User Tag List

+ Reply to Thread
Results 1 to 10 of 10

Thread: Another large-scale cyberattack underway: experts

  1. #1
    Original Ranter
    Points: 859,042, Level: 100
    Level completed: 0%, Points required for next Level: 0
    Overall activity: 90.0%
    Achievements:
    SocialCreated Album picturesOverdrive50000 Experience PointsVeteran
    Awards:
    Posting Award
    Peter1469's Avatar Advisor
    Karma
    496573
    Join Date
    Jun 2011
    Location
    NOVA
    Posts
    241,693
    Points
    859,042
    Level
    100
    Thanks Given
    153,218
    Thanked 147,583x in 94,415 Posts
    Mentioned
    2552 Post(s)
    Tagged
    0 Thread(s)

    Another large-scale cyberattack underway: experts

    Another large-scale cyberattack underway: experts

    Another hacked NSA tool is on the attack. This one seems to be much sneakier.

    Another large-scale, stealthy cyberattack is underway on a scale that could dwarf last week's assault on computers worldwide, a global cybersecurity firm told AFP on Wednesday.

    The new attack targets the same vulnerabilities the WannaCry ransomware worm exploited but, rather than freeze files, uses the hundreds of thousands of computers believed to have been infected to mine virtual currency.


    Following the detection of the WannaCry attack on Friday, researchers at Proofpoint discovered a new attack linked to WannaCry called Adylkuzz, said Nicolas Godier, a researcher at the computer security firm.


    "It uses the hacking tools recently disclosed by the NSA and which have since been fixed by Microsoft in a more stealthy manner and for a different purpose," he said.
    Instead of completely disabling an infected computer by encrypting data and seeking a ransom payment, Adylkuzz uses the machines it infects to "mine" in a background task a virtual currency, Monero, and transfer the money created to the authors of the virus.
    Virtual currencies such as Monero and Bitcoin use the computers of volunteers to record transactions. They are said to "mine" for the currency and are occasionally rewarded with a piece of it.
    ΜOΛΩΝ ΛΑΒΕ


  2. The Following User Says Thank You to Peter1469 For This Useful Post:

    waltky (05-19-2017)

  3. #2
    Points: 92,612, Level: 74
    Level completed: 15%, Points required for next Level: 2,138
    Overall activity: 3.0%
    Achievements:
    Social50000 Experience PointsVeteran
    Common Sense's Avatar Senior Member
    Karma
    931196
    Join Date
    Apr 2014
    Posts
    41,841
    Points
    92,612
    Level
    74
    Thanks Given
    14,236
    Thanked 16,117x in 11,350 Posts
    Mentioned
    544 Post(s)
    Tagged
    0 Thread(s)
    $#@!ers...

  4. The Following 2 Users Say Thank You to Common Sense For This Useful Post:

    Captain Obvious (05-17-2017),Peter1469 (05-17-2017)

  5. #3
    Points: 174,788, Level: 99
    Level completed: 29%, Points required for next Level: 2,862
    Overall activity: 22.0%
    Achievements:
    SocialVeteranTagger First Class50000 Experience Points
    Dr. Who's Avatar Advisor
    Karma
    870670
    Join Date
    Jan 2013
    Location
    Gallifrey
    Posts
    69,100
    Points
    174,788
    Level
    99
    Thanks Given
    12,829
    Thanked 12,933x in 8,811 Posts
    Mentioned
    206 Post(s)
    Tagged
    0 Thread(s)
    Someone should invent an anti-hack virus that traces the attacking virus back to source and destroy their computers. Shoe on other foot!
    In quoting my post, you affirm and agree that you have not been goaded, provoked, emotionally manipulated or otherwise coerced into responding.



    "The difference between what we do and what we are capable of doing would suffice to solve most of the world’s problems.”
    Mahatma Gandhi

  6. The Following User Says Thank You to Dr. Who For This Useful Post:

    waltky (05-19-2017)

  7. #4
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Angry

    Wannacry could continue to be a problem in the future...

    Ransomware Attack Could Herald Future Problems
    May 13, 2017 — Tech staffs around the world worked around the clock this weekend to protect computers and patch networks to block the computer hack whose name sounds like a pop song — "WannaCry" — as analysts warned the global ransomware attack could be just the first of a new wave of strikes by computer criminals.
    The United States suffered relatively few effects from the ransomware that appeared on tens of thousands of computer systems across Europe and into Asia, beginning Friday. Security experts remained cautious, however, and stressed there was a continuing threat. In contrast to reports from several European security firms, a researcher at the Tripwire company on the U.S. West Coast said late Saturday that the attack could be diminishing. "It looks like it's tailing off," said Travis Smith of Tripwire. "I hope that's the case," Smith added. The Oregon firm protects large enterprises and governments from computer security threats.

    Ransomware attack

    The code for the ransomware unleashed Friday remains freely available on the internet, experts said, so those behind the WannaCry attack — also known as WanaCryptor 2.0 and a variety of other names — could launch new strikes in coming days or weeks. Copycat attacks by other high-tech criminals also are possible. "We are not out of the woods yet," said Gary Davis, chief consumer security evangelist at McAfee, the global computer security software company in Santa Clara, California. "We think it's going to be the footprint for other kinds of attacks in the future." The attack hit scores of countries — more than 100, by some experts' count — and infected tens of thousands of computer networks.


    A security specialist works at a computer station with a cyberthreat map displayed on a wall in front of him in the Cyber Security Operations Center at AEP headquarters in Columbus, Ohio

    Industry reports indicate Russia, Taiwan, Ukraine and Britain were among the countries hit hardest, and more hacking reports can be expected when offices reopen for the new workweek Monday or, in some parts of the world, Sunday. One of the weapons used in the current attack is a software tool reportedly stolen from the U.S. National Security Agency and published on the internet by hackers last month. The tool affords hackers undetected entry into many Microsoft computer operating systems, which is what they need to plant their ransomware. However, Microsoft issued patches to fix that vulnerability in its software weeks ago that could greatly reduce the chances of intrusion.

    Outdated operating systems

    The crippling effects of WannaCry highlight a problem that experts have long known about, and one that appears to have hit developing countries harder. Some organizations are more vulnerable to intrusion because they use older or outdated operating systems, usually due to the cost of upgrading software or buying modern hardware needed to install better-protected operating systems. Companies like Microsoft eventually stop updating or supporting older versions of their software, so customers using those programs do not receive software patches or security upgrades. Much of the ransomware's spread around the world occurred without any human involvement. The WannaCry malware self-propagates, copying itself to all computers on a network automatically.

    MORE
    See also:

    Clues Found to Ransomware Worm's Lingering Risks
    May 18, 2017 — Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.
    Researchers are struggling to try to find early traces of WannaCry, which remains an active threat in hardest-hit China and Russia, believing that identifying "patient zero" could help catch its criminal authors. They are having more luck dissecting flaws that limited its spread.

    Security experts warn that while computers at more than 300,000 internet addresses were hit by the ransomware strain, further attacks that fix weaknesses in WannaCry will follow that hit larger numbers of users, with more devastating consequences. "Some organizations just aren't aware of the risks; some don't want to risk interrupting important business processes; sometimes they are short-staffed," said Ziv Mador, vice president of security research at Israel's SpiderLabs Trustwave. "There are plenty of reasons people wait to patch and none of them are good," said Mador, a former long-time security researcher for Microsoft.

    WannaCry's worm-like capacity to infect other computers on the same network with no human intervention appear tailored to Windows 7, said Paul Pratley, head of investigations & incident response at UK consulting firm MWR InfoSecurity. Data from BitSight covering 160,000 internet-connected computers hit by WannaCry, shows that Windows 7 accounts for 67 percent of infections, although it represents less than half of the global distribution of Windows PC users. Computers running older versions, such as Windows XP used in Britain's NHS health system, while individually vulnerable to attack, appear incapable of spreading infections and played a far smaller role in the global attack than initially reported.

    In laboratory testing, researchers at MWR and Kyptos say they have found Windows XP crashes before the virus can spread. Windows 10, the latest version of Microsoft's flagship operating system franchise, accounts for another 15 percent, while older versions of Windows including 8.1, 8, XP and Vista, account for the remainder, BitSight estimated.

