On 12 May 2017, the cryptoworm WanaCrypt0r 2.0, also known as WannaCry, infected hundreds of thousands of computers around the world. Our investigation into this ransomware reveals some worrying trends.

Read More

Suggestions

On 12 May 2017, the cryptoworm WanaCrypt0r 2.0, also known as WannaCry, infected hundreds of thousands of computers around the world. Our investigation into this ransomware reveals some worrying trends.

Read More

Suggestions

The dangers of unsecured connected devices were made all too clear in 2015 when the personal data of more than 3 million Hello Kitty clients, stored on an open MongoDB database, was leaked to the public. Today, companies continue to suffer from major data leaks caused by inadequate security, as seen in the Ghostshell affair.

Read More

Suggestions

The computer network of a water and electricity supplier in the State of Michigan in the United States was taken down for a week following a cyber attack.

A hacker whose identity remains unknown infected the computer networks of the Lansing Board of Water & Light (BWL) using malware whose technical specifications have not been disclosed.
On the morning of April 25, BWL detected the malware and immediately shut down its computer networks in order to prevent it from spreading. The program appears to be ransomware: malicious software encrypting the data of an owner from whom a ransom is then demanded in exchange for the key to decrypt the data. Electricity and water distribution networks were in fact spared in the attack.

Read More

Suggestions

IT security researchers at Kaspersky Lab have detected and analyzed a banking Trojan thought to be one of the most dangerous ever seen on Android application platforms.

This malware, known as Acecard, has the capacity to attack users of around fifty apps and online payment services available to download from Google Play. It would be able to bypass the security measures demanded by the app store.

A full range of functionality

This malware is equipped with currently available features, allowing it to steal users’ personal and banking details. For example, it can capture a bank’s text and voice messages and can also display a login form, overlaid on a genuine app, in an attempt to steal credit cards as well as usernames and passwords.

Read More

Suggestions

Ransomwares continue to improve and are aimed at increasingly bigger targets, moving from ordinary computers to entire business networks, as witnessed recently at the Hollywood Presbyterian Medical Center in the United States. The latest target for these ransomwares is websites.

Following Linux.encoder.1, the first ransomware to target Linux servers with the aim of shutting down a website, the IT security researcher, Benkow, has identified “CTB-Locker for websites”, a variant of the formidable CTB-Locker ransomware.

This ransomware follows the classic pattern with the contents of a website being encrypted (AES 256) pending payment of a ransom of 0.4 bitcoins (about 160 euros) while the original index.html page is replaced by a homepage showing a set of instructions.

Read More

Suggestions

Over a one-week period, the IT network of a Californian hospital was completely paralysed by a cyberattack and forced to declare an emergency.

A group of hackers, whose identities remain unknown, infected the IT networks of the Hollywood Presbyterian Medical Center, using malware to encrypt all the hospital’s data. The hackers initially demanded a ransom of 9,000 bitcoins (3.3 million euros) to allow the hospital to regain control over its data. A few days later, the pirates changed their minds and adjusted the demand to 40 BTC (approximately 15,000 euros), which the hospital eventually paid.

Unexpected consequences

The encryption of data, combined with the rapid propagation of the malware through the hospital’s user terminals and servers, rendered several items of hospital equipment unusable. No longer able to provide full care services, or to access patients’ data, the hospital was forced to put safety first and moved almost 900 persons to another hospital in the region.

Read More

Suggestions