KillDisk – the world’s biggest Ransomware?: KillDisk malware was originally used in the Ukraine energy attacks of 2015. Now researchers have found a Linux variant of it, which makes the Linux machine unbootable. It also demands an unusual high Ransom of 222 BTC (approx. $200K). Prevention is the best solution to Ransomware. Regular Backups & good Web Security solutions recommended.
Koolova Ransomware: Users infected with this Ransomware can obtain the decryption key for free if they read two articles about Ransomware. This certainly is not the best way to build awareness about Ransomware. ‘Popcorn time’, another interesting Ransomware in news last month required the victim to infect two others to obtain the decryption key for free.
Ransomware in Schools: In UK, cybercriminals pretending to be Govt. officials have been cold-calling schools to obtain email ids of key staff, to email them ‘Supposedly’ important docs. These docs actually contain malware which encrypts the school’s machines. The hackers then demand a ransom of £8000. Similar scams are run by sending malware infected fake POs to sales organizations and fake resumes to HR depts..
Mongo DB under attack: MongoDB had an vulnerability in which the database could be accessed without any authentication. A patch was later made available but some of the admins did not patch. Hackers are now deleting such databases before making a copy, they are willing to return the data for a Ransom of 0.2BTC ($150). Thousands have been affected; Upgrade of MongoDB strongly recommended.
Tech support scam hits Mac: Users not on the latest Mac OS are prone to this malware infection, which opens several draft email windows with subject line “Virus detected call support on +1-800-xyz). This goes on till the laptop suffers memory issue and crashes. The trick is to get the victims to call, scare them to sell support which they really do not need. See image below.
D-Link Sued: After the recent massive DDoS attacks, the US watchdog FTC has sued D-Link for its poor security. This move by FTC will go a long way in improving the security of IoT devices which the manufactures have not taken very seriously – most likely to keep their costs low. Usage of default passwords allows hackers to break-in easily; it is strongly recommended to avoid using default passwords.
FTC announces $25K reward: Keeping in mind the role IoT played in the recent massive DDoS attacks, FTC has announced a reward of $25K to anyone who can create a solution that will patch all vulnerable IoT devices. A serious challenge in IoT is that many of these devices do not have ability to be patched remotely. Issue 88 – we saw a Chinese company admitting its products were misused to launch the DYN attack, later the company recalled some of the devices.
Netgear announces Bug Bounty program: Last week, Netgear launched its Bug Bounty program in which it will reward hackers up-to $15K for responsible reporting of flaws found in its products. Several companies offer such programs the biggest one being that of Zerodium which offers $1.5M for bugs in iOS 10 Zero-day exploits.
Critical RCE bugs patched: Websites using PHPmailer/ Swiftmailer/ Zendmail, were vulnerable to a RCE (Remote Code Execution) bug. Using contact/registration forms – hackers could run arbitrary code thereby compromising the site. All the vulnerabilities have now been patched. Admins can consider updating.
India’s pitch to Google: India’s IT minister told the visiting Google CEO to play a ‘more meaningful’ role in countering cyber threats. Experts are not sure what exactly a company like Google can do to increase cyber security. As India is rapidly moving towards Digitalization – the cyber-threats will grow disproportionately. ‘Digital India’ will slow down if these threats become mass and real.