    Computer basics
    Related:

    Hackers Mint Cryptocurrency with Technique in Global 'Ransomware' Attack
    May 16, 2017 — A computer virus that exploits the same vulnerability as the global "ransomware" attack has latched on to more than 200,000 computers and begun manufacturing digital currency, experts said Tuesday.
    The development adds to the dangers exposed by the WannaCry ransomware and provides another piece of evidence that a North Korea-linked hacking group may be behind the attacks. WannaCry, developed in part with hacking techniques that were either stolen or leaked from the U.S. National Security Agency, has infected more than 300,000 computers since Friday, locking up their data and demanding a ransom payment to release it.

    Researchers at security firm Proofpoint said the related attack, which installs a currency "miner" that generates digital cash, began infecting machines in late April or early May but had not been previously discovered because it allows computers to operate while creating the digital cash in the background. Proofpoint executive Ryan Kalember said the authors may have earned more than $1 million, far more than has been generated by the WannaCry attack. Like WannaCry, the program attacks via a flaw in Microsoft Corp's Windows software. That hole has been patched in newer versions of Windows, though not all companies and individuals have installed the patches.

    Suspected links to North Korea

    Digital currencies based on a technology known as blockchain operate by enabling the creation of new currency in exchange for solving complex math problems. Digital "miners" run specially configured computers to solve the problems and generate currency, whose value fluctuates according to market demand. Bitcoin is by far the largest such currency, but the new mining program is not aimed at Bitcoin. Rather it targeted a newer digital currency, called Monero, that experts say has been pursued recently by North Korean-linked hackers. North Korea has attracted attention in the WannaCry case for a number of reasons, including the fact that early versions of the WannaCry code used some programming lines that had previously been spotted in attacks by Lazarus Group, a hacking group associated with North Korea. Security researchers and U.S. intelligence officials have cautioned that such evidence is not conclusive, and the investigation is in its early stages.

    In early April, security firm Kaspersky Lab said that a wing of Lazarus devoted to financial gain had installed software to mine Moreno on a server in Europe. A new campaign to mine the same currency, using the same Windows weakness as WannaCry, could be coincidence, or it could suggest that North Korea was responsible for both the ransomware and the currency mining. Kalember said he believes the similarities in the European case, WannaCry and the miner were "more than coincidence." "It's a really strong overlap," he said. "It's not like you see Moreno miners all over the world." The North Korean mission to the United Nations could not be reached for comment, while the FBI declined to comment.

    http://www.voanews.com/a/hackers-cry...k/3853783.html

  8. #5
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Angry

    New Wannacry threat...

    More chaos on the way? WannaCry cyber hacker send their victims an ominous new message
    18 May 2017 | Last week's WannaCry ransomware attack led to worldwide cyber chaos; Now victims are reporting they have been sent a chilling new message; Infected computers have received a pop-up encouraging them to send money; The message promises that 'honest customers' will have their files returned
    Last week's WannaCry ransomware attack led to worldwide cyber chaos, crippling vital computer systems such as those used by the NHS. Now victims of the hack are reporting they have received a chilling new message from the cyber criminals behind the scheme. Infected computers have received a pop-up encouraging users to send the attackers cash in exchange for their files. The message said: 'I have already sent decryption keys to many customers who had sent me the correct amounts of bitcoin, and I guarantee the decryptions for such honest customers. 'Send me a message with your unique bitcoin wallet address an hour before your payment. 'Then you will receive the decryption key more quickly.'


    Victims of last week's WannaCry attack are reporting they have received a chilling new message from the hackers behind the scheme. Infected computers have received a pop-up encouraging users to send the attackers cash in exchange for their files

    Security expert Thijs Bosschert told The Sun Online that the message appeared earlier today. He said the pop-up could have been programmed to appear at a set point after the malware first infected the computer. 'But since no one else reported on this before I think the message was sent by the attackers this morning,' he said. 'It also fits the time windows op 9:00-11:00 GMT which they name in the malware,' he added.The WannaCry attack has continued to spread throughout this week, especially in Asia, though it has slowed down in the West. The extortion scheme has hit 150 countries including the US, Britain, Russia, China, Germany and France.


