User Tag List

+ Reply to Thread
Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: The worst cyber attack The wannacry Ransomware

  1. #11
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Red face

    Mebbe dat's how he knew how to crack Wannacry...

    Hacker who helped control WannaCry arrested in Nevada
    Sat, Aug 05, 2017 - Marcus Hutchins, a young British researcher credited with derailing a global cyberattack in May, was arrested for allegedly creating and distributing malicious software designed to collect bank-account passwords, US authorities said on Thursday.
    News of Hutchins’ detention came as a shock to the cybersecurity community. Many had rallied behind the researcher whose quick thinking helped control the spread of the WannaCry ransomware attack that crippled thousands of computers. Hutchins was detained in Las Vegas on his way back to Britain from an annual gathering of hackers and information security gurus. A grand jury indictment charged Hutchins with creating and distributing malware known as the Kronos banking Trojan.

    Such malware infects Web browsers, then captures usernames and passwords when an unsuspecting user visits a bank or other trusted location, enabling cybertheft. The indictment, filed last month in a Wisconsin federal court, alleges that Hutchins and another defendant — whose name was redacted — conspired between July 2014 and July 2015 to advertise the availability of the Kronos malware on Internet forums, sell the malware and profit from it. The indictment also accuses Hutchins of creating the malware.

    Authorities said the malware was first made available in early 2014, and “marketed and distributed through AlphaBay, a hidden service on the Tor network.” The US Department of Justice last month announced that the AlphaBay “darknet” marketplace was shut down after an international law enforcement effort. Hutchins’ arraignment was postponed on Thursday in US District Court in Las Vegas by a magistrate judge who gave him until yesterday afternoon to determine if he wants to hire his own lawyer. Hutchins was in Las Vegas for Def Con, an annual cybersecurity conference that ended on Sunday. On Wednesday, Hutchins made comments on Twitter that suggested he was at an airport getting ready to board a plane for a flight home. He never left Nevada.

    Jake Williams, a respected cybersecurity researcher, said he found it difficult to believe Hutchins is guilty. The two men have worked on various projects, including training material for higher education for which the Briton declined payment. “He’s a stand-up guy,” Williams said in a text chat. “I can’t reconcile the charges with what I know about him.” A justice department spokesman confirmed the 22-year-old Hutchins was arrested Wednesday in Las Vegas. Officer Rodrigo Pena, a police spokesman in Henderson, near Las Vegas, said Hutchins spent the night in federal custody in the city lockup.

    http://www.taipeitimes.com/News/worl.../05/2003675975
    See also:

    U.S. judge sets $30,000 bail for famed British cyber expert
    August 4, 2017 - A U.S. judge in Law Vegas set a $30,000 bail on Friday for a famed British cyber security researcher accused of advertising and selling malicious code used to pilfer banking and credit card information.
    Marcus Hutchins, 23, gained international celebrity status within the hacker community in May when he was credited with neutralizing the global "WannaCry" ransomware attack. His attorney, Adrian Lobo, told reporters he would not be released on Friday because the clerk's office for the court closed before his defense team could post the bail.

    Judge Nancy Koppe dismissed a federal prosecutor's claim that Hutchins was a flight risk. If released, Hutchins will be barred from computer use or internet access. Hutchins was "doing well, considering what's gone on," his defense attorney, Adrian Lobo, told reporters.

    She said it was "unexpected in (Hutchins') mind to ever be in this situation." News of Hutchins' arrest on Wednesday shocked other researchers, many of whom rallied to his defense and said they did not believe he had ever engaged in cyber crime.

    http://www.reuters.com/article/us-au...-idUSKBN1AJ367
    Related:

    WannaCry ransom money is on the move
    Aug. 3, 2017 -- The hackers behind May's WannaCry cyberattack have moved the ransom money they accumulated from three bitcoin accounts to other, larger accounts, online tracking records show.
    The WannaCry attack paralyzed business and government computer systems across the world by exploiting security flaws first unearthed by the National Security Agency. Among the groups hardest hit were the Spanish telecom giant Telefonica and Britain's health ministry. Hospitals in Britain were forced to turn away patients for multiple days while officials scrambled to regain control of their computer systems. Though the hackers, who are believed to have ties to North Korea, succeeded in upending cybersecurity systems across the world, their efforts to turn it into a money-making scheme largely failed due to their own ineptitude.

    For starters, though bitcoin transactions are public, they are also anonymous. The three accounts the hackers set up to receive ransom payments from victims were unable to track who had made the payments, meaning the decryption codes the hackers promised were unreliable, making it less likely victims would be willing to pay the ransom in the first place. Other basic coding errors made some of the system take-overs easily remedied. In another twist, the hackers set up a free email account to communicate with victims that was almost immediately identified by the service provider and shut down.


    A programer shows a sample of a ransomware cyberattack on a laptop in May. The hackers behind the WannaCry cyberattack have moved the ransom money from three bitcoin accounts to larger accounts.

    In all, the hackers received about $140,000 in ransom money in the form of bitcoin payments. Even that payment was inflated due to the rising value of bitcoin in the months since the WannaCry attack. At the time, they received less than $100,000 in ransom payments. International trackers set up a Twitter account to monitor and report any movement in the three accounts the hackers used. On Thursday, that account noted the accounts were drained and the bitcoins were transferred into larger joint accounts known as mixers. Though the bitcoin can still be tracked, mixers allow users to break up bitcoin transactions into smaller ones that are more difficult to trace.

    Europol, the European investigative agency, declined to comment on the status of the WannaCry investigation. The U.S. Justice Department did not immediately respond to comment. On Thursday, authorities in Las Vegas arrested Marcus Hutchins, a British computer security researcher responsible for stopping May's WannaCry attack. An indictment filed in the U.S. District Court in Wisconsin accused him of distributing the banking malware known as Kronos between July 2014 and July 2015, USA Today reported. Hutchins was in Las Vegas for two computer security conferences -- Black Hat and Defcon.

    https://www.upi.com/Top_News/World-N...&utm_medium=14
    Last edited by waltky; 08-04-2017 at 07:22 PM.

  2. #12
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Angry

    NSA hacking tool used to create ransomeware...

    Bad Rabbit malware allegedly used NSA hacking tool
    Oct. 27, 2017 -- The Bad Rabbit malware, which U.S. analysts say originated in Russia, allegedly used a leaked National Security Agency hacking tool.
    Cisco researchers found that the malware used an NSA tool called EternalRomance that takes capitalizes on a vulnerability in Windows computers by bypassing security over Server Message Block file-sharing connections. The vulnerability enables hackers to remotely execute instructions on Windows clients and servers. EternalRomance was leaked this year by a group called The ShadowBrokers, who released the tools they said were from the NSA.


    Bad Rabbit was reportedly spread to computers using a fake Adobe Flash update.

    It is not, however, the same NSA tool made famous by earlier ransomware outbreaks NotPetya and WannaCry. The ShadowBrokers released several packages of the EternalRomance tools, all of which they said had been stolen from the NSA. The news comes after the U.S. Computer Emergency Readiness Team, a division of the Department of Homeland Security, said it's "received multiple reports" of ransomware infections called Bad Rabbit in many countries around the world, including Russia, Ukraine and Germany.

    A fake Adobe Flash update reportedly helped spread the malware. Once installed on one computer, the hackers could use other techniques to spread it to other computers on the same network. The hack predominantly affected Russian users and even interrupted service in Ukrainian mass transit. However, the source of the attack is still unclear. "There is a lot of speculation that Russia is the main target, which may be true, but does not rule out Russia as the attacker," Dr. Andrea Little Limbago, chief social scientist at Endgame, said.

    https://www.upi.com/Top_News/World-N...&utm_medium=14

  3. The Following User Says Thank You to waltky For This Useful Post:

    Kacper (10-29-2017)

  4. #13
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Cool

    Mebbe it wasn't the No. Koreans after all...

    5 arrested in Romania for spreading ransomware in U.S., Europe
    Dec. 20, 2017 -- Romanian officials have arrested five people they believe are responsible for one of the most widespread ransomware crimes ever, authorities said Wednesday.
    Officials said the group of five were arrested on suspicion of unauthorized computer access, serious hindering of a computer system, misuse of devices with the intent of committing cyber crimes and blackmail. A device compromised with ransomware will not function until the user pays a price.


    Romanian officials said Wednesday five people were arrested, believed to be responsible for one of the most widespread ransomware schemes ever.

    Officials believe three of the suspects infected computer systems by spreading the Curve-Tor-Bitcoin Locker malware. The other two are believed to be involved with spreading Cerber, a ransomware focused on extorting money from users in the United States. The five suspects did not design the software but are believed to have paid the designers 30 percent of their take.

    According to computer security software company McAfee, CTB-Locker was the widest used ransomware in 2016. In July, Google ranked Cerber as the most criminally profitable ransomware, with a haul of nearly $7 million from victims.

    https://www.upi.com/Top_News/World-N...&utm_medium=11

+ Reply to Thread

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts