The Wannacry ransomware epidemic was especially virulent, thanks to its core: a weaponized vulnerability in Windows that the NSA had discovered and deliberately kept a secret so that they could use it to attack their adversaries.
Read the rest
France created a national mechanical telegraph system in the 1790s; in 1834, a pair of crooked bankers named François and Joseph Blanc launched the first cyberattack, poisoning the data that went over the system in order to get a trading advantage in the bond market.
Read the rest
The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble -- that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic.
Read the rest
The global epidemic of Wannacry ransomware infections was the result of petty criminals fusing an old ransomware strain with a leaked NSA cyberweapon that was released by The Shadow Brokers, and the result was tens of millions of dollars' worth of economic harm.
Read the rest
Rule #1 of hacking is "attribution is hard" (other contenders: "don't be on fire," "don't get involved in a land-war in Asia" or "there is no security in obscurity"), which is to say, it's really hard to say who hacked you, in part because it's really easy for hackers to make it look like someone else did the deed. Read the rest
Paul Brown writes, "The FSFE's 'Public Money? Public Code!' campaign wants to convince
lawmakers that software created with public funds should be made
available to the public under Free Software licences. Read the rest
In my latest Locus column, "Demon-Haunted World," I propose that the Internet of Cheating Things -- gadgets that try to trick us into arranging our affairs to the benefit of corporate shareholders, to our own detriment -- is bringing us back to the Dark Ages, when alchemists believed that the universe rearranged itself to prevent them from knowing the divine secrets of its workings. Read the rest
Update: Here is the indictment. Hutchins is accused of making and selling a keylogger called the "Kronos banking trojan."
Marcus Hutchins is the 23 year old security researcher behind the @MalwareTechBlog Twitter account; he's the guy who figured out that the Wannacry worm had an accidental killswitch built in and then triggered it, stopping the ransomware epidemic in its tracks. Read the rest
The Wannacry worm burned through the world's unpatched IT systems, hitting more than 80 countries in 24 hours, taking down hospitals, airlines, banks and logistics companies, until a hidden killswitch was able to halt its spread. Read the rest
According to Kaspersky, the Petya ransomware that raced around the world this week wasn't ransomware at all, and there is no way to get back your files after it does its work (that's why it was so easy to shut down the email address the ransomware used to negotiate payments and decryption with victims whose computers had been taken over). Read the rest
Petya is a well-known ransomware app that has attained a new, deadly virulence, with thousands of new infection attempts hitting Kaspersky Lab's honeypots; security firm Avira attributes this new hardiness to the incorporation of EternalBlue -- the same NSA cyberweapon that the Wannacry ransomware used, which was published by The Shadow Brokers hacker group -- into a new Petya strain. Read the rest
Hot on the heels of the WannaCry attack, a massive, new, ransomware attack has struck Europe, shutting down systems in Ukraine, Britain, and Spain.
From The Telegraph:
The virus is believed to be ransomware - a piece of malicious software that shuts down a computer system and then demands an extortionate sum of money to fix the problem.
It comes just a few weeks after the WannaCry hack which affected more than 150 countries and crippled parts of the NHS.
American and British analysts believe that attack, which unfolded in May, was carried out by North Korea. It remains unclear who is responsible for Tuesday's attack.
It's not yet clear where the wave of attacks originated or who is behind it. "Everyone talked about Ukraine first, but I don't know. It's worldwide," says MalwareHunterteam, a researcher with the MalwareHunterTeam analysis group.
Most troubling, perhaps, is that Petya doesn't appear suffer the same errors that stunted WannaCry's spread. The amateurish mistakes that marked that outbreak limited both the scope and the eventual payouts collected; it even included a "kill switch" that shut it off entirely after just a couple of days.
Image: Christiaan Colen Read the rest
SciShow’s Hank Green breaks down the details of this month’s WannaCry ransomware attack. Read the rest
Whoever created the Wcry ransomware worm -- which uses a leaked NSA cyberweapon to spread like wildfire -- included a killswitch: newly infected systems check to see if a non-existent domain is active, and if it is, they fall dormant, ceasing their relentless propagation. Read the rest
Patriarch Kirill of the Russian Orthodox Church is a powerful reactionary figure in the country's toxic political scene, which has welded a tale of thwarted imperial destiny to a thin-skinned fundamentalist theology that can't bear the slightest sign of mockery; he's blamed ISIS on secularism and Pride parades and says that marriage equality literally heralds the imminent apocalypse. Read the rest