Tag Archives: cyber warfare

Hack brief: Dangerous Fireball adware infects a quarter billion PCs

Source: Wired

“Adware that infects your computer to display pop-ups is an annoyance. But when it infects as many as one in five networks in the world, and hides the capability to do far more serious damage to its victims, it’s an epidemic waiting to happen. The security firm Check Point has warned of a massive new outbreak: They count 250 million PCs infected with malicious code they’ve called Fireball, designed to hijack browsers to change the default search engine, and track their web traffic on behalf of a Beijing-based digital marketing firm called Rafotech. But more disturbingly, Check Point says it found that the malware also has the ability to remotely run any code on the victim’s machine, or download new malicious files. It’s potentially serious malware, disguised as something more trivial.” (06/02/17)

https://www.wired.com/2017/06/hack-brief-dangerous-fireball-adware-infects-quarter-billion-pcs/

Most Chipotle restaurants hacked with credit card stealing malware

Source: CNN

“A cybersecurity attack that hit most Chipotle restaurants allowed hackers to steal credit card information from customers, the burrito chain confirmed. The company first acknowledged the breach on April 25. But a blog post on Friday revealed the kind of malware used in the attack and the restaurants that were affected. The list of attacked locations is extensive and includes many major U.S. cities. When CNNMoney asked the company Sunday about the scale of the attack, spokesman Chris Arnold said that ‘most, but not all restaurants may have been involved.'” (05/28/17)

http://money.cnn.com/2017/05/28/technology/chipotle-credit-card-hack/

Security experts: Hackers are hiding computer viruses in film subtitles

Source: Telegraph [UK]

“Hackers can hide computer viruses in online video subtitles and use them to take control of computers, security experts have warned. The attacks are embedded within the subtitle files that accompany many illegally downloaded films, and easily bypass security software and antivirus programs designed to keep computers safe. Check Point, the security group that discovered the flaw, said millions of people who use video software including to stream or play films and TV shows on computers could be at risk. They warned that the attack lets hackers take ‘complete control’ over any type of device using the software, including smart TVs. It identified four programs — VLC, Kodi, Popcorn Time and Stremio — but said there could be more.” (05/25/17)

http://www.telegraph.co.uk/technology/2017/05/25/hackers-hiding-computer-viruses-film-subtitles-experts-warn/

FCC won’t publish evidence of alleged DDoS attack

Source: ZDNet

“The FCC will not publish evidence of an alleged distributed denial-of-service attack, which critics say prevented a flood of people from leaving messages on the agency’s support of net neutrality. Call for the release of the agency’s log files came after security experts and pro-net neutrality groups disputed the agency’s claims that someone attempted to ‘bombard the FCC’s comment system with a high amount of traffic’ in the hours after the John Oliver’s ‘Last Week Tonight’ show, which rallied viewers to leave feedback in favor of net neutrality rules, which the FCC currently wants to roll back.” (05/21/17)

http://www.zdnet.com/article/fcc-will-not-publish-evidence-of-alleged-ddos-attack/

The real roots of the worldwide ransomware outbreak: Militarism and greed

Source: The Intercept
by Sam Biddle

“The NSA did not create WannaCry. Rather, it discovered weaknesses in various versions of Windows and wrote programs that would allow American spies to penetrate computers running Microsoft’s operating system, and it was one of these programs, codenamed ETERNALBLUE and repurposed by still-unidentified hackers, that allowed WannaCry to spread as quickly and uncontrollably as it did last week. Whether or not you think the causal chain is such that the NSA is in some sense morally responsible, it’s undeniable that without the agency’s work, there is no ETERNALBLUE, and without ETERNALBLUE, there is no May 2017 WannaCry Crisis. In this sense, Microsoft is right–but the blame shouldn’t end there. Microsoft also did not create WannaCry. But it did create something something nearly as bad: Windows Vista, an operating system so horrendously bloated, broken, and altogether unpleasant to use that many PC users back in 2007 skipped upgrading altogether, opting instead to stick with the outdated Windows XP, a decision that has left many people on that decade-and-a-half-old operating system even today, years after Microsoft stopped updating it.” (05/16/17)

https://theintercept.com/2017/05/16/the-real-roots-of-the-worldwide-ransomware-outbreak-militarism-and-greed/

WikiLeaks reveals two CIA malware frameworks

Source: Threatpost [Russia]

“WikiLeaks released details on what it claims are two frameworks for malware samples dubbed AfterMindnight and Assassin, both allegedly developed by the U.S. Central Intelligence Agency. The revelations come amid worldwide efforts to squelch variants of the WannaCry ransomware, an offensive hacking tool allegedly developed by the National Security Agency. The release is also the latest from WikiLeaks and part of its ongoing Vault 7 dump of leaks that began in March exposing CIA activities and capabilities. This latest release includes five documents that explain how agents might load and execute malware on targeted computers.” (05/16/17)

https://threatpost.com/wikileaks-reveals-two-cia-malware-frameworks/125701/

Cyberwar is officially crossing over into the real world

Source: The Atlantic
by Adrienne LaFrance

“Hospitals, pharmacies, and major corporations like FedEx and the Spanish telecommunications giant Telefonica were among the 200,000 victims hobbled by a global ransomware attack on Friday, which locked people’s computers and demanded Bitcoin payment in exchange for access. In the United Kingdom, some hospitals canceled procedures and other appointments as a result. The software security firm Symantec found that people paid ransoms totaling about $54,000 in the attack, though officials strongly caution against paying such ransoms. Among the many questions prompted by the fallout of the attack is an increasingly urgent one: At what point will a cyberattack prompt a more traditional form of retaliation? More importantly: When should it?” (05/16/17)

https://www.theatlantic.com/technology/archive/2017/05/cyberwar-is-officially-crossing-over-into-the-real-world/526860/

Government is the cause of — not the solution to — the latest hacking outbreak

Source: Reason
by Scott Shackford

“Privacy and cybersecurity experts and activists have been warning for ages that governments have their priorities all wrong. National security interests (not just in America but other countries as well) comparatively spend much more time and money attempting to breach the security systems of other countries and potential enemies than they do bolstering their own defenses. Reuters determined, with the information from intelligence officials, that the United States spends $9 on cybersurveillance and government hacking for every $1 it sends on defending its network systems. The ‘WannaCry’ Malware attack that spooled out over the end of last week and into the weekend, implicates both sides of this problem. The ransomware, first of all, allegedly originated from vulnerabilities and infiltration tools developed by the National Security Agency (NSA) they had been hoarding and keeping secret from technology companies whose defenses they were breaching. All of this secrecy was to facilitate the NSA’s ability to engage in cyberespionage and to prevent technology companies from building defenses that would have inhibited government surveillance. The NSA lost control of these infiltration tools and they were publicly exposed by the hacker group known as the ‘Shadow Brokers’ last month.” (05/15/17)

http://reason.com/blog/2017/05/15/government-is-the-cause-ofnot-the-soluti

“WannaCry” cyberattack slows, but threat remains, experts say

Source: NBC News

“The massive malware cyberattack that has struck an estimated 300,000 computers worldwide showed signs of slowing down Monday. But cybersecurity experts cautioned that new versions of the virus could still emerge. Thousands more were impacted by the virus on Monday, many in Asia, where businesses were originally closed when the ransomware first began to spread like wildfire across 150 countries on Friday. John Miller, a manager of threat intelligence cybersecurity company FireEye, told NBC News the company was detecting new versions.” (05/15/17)

http://www.nbcnews.com/news/world/wannacry-malware-cyberattack-slows-threat-remains-experts-say-n759661

NSA’s leaked malware is being weaponized by criminals

Source: Bitcoin.com
by Wendy McElroy

“What’s worse than a government agency (CIA) committed to violating privacy rights through weaponized malware? A bumbling one that hands your computer over to more common criminals who want banking information, tax refunds and anything else from which they can profit. What’s worse than an agency with weaponized malware blowing in the wind? Two agencies (NSA).” (05/12/17)

https://news.bitcoin.com/nsas-leaked-malware-weaponized-criminals-wendy-mcelroy/