While researching the dangerous banking trojan, Lurk, Kaspersky Lab security experts have found that criminals behind this malware used legitimate software for infection purposes. While unsuspecting users were installing legitimate remote access software from a software developer’s official website (ammy.com), they unwittingly had malware leaked onto their machines. The Lurk gang was arrested in Russia in the beginning of June 2016 and was using a namesake multilayer trojan. With its help, they reportedly managed to steal 45 million dollars (3 billion rubles[1]) from banks, businesses and other financial institutions in the country. To propagate the malware, they used different malicious techniques, including watering…
Author: ISBuzz Team
Ubuntu Linux developer Canonical has admitted that the data of 2 million of its forum users has been compromised, following the exploitation of a known SQL vulnerability. The flaw was found in the ‘Forumrunner’ add-on, which was left unpatched. User passwords have not been breached, but the attacker had access to the usernames, email addresses and IPs for the 2 million affected. Ryan O’Leary, VP Threat Research Centre at WhiteHat Security commented below. Ryan O’Leary, VP Threat Research Centre at WhiteHat Security: “SQL injection continues to be an easy avenue for hackers to cause harm or steal information from a database.…
In F-Secure’s evaluation, three out of four ransomware criminal gangs were willing to negotiate the ransom fee. Berkshire, UK. Ransomware criminals actually care about your convenience. That’s according to a recent experiment detailed in a new F-Secure report, Evaluating the Customer Journey of Crypto-Ransomware and the Paradox Behind It. The experiment involved evaluating the “customer experience” of five current crypto-ransomware variants, beginning with the initial ransom screen all the way to interacting with the ransomware criminals behind each of those variants. The report’s findings include: Those families with the most professional user interfaces are not necessarily also those with the best…
Following the news that hacking group PoodleCorp has taken responsibility for taking down Pokemon Go in the US and Europe using a DDoS attack, Stephanie Weagle, Senior Director at Corero Network Security commented below. Stephanie Weagle, Senior Director at Corero Network Security: “The online gaming industry is highly susceptible to DDoS attacks due to the competitive nature of the games themselves, monetary gains or the notion that organized cyber crime syndicates can grab headlines with their successful attacks. “DDoS attack tools are easily procured and at low cost allowing any creative attacker the ability to cause service disruptions at a click…
Across the globe, an alarming number of widely-known businesses are falling victim to data breaches. Public concern over the safety of private data is becoming increasingly prevalent, due to the large amount of media coverage surrounding prolific scandals like last year’s incident at TalkTalk. Those concerned about these events are right to be; the breach at TalkTalk alone resulted in the addresses, credit card details and account information of four million customers being put at risk. The good news for consumers is that their concern is shared by legislators in the European Union. In fact, for many years the EU…
New Threat Index shows number of malware families targeting business networks has grown 61 percent from January to June 2016, while mobile threats continue to increase rapidly Check Point Software Technologies Ltd. today published its latest Threat Index, revealing the number of active malware families increased by nearly two-thirds in the first half of 2016, led by the number of threats to business networks and mobile devices. During June, Check Point detected 2,420 unique and active malware families attacking business networks, a 61 percent increase compared with January 2016 and a 21 percent increase since April. The continued rise in the number…
Taiwan is trying to figure out how hackers managed to trick a network of bank ATMs into spitting out millions. Police said several people wearing masks attacked dozens of ATMs operated by Taiwan’s First Bank on Sunday. They spent a few minutes at each of the machines before making off with the equivalent of $2 million stashed in a backpack. They didn’t use bank cards but rather appeared to gain control of the machines with a “connected device,” possibly a smartphone, the police said in a statementThursday. Craig Young, Security Researcher at Tripwire commented below. Craig Young, Security Researcher at Tripwire:…
A new strain of malware called cuteRansomware has been uncovered that uses a Google Doc generated by cybercriminals to host the decryption key and command-and-control functionality. Travis Smith, Senior Security Research Engineer at Tripwire commented below. Travis Smith, Senior Security Research Engineer at Tripwire: “What makes cuteRansomware interesting is the usage of a well-known cloud service provider to as the command and control server. This instance is using Google Docs to maintain the encryption and decryption keys for each victim. While unique, hosting the keys on Google Docs is a short term solution. Once Google is notified, it’s likely the form controlling…
It is being reported that there was a spike in cyber attacks on Philippine government web sites, including a key Malaccañang agency, following the United Nations International Arbitration court’s ruling in favour of the Philippines on the West Philippine Sea territorial dispute. However, it was not clear if the attacks were carried out by parties associated with China itself, as they apparently emanated from multiple countries. So far, the government has not been able to pinpoint the origin of the attacks. All were categorised as DDoS, or Distributed Denial of Service actions. Stephen Gates, chief research intelligence analyst at NSFOCUS, provider of advanced security…
A new strain of malware has been spotted on the dark web that is up for sale for less than $50 for a lifetime licence. The ransomware, named Stampado, gives victims 96 hours to pay the ransom before it starts randomly deleting files from their PC. Security experts provide an insight on this ransomware below. Wieland Alge, VP and GM EMEA at Barracuda Networks: “The rise of cheap and accessible ransomware like the Stampado variant is an indication of an accelerating evolution of the threat landscape. It is the direct result of the digital transformation of crime. However, being successful at spreading ransomware does require a…