The Wannacry ransomware epidemic was especially virulent, thanks to its core: a weaponized vulnerability in Windows that the NSA had discovered and deliberately kept a secret so that they could use it to attack their adversaries.
Update: Here is the indictment. Hutchins is accused of making and selling a keylogger called the "Kronos banking trojan."
Marcus Hutchins is the 23 year old security researcher behind the @MalwareTechBlog Twitter account; he's the guy who figured out that the Wannacry worm had an accidental killswitch built in and then triggered it, stopping the ransomware epidemic in its tracks. — Read the rest
The Wannacry worm burned through the world's unpatched IT systems, hitting more than 80 countries in 24 hours, taking down hospitals, airlines, banks and logistics companies, until a hidden killswitch was able to halt its spread.
SciShow's Hank Green breaks down the details of this month's WannaCry ransomware attack.
"The self-spreading 'WannaCry' internet worm, which ripped through 160,000 computers and crippled hospitals and other businesses, is now being linked to a North Korean cyber gang," reports Kevin Poulsen at Daily Beast. — Read the rest
Earth's Deadliest [Computer] Virus is a great overview of the 2017 Wannacry ransomware attack, and Marcus Hutchins' efforts to halt its progress.
The Disrupt video is based on the terrific Wired article by Andy Greenberg, which describes Hutchins' arrest and questioning about the Kronos banking malware he had written as a teen:
— Read the restFor those minutes, Hutchins allowed himself to believe that perhaps the agents wanted only to learn more about his work on WannaCry, that this was just a particularly aggressive way to get his cooperation into their investigation of that world-shaking cyberattack.
On Wednesday night less than one week before the election, as COVID-19 cases spike throughout the United States, the nation's cybersecurity agency says: "there is an imminent and increased cybercrime threat to U.S. hospitals and healthcare providers."
Here's the tweet tonight from CISA, the Cybersecurity and Infrastructure Security Agency:
Vxworks is a lightweight, thin OS designed for embedded systems; a new report from Armis identifies critical vulnerabilities (called "Urgent 11") in multiple versions of the OS that they estimate affects 200m systems (Vxworks' make, Wind River, disputes this figure).
Malware authors have a problem: they want their software to run aggressively when no one is looking at it, but to shut down entirely if the device it's running on is actually in some malware researcher's lab.
France created a national mechanical telegraph system in the 1790s; in 1834, a pair of crooked bankers named François and Joseph Blanc launched the first cyberattack, poisoning the data that went over the system in order to get a trading advantage in the bond market.
The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble — that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic.
The global epidemic of Wannacry ransomware infections was the result of petty criminals fusing an old ransomware strain with a leaked NSA cyberweapon that was released by The Shadow Brokers, and the result was tens of millions of dollars' worth of economic harm.
Rule #1 of hacking is "attribution is hard" (other contenders: "don't be on fire," "don't get involved in a land-war in Asia" or "there is no security in obscurity"), which is to say, it's really hard to say who hacked you, in part because it's really easy for hackers to make it look like someone else did the deed.
Paul Brown writes, "The FSFE's 'Public Money? Public Code!' campaign wants to convince
lawmakers that software created with public funds should be made
available to the public under Free Software licences.
In my latest Locus column, "Demon-Haunted World," I propose that the Internet of Cheating Things — gadgets that try to trick us into arranging our affairs to the benefit of corporate shareholders, to our own detriment — is bringing us back to the Dark Ages, when alchemists believed that the universe rearranged itself to prevent them from knowing the divine secrets of its workings.
According to Kaspersky, the Petya ransomware that raced around the world this week wasn't ransomware at all, and there is no way to get back your files after it does its work (that's why it was so easy to shut down the email address the ransomware used to negotiate payments and decryption with victims whose computers had been taken over).
Petya is a well-known ransomware app that has attained a new, deadly virulence, with thousands of new infection attempts hitting Kaspersky Lab's honeypots; security firm Avira attributes this new hardiness to the incorporation of EternalBlue — the same NSA cyberweapon that the Wannacry ransomware used, which was published by The Shadow Brokers hacker group — into a new Petya strain.
Hot on the heels of the WannaCry attack, a massive, new, ransomware attack has struck Europe, shutting down systems in Ukraine, Britain, and Spain.
From The Telegraph:
— Read the restThe virus is believed to be ransomware – a piece of malicious software that shuts down a computer system and then demands an extortionate sum of money to fix the problem.
Whoever created the Wcry ransomware worm — which uses a leaked NSA cyberweapon to spread like wildfire — included a killswitch: newly infected systems check to see if a non-existent domain is active, and if it is, they fall dormant, ceasing their relentless propagation.
Patriarch Kirill of the Russian Orthodox Church is a powerful reactionary figure in the country's toxic political scene, which has welded a tale of thwarted imperial destiny to a thin-skinned fundamentalist theology that can't bear the slightest sign of mockery; he's blamed ISIS on secularism and Pride parades and says that marriage equality literally heralds the imminent apocalypse.