    Last Friday 150 countries were hit by a major cyber attack affecting computers, phones and emergency bleepers in hospitals and GP surgeries - pop-ups like the one pictured demanded a ransom of $300 (£230)

    The initial attack paralysed NHS computers, Germany's national railway and scores of other companies and government agencies. British IT expert Marcus Hutchins, 22, discovered a 'kill switch' for the cyber attack over the weekend. This prevented more than 100,000 computers across the globe from being infected. But despite slowing the spread of WannaCry, he fears that the ransomeware could have a 'backdoor'. Microsoft has pinned partial blame on the NSA for the cyber attacks, which were spread using hacking tools created by the agency. The tools were leaked online by hacking group 'ShadowBrokers' last month after they accessed NSA cyberware files.


    This graphic shows how ransomware can quickly infect an entire computer system. Last week's virus utilised powerful cyber tools developed by the US National Security Agency that were leaked online in April

    This week it was revealed that the mysterious ShadowBrokers group is threatening to release more such tools next month. In a taunting online message in broken English late Tuesday, the group said it will take payments beginning in June for monthly releases of computer hacks and vulnerability exploits like the one behind the global hacking wave. It also threatened to release compromised data from the international banking network and secret information on the nuclear and missile programs of Russia, China, Iran or North Korea.

    See also:

    A WARNING FROM THE SHADOWBROKERS

    Microsoft has pinned partial blame on the NSA for the cyber attacks, which were spread using hacking tools created by the agency.

    The tools were leaked online by hacking group 'ShadowBrokers' last month after they accessed NSA cyberware files.

    This week it was revealed that the mysterious ShadowBrokers group is threatening to release more such tools next month.

    In a taunting online message in broken English late Tuesday, the group said it will take payments beginning in June for monthly releases of computer hacks and vulnerability exploits like the one behind the global hacking wave.


    MORE

  9. #6
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Angry

    No. Korean Lazarus hacker group hits UK's NHS...

    Cyber-attack on UK 'came from N Korea'
    Fri, 16 Jun 2017 : The Lazarus group - who targeted Sony Pictures in 2014 - believed to have been behind NHS cyber-attack.
    British security officials believe that hackers in North Korea were behind the cyber-attack that crippled parts of the NHS and other organisations around the world last month, the BBC has learned. Britain's National Cyber Security Centre (NCSC) led the international investigation. Security sources have told the BBC that the NCSC believes that a hacking group known as Lazarus launched the attack. The same group is believed to have targeted Sony Pictures in 2014. The Sony hack came as the company planned to release the movie The Interview, a satire about the North Korean leadership starring Seth Rogen. The movie was eventually given a limited release after an initial delay. The same group is also thought to have been behind the theft of money from banks.


    GCHQ can detect the work of hackers around the globe

    NHS hit

    In May, ransomware called WannaCry swept across the world, locking computers and demanding payment for them to be unlocked. The NHS in the UK was particularly badly hit. Officials in Britain's National Cyber Security Centre (NCSC) began their own investigation and concluded their assessment in recent weeks. The ransomware did not target Britain or the NHS specifically, and may well have been a money-making scheme that got out of control, particularly since the hackers do not appear to have retrieved any of the ransom money as yet. Although the group is based in North Korea the exact role of the leadership in Pyongyang in ordering the attack is less clear.

    Detective work

    Private sector cyber-security researchers around the world began picking apart the code to try to understand who was behind the attack soon after. Adrian Nish, who leads the cyber threat intelligence team at BAE, saw overlaps with previous code developed by the Lazarus group. "It seems to tie back to the same code-base and the same authors," Nish says. "The code-overlaps are significant." Private sector cyber security researchers reverse engineered the code but the British assessment by the NCSC - part of the intelligence agency GCHQ - is likely to have been made based on a wider set of sources. America's NSA has also more recently made the link to North Korea but its assessment is not thought to have been based on as deep as an investigation as the UK, partly because the US was not hit as hard by the incident. Officials say they have not seen any significant evidence supporting other possible culprits.


