into achaotic state during the height of the ski season, while also shutting down the hotel’s entire computer system.

To give control back to the hotel, the hackers demanded a sum of €1,500 to be paid in bitcoin, or otherwise its guests were going to be sleeping in the hallways.

Given the circumstances, hotel management relented and paid the ransom, but unbeknownst to them the hackers had built in a backdoor to their fix resulting in two further hacks.

More here

Hacker Group Colbolt Hitting The ATMs

Snapshotcouch1_001

A Hacker group named Cobalt have been attacking ATMs in more than a dozen countries in Europe and Asia, including the U.K. and Russia. The “smash and grab” attacks were coordinated from unknown command centers. They don’t require any physical tampering of the ATMs but the hackers do need someone to be present when the attack happens so they can collect the wads of cash from the ATM.  Hackers attack huge numbers of ATMs at the same time because they know they can be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down.

A key threat is when cyber criminals commit fraud remotely from anywhere globally and attack the whole ATM network without being ‘on the radar’ of security services,says Dmitry Volkov, Group IB’s head of the investigation.

Tag Cloud

%d bloggers like this: