Items tagged with Ransomware

The largest spam botnet in the world has a new trick up its sleeve, prompting security outfit Check Point to place it back in its list of the top ten most prevalent malwares. Called Necurs, the botnet dished up more than 12 million emails in a single morning during the Thanksgiving holiday. What makes it even more annoying, however, is that hackers have added the relatively new Scarab ransomware to the botnet's list of dirty tricks. "The re-emergence of the Necurs botnet highlights how malware that may seem to be fading away, doesn’t always disappear or become any less of a threat. Despite Necurs being well known to the security community, hackers are still enjoying lots of success distributing... Read more...
You might think that the massive number of security breaches that have happened in recent years would push corporate giants and medical facilities out there to take a look at their own security and ensure that their networks are protected. We are only a few months removed from the massive attack that breached Equifax and leaked the information on 143 million Americans into the wild. Now the UK's National Audit Office (NAO) is giving a postmortem following the WannaCry ransomware attacks that hit several hospitals in the country.The ensuing investigation found incredibly lax security protecting the networks and determined that NHS had failed to follow basic IT security practices. The key... Read more...
Microsoft has found a way to fight back against the growing threat of ransomware, a devious type of malware that encrypts files and folders on a victim's PC and then demands a ransom—oftentimes in Bitcoin due to its anonymity—in exchange for unlocking the user's data. Some ransomware strains even come with a timer, after which the encrypted data is permanently deleted. A new feature in Windows 10 helps prevent all that from happening. One of the things Microsoft included in the recently released Fall Creators Update is a feature called "Controlled folder access." When enabled, this feature prevents unauthorized access to important files by locking down folders and only allowing authorized apps... Read more...
This has been a bad year for wide-scale ransomware attacks, where malware encrypt a user's computer and demands payment to unlock the machine. The two major ransomware attacks that have happened in 2017 include WannaCry and ExPetr (or Petya and NotPetya as they were also called). The hackers behind WannaCry cashed out their bitcoin ransom in August netting about $143,000. The year is almost over, but another major ransomware attack is underway and it is called Bad Rabbit. Kaspersky says that Bad Rabbit has infected several major Russian media outlets with Interfax and Fontanka.ru news agencies being among the first confirmed victims. Odessa International Airport has also reportedly stated... Read more...
Cybercriminals have developed a new form of Android ransomware that gives victims added incentive to pay up. In addition to scrambling the user's data with an AES encryption algorithm, the new ransomware replaces an infected device's personal identification number (PIN) with one that is randomly generated, effectively locking the rightful owner out. One the ransom is paid, the attacker can remotely reset the PIN and unlock the device. ESET, a security firm that offers antivirus solutions for both desktop and mobile devices, discovered the new ransomware and dubbed it DoubleLocker, since it locks users out of accessing their data in two ways. "Given its banking malware roots, DoubleLocker may... Read more...
TrendMicro has published a report that claims that a "sizable" spam campaign is underway and other than just having a bunch of unwanted email to contend with, the spam campaign is also pushing ransomware. The spam campaign is said to be distributing the latest variant of Locky, which is the ransomware that invaded LinkedIn back in November of last year via bogus leads.  The security firm says that it has looked at samples of these recent spam campaigns and has found that criminals are using some sophisticated distribution methods to affect users in over 70 countries. Along with Locky, the spammers are also distributing another ransomware program called FakeGlobe and that... Read more...
Cyber crooks have found a new way to ruin a person's day with ransomware. Traditionally most ransomware encrypts a victim's storage device and then demands a ransom in order to unlock the files. Some of the nastier versions will put a time limit on receiving payment before the ransomware starts permanently deleting files. Now there is version making the rounds that not only encrypts a victim's files, it steals Bitcoin wallets as well.The new variant of the Cerber ransomware takes a dual approach to extracting fund from a victim. It searches for one of three Bitcoin wallet applications, those being Bitcoin Core, Electrum, and Multibit. If it manages to find one, the ransomware sends it to the... Read more...
Here's something you don't see too often: a ransomware creator unearthing the master decryption key for public consumption. That's exactly what we're seeing from Petya's original developer, allowing those affected by certain versions of Petya to recover their data, and developers the ability to create decrypters to make the entire process that much easier. Unfortunately, there are a number of major caveats here. The biggest one is the fact that most of those affected by these specific versions of Petya dealt with it last year, not recently. It stands to reason that many of those folks did not clone or keep their drive, because it could have felt like a lost cause. If you still have the data,... Read more...
Over the past few years, one of the most prevalent types of malware has been ransomware - an infection that automatically locks down your sensitive data, and then makes you buy it back with your hard-earned cash. In May, one of the hardest-hitting ransomware strikes occurred, via the appropriately named WannaCry. Now, that's "old" news; today, the major threat is Petya, another piece of ransomware. Or is it? That's the big question. As we covered a couple of times this week, Petya is designated as ransomware that seems to be mostly striking computers in Europe. If infected, the user is told to send $300 worth of Bitcoin to a specific address to receive a key. The fee, all things considered, is... Read more...
There are no days off in Redmond, at least not for Microsoft. Hot on the heels of dealing with the WannaCry ransomware outbreak, Microsoft has now addressed reports of a new ransomware making the rounds, one that shares similar code with Petya, a nasty piece of ransomware in and of itself. What makes this new strain so dangerous is that it is capable of spreading across networks like a worm. This new ransomware is more sophisticated than the original Petya outbreak. According to Microsoft, the initial strain seems to originate from a Ukrainian company that builds a pierce of accounting software called MEDoc. Microsoft says it now has evidence that few active infections of the ransomware started... Read more...
Following last month's WannaCry attack, it looks as though another ransomware outbreak is quickly spreading around the globe. The attack seems to be centered in the Ukraine, where the ransomware has crippled the country’s central bank and power utilities like Ukrenego and Kyivenergo. Kiev’s Borispol airport has also come under attack according to a Facebook posting, and the city’s metro system has seen its payment infrastructure infiltrated. However, the official Twitter account for the Ukraine was decidedly upbeat about the outbreak, breaking the tension with a little bit of humor: Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts... Read more...
Getting on-board with an operating system like Windows 10 S may be difficult for some users. Only a certain type of user would purposefully opt to use a whittled-down, locked-down OS by choice, but for the security conscious, it makes a lot of sense. After all, 10 S is still Windows -- it's just supposed to be safer. That's been Microsoft's message since the OS' launch, and its logic is sound: the more locked-down an OS, the lower the chances are that a piece of malware -- including ransomware -- will make it onto the system. To put it simply, using Windows 10 S is akin to locking your doors and windows. That level of security might not be bullet-proof, but its a lot better than leaving... Read more...
It seemed for a moment that the WannaCry ransomware that wreaked havoc at hospitals across Europe had been neutralized, but apparently it is still causing disruptions. The latest report comes from Honda Motor Co., which said on Wednesday that it had to shut down one of its factories in Japan after discovering that WannaCry had wormed its way onto the company's computer network.Honda temporarily ceased production at its Sayama plant located northwest of Tokyo. That particular factory produces several Honda automobile models, including the Accord sedan, Odyssey minivan, and Step Wagon compact vehicle. On any given day, it churns out around 1,000 vehicles, making a halt in production more than just... Read more...
The notion that Mac systems are immune to malware is just plain wrong. Sure, Macs might be less susceptible to malware than Windows-based PCs, but they are certainly not exempt from security threats. Proving otherwise, two different security outfits have put out warnings about separate threats targeting Mac users. One of them pertains to ransomware, where a user's documents and files are encrypted and held hostage until a ransom is paid, and the other is a spyware application that sniffs out sensitive information.Image Source: Apple Starting with the former, security outfit Fortinet said its labs recently discovered a ransomware-as-a-service (RaaS) called MacRansom that uses a web portal hosted... Read more...
Now that the dust has settled on a global ransomware outbreak that could have been much worse than it ended up being, we can all breathe a sigh of relieve. Meanwhile, security outfits are busy analyzing the outbreak to uncover as much information as possible about the threat known as WannaCry. According to Symantec's investigation into things, WannaCry has "strong links to Lazarus," which is the same group that attacked Sony Pictures and made off with $81 million from the Bangladesh Central Bank. Symantec says that before the recent outbreak occurred, a near identical version of WannaCry was used in targeted attacks in the months of February, March, and April of this year. The only difference... Read more...
For a quick minute, it looked as though a strain of ransomware that was seemingly stolen from the United States National Security Agency (NSA) was going to be a major problem for PCs around the world, and in particular Windows XP systems. Microsoft even made the unusual move of releasing an emergency patch for Windows XP even though it stopped supporting the legacy OS a long time ago. But now a week after the initial WannaCry outbreak it's been discovered that Windows 7 PCs were the hardest hit. A researcher for Kaspersky Lab posted a message on Twitter saying "the Windows XP count is insignificant," adding that Windows 7 took the brunt of the ransomware's activity. When looking at the overall... Read more...
The Wanna Decrypter ransomware that began floating around the Internet late last week, or WannCry as it's commonly known, has made a lasting impact, with hundreds of thousands of PCs worldwide being affected. What the malware does is even more alarming: one minute, you're using your computer normally; the next, your data is locked away behind a key unless you fork over hundreds of dollars in ransom money. As has become typical of ransomware, WannaCry will demand payment via Bitcoin in order to recover the data the attackers locked down. Once payment is received, an encryption key is typically (but not always) sent that will allow the user to recover their data. It's a chore for the inexperienced... Read more...
The Internet community was able to breathe a temporary sigh of relief after a 22-year-old security researcher accidentally discovered a way to thwart WannaCrypt, a fast-spreading strain of malware that was stolen from the National Security Agency. After reaching tens of thousands of systems in over 70 countries within the first few hours, WannaCrypt was stopped dead in its tracks. Also known as WannaCry, WCry, and by a handful of other designations, the unprecedented ransomware attack was particularly bothersome for hospitals in the UK. Many of them shut down and turned patients away. In some cases, operations had to be cancelled. Doctors and staff were locked out of viewing patent records because... Read more...
Microsoft stopped supporting Windows XP several years ago, though because some users and businesses (including government agencies) are still clinging to the legacy operating system, it has been known to release patches for more serious security threats. It does not happen often, but it does happen. Case in point, Microsoft has issued a security patch to protect Windows XP systems from the WannaCrypt ransomware that is spreading across the globe. Also known as WannaCry, WCry, and a handful of other names, WannaCrypt is believed to be one of the cybersecurity tools a hacking group pilfered from the National Security Agency (NSA) and leaked to the web. What makes this bit of ransomware particularly... Read more...
Last fall, we reported on a somewhat humorous report of a mere "reply all" email that managed to bring down email servers of the UK's National Health Service.  Unfortunately, we have something a bit more severe to report on today: an all-out cyberattack against the NHS. At some point today, doctors at NHS had to begin turning away patients as a ransomware attack that affected NHS' most important servers reared its ugly head. Doctors and staff were immediately locked out of their computers, essentially meaning that patient data could not be accessed. Queen Elizabeth Hospital in Birmingham; Flickr: Tony Hisgett It's not believed at this time that the attack will result in leaked patient data,... Read more...
Set phasers to stun! New ransomware is making the rounds today, and it is adopting a Star Trek theme. Avast researcher Jakub Kroustek is credited with tracking down the Kirk ransomware, which wreaks havoc by encrypting your precious files and demanding payment to get those files back. Unlike other ransomware, which often demands payment in the form of Bitcoins, Kirk instead insists that you fork over Monero, a cryptocurrency that is based on the CryptoNote protocol. According to BleepingComputer, this is the first ransomware to be tied to Monero. “The problem is that [Monero] is only going to confuse victims even more,” writes BleepingComputer. “By introducing a new cryptocurrency into the mix,... Read more...
When ransomware strikes, its impact could range from mild to severe. Sometimes, ransomware targets regular users, while other times, it targets important mega-corporations (or even police stations). In this latest incident, it affected a hotel, and subsequently ran the risk of affecting all of its guests. Here it is, the downright gorgeous Romantik Seehotel Jägerwirt in Austria. Staying at a place like this is the stuff dreams are made of. It could feel like paradise on Earth; certainly not a place where you'd expect to have to deal with the major hassle of being locked out of your room against even the hotel's will. This hotel, like so many others, integrates many of its intricate utilities... Read more...
Prev 1 2 3 Next