    The WannaCry ransomware has been linked to a North Korean hacking group

    Central bank hack

    North Korean hackers have been linked to money-making attacks in the past - such as the theft of $81m from the central bank of Bangladesh in 2016. This sophisticated attack involved making transfers through the Swift payment system which, in some cases, were then laundered through casinos in the Philippines. "It was one of the biggest bank heists of all time in physical space or in cyberspace," says Nish, who says further activity has been seen in banks in Poland and Mexico. The Lazarus group has also been linked to the use of ransomware - including against a South Korean supermarket chain. Other analysts say they saw signs of North Korea investigating the bitcoin method of payment in recent months.

    Scattergun

  10. #7
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Angry

    New Wannacry variant...

    Global ransomware attack causes turmoil
    Tue, 27 Jun 2017: Banks, retailers, energy firms and Kiev airport say they have been targeted by malware attacks.
    Companies across the globe are reporting that they have been struck by a major ransomware cyber-attack. British advertising agency WPP is among those to say its IT systems have been disrupted as a consequence. Ukrainian firms, including the state power company and Kiev's main airport, were among the first to report issues. The Chernobyl nuclear power plant has also had to monitor radiation levels manually after its Windows-based sensors were shut down. The Russian anti-virus firm Kaspersky Lab said its analysis showed that there had been about 2,000 attacks - most in Ukraine, Russia and Poland. The international police organisation Interpol has said it was "closely monitoring" the situation and liaising with its member countries.


    Experts suggest the malware is taking advantage of the same weaknesses used by the Wannacry attack last month. "It initially appeared to be a variant of a piece of ransomware that emerged last year," said computer scientist Prof Alan Woodward. "The ransomware was called Petya and the updated version Petrwrap. "However, now that's not so clear." The Russian cybersecurity firm Kaspersky Lab reported that it believed the malware was a "new ransomware that has not been seen before" despite its resemblance to Petya. As a result, the firm has dubbed it NotPetya. Kaspersky added that it had detected suspected attacks in Poland, Italy, Germany, France and the US in addition to the UK, Russia and Ukraine.


    The UK's National Crime Agency is investigating the threat

    Andrei Barysevich, a spokesman for security firm Recorded Future, told the BBC such attacks would not stop because cyber-thieves found them too lucrative. "A South Korean hosting firm just paid $1m to get their data back and that's a huge incentive," he said. "It's the biggest incentive you could offer to a cyber-criminal." A bitcoin wallet associated with the outbreak has received several payments since the outbreak began. The wallet currently holds three bitcoins (£5,640; $7,240). An email address associated with the blackmail attempt has been blocked by German independent email provider Posteo. It means that the blackmailers have not been able to access the mailbox.

    Problems have also affected:
    See also:

    New cyberattack causes mass disruption globally
    Jun 27,`17 : A new and highly virulent outbreak of malicious data-scrambling software appears to be causing mass disruption across the world, hitting companies and governments in Europe especially hard.
    Officials in Ukraine reported serious intrusions of the country's power grid as well as at banks and government offices, where one senior executive posted a photo of a darkened computer screen and the words, "the whole network is down." The prime minister cautioned that the country's "vital systems" hadn't been affected. Russia's Rosneft oil company also reported falling victim to hacking and said it had narrowly avoided major damage, as did Danish shipping giant A.P. Moller-Maersk. "We are talking about a cyberattack," said Anders Rosendahl, a spokesman for the Copenhagen-based shipping group. "It has affected all branches of our business, at home and abroad."

    The attack was confirmed to have spread beyond Europe when U.S. drugmaker Merck, based in New Jersey, said its systems had also been compromised. The number of companies and agencies reportedly affected by the ransomware campaign was piling up fast, and the electronic rampage appeared to be rapidly snowballing into a worldwide crisis. There's very little information about what might be behind the disruption at each specific company, but cybersecurity experts rapidly zeroed in on a form of ransomware, the name given to programs that hold data hostage by scrambling it until a payment is made. "A massive ransomware campaign is currently unfolding worldwide," said Romanian cybersecurity company Bitdefender, where analyst Bogdan Botezatu said that it appeared to be nearly identical to GoldenEye, one of a family of hostage-taking programs that has been circulating for months. Some analysts were calling the new form of ransomware Petya.

    It's not clear whether or why the ransomware has suddenly become so much more potent, but Botezatu said that it was likely spreading automatically across a network, without the need for human interaction. Such self-spreading software, often called "worms," are particularly feared because they can replicate rapidly, like a contagious disease. "It's like somebody sneezing into a train full of people," Botezatu told The Associated Press. "You just have to exist there and you're vulnerable."

    The world is still recovering from a previous outbreak of ransomware, called WannaCry or WannaCrypt, which spread rapidly using digital break-in tools originally created by the U.S. National Security Agency and recently leaked to the web. "Data breaches and cyber hacks are one of the biggest risks facing business worldwide," said Michelle Crorie, a partner at law firm Clyde & Co. who specializes in cybersecurity issues. "The WannaCry attack and now Petya clearly demonstrate that hackers do not discriminate which type of business they are targeting." This particular variant of ransomware leaves a message with a contact email; several messages sent to the address were not immediately returned.

    http://hosted.ap.org/dynamic/stories...06-27-13-22-14

  11. #8
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Red face

    Granny been grillin' possum `bout what he been doin' onna `puter?...

    Experts: Global cyberattack looks more like 'sabotage' than ransomware
    Saturday 1st July, 2017 - Scratch that: Cybersecurity experts believe it was sabotage, not cash, that may have motivated the hackers behind this week's crippling global cyberattack.
    Initial reports suggested the virus that surfaced on Tuesday was a form of ransomware, which demands a payment from victims before restoring their computer files. But clues in the computer code now point to sabotage. The U.K. National Cyber Security Centre said that its experts have uncovered "evidence that questions initial judgments that the intention was to collect a ransom." "We are investigating ... whether the intent was to disrupt rather than for any financial gain," the agency said in a statement. Private sector experts are investigating along similar lines.

    Cybersecurity firms Kaspersky Lab and Comae Technologies said the virus was likely spread by a sophisticated actor that wasn't interested in collecting a ransom. "To launch this attack, its authors have carefully created a destructive malware disguised as ransomware," Kaspersky said Friday. "While some parts of this destructive malware still operate as original building blocks, meaning they might be mistaken for ransomware, their true purpose is destruction, not financial gain." Matt Suiche, the founder of Comae Technologies, explained in an online post that it was designed to "destroy and damage." "Different intent. Different motive. Different narrative," he wrote.


    A number of global companies were hit by a massive IT system attack earlier in the week.

    Ground zero for the cyberattack appears to have been Ukraine, according to Kaspersky. It quickly spread around the world, infecting the computer networks of major corporations. The virus hit big global brands like snack maker Mondelez (MDLZ), advertising giant WPP (WPPGF), pharmaceutical firm Merck (MRK) and a subsidiary of delivery firm FedEx (FDX). The software infected computers and locked down their hard drives. It demanded a $300 ransom in the digital currency Bitcoin in return for unlocking the files. But Juan Andres Guerrero-Saade, a senior researcher at Kaspersky, said the bug's code shows it would be impossible for the hackers to decrypt the documents. "It's not designed to work properly," he said. If the primary objective was financial gain, the virus doesn't appear to have been very successful.

    Kaspersky said that it had seen only 24 people hand over the ransom in an effort to rid their machines of the virus, with payments totaling $6,000. The cybersecurity firm added that it does not have information on which "threat actor" is behind the attack. Another major cyberattack called WannaCry spread around the world in mid-May, infecting upwards of a million machines while demanding ransom money from victims. Intelligence agencies and security researchers have linked the WannaCry attacks to a hacking group associated with North Korea.

    http://money.cnn.com/2017/06/30/tech...A+Latest+News)

  12. #9
    Points: 14,065, Level: 28
    Level completed: 58%, Points required for next Level: 385
    Overall activity: 3.0%
    Achievements:
    SocialRecommendation Second ClassVeteran10000 Experience Points
    pragmatic's Avatar Senior Member
    Karma
    2228
    Join Date
    Apr 2013
    Location
    West of Pixley
    Posts
    2,918
    Points
    14,065
    Level
    28
    Thanks Given
    2,042
    Thanked 1,753x in 1,198 Posts
    Mentioned
    16 Post(s)
    Tagged
    0 Thread(s)
    Not to be melodramatic.

    But the crippling attack on the world financial infrastructure is just a matter of time.

  13. The Following User Says Thank You to pragmatic For This Useful Post:

    waltky (01-10-2018)

  14. #10
    Points: 39,654, Level: 48
    Level completed: 69%, Points required for next Level: 496
    Overall activity: 0.1%
    Achievements:
    VeteranTagger First Class25000 Experience PointsSocial
    waltky's Avatar Senior Member
    Karma
    5662
    Join Date
    Oct 2012
    Posts
    8,859
    Points
    39,654
    Level
    48
    Thanks Given
    2,515
    Thanked 2,140x in 1,616 Posts
    Mentioned
    46 Post(s)
    Tagged
    0 Thread(s)

    Angry

    North Korea might be searching for new ways to infuse its economy with cash...

    N Korea tied to crypto scheme
    Wed, Jan 10, 2018 - MISDIRECT? The report said that the same North Korean IP address has been active on bitcoin trading sites, was used in cyberattacks and has downloaded ‘Top Gear’
    A cybersecurity company said it has found software that appears to install code for mining cryptocurrency and sends any mined coins to a server at a North Korean university, the latest sign that North Korea might be searching for new ways to infuse its economy with cash. The application, which was created on Dec. 24, uses host computers to mine a cryptocurrency called Monero. It then sends any coins to Kim Il-sung University in Pyongyang, cybersecurity firm AlienVault said. “Cryptocurrencies may provide a financial lifeline to a country hit hard by sanctions, and as a result, universities in Pyongyang have shown a clear interest,” the California-based security firm said in a release, adding that the software “may be the most recent product of their endeavors.” The company added a caveat that a North Korean server used in the code does not appear to be connected to the wider Internet, which could mean its inclusion is meant to trick observers into making a North Korean connection.

    Kim Il-sung University did not immediately respond to requests for comment. Government officials representing North Korea at the UN were not immediately available for comment. Others have flagged increasing signs of North Korean interest in cryptocurrencies and their underlying blockchain technology. “With economic sanctions in place, cryptocurrencies are currently the best way to earn foreign currency in North Korea’s situation. It is hard to trace and can be laundered several times,” ESTsecurity chief analyst Mun Chong-hyun said. Cryptocurrency watchers say technical details of Monero, the 13th-largest crypto asset in the world, according to www.coinmarketcap.com, make it more appealing than bitcoin to those who value secrecy.

    Monero funds go to an unlinkable, one-time address generated with random numbers every time a payment is issued. That makes it less traceable than bitcoin, for which transactions can be linked to specific private addresses, cybersecurity experts said. Marshal Swatt, an expert in blockchain technology and financial exchange, said cryptocurrencies’ independence from government regulation — and sanctions — make them logical choices for covert transactions. Cybersecurity firm FireEye in a November blog post cited a series of North Korean activities against South Korean cryptocurrency targets such as exchanges. “It should be no surprise that cryptocurrencies, as an emerging asset class, are becoming a target of interest by a regime that operates in many ways like a criminal enterprise,” analyst Luke McNamara wrote.

    In early November, Federico Tenga, the Italian cofounder of bitcoin start-up Chainside, posted on Twitter photographs and comments on his visit to the Western-funded Pyongyang University of Science and Technology to lecture on bitcoin and blockchain. “The lectures were at a quite basic level to give a general understanding of blockchain technologies, which are also very relevant to trade, supply chains and other e-business,” a university spokesman said. “We believe this teaching can give the next generation of North Korean professionals additional concepts that may be valuable as they seek to develop their country,” the spokesman added. “We’re acutely aware of issues around sanctions, which we keep under regular review and take care to avoid any sensitive or proscribed areas.”

    MORE

+ Reply to Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts