Tag Archives: SLocker

10Fold- Security Never Sleeps- 179

‘NotPetya’ Hackers Demand $256,000 In Bitcoin To Cure Ransomware Victims

“One of biggest attacks leaves many with a big bill”

Some of the largest industrial firms were infected by the ‘NotPetya’ ransomware and those responsible are demanding 100 Bitcoin, or about $256,000, to decrypt the victims files. A post on Pastebin by an anonymous user said: “Send me 100 Bitcoins and you will get my private key to decrypt any harddisk (except boot disks).”

Fake WannaCry Ransomware Uses NotPetya’s Distribution System

“Distributed through the same channel”

The NotPetya malware was not the only bug to make its way through the M.E.Doc last week. A WannaCry variant that ended up being a fake, FakeCry, was delivered with the same mechanism. Kaspersky found that FakeCry was delivered to the M.E.Doc users on June 27th, the same day as the NotPetya spread. The security firm says that it was run as ed.exe by the parent process ezvit.exe, which led Kaspersky to believe that it utilizes the same delivery system as NotPetya.

Android Ransomware Mimics WannaCry

“WannaCry interface similarities in SLocker”

Windows systems were hit by a ransomware that had an interface mimicking the WannaCry malware last month. TrendMicro security researchers found that one of the first Android ransomware families to encrypt files in exchange for payment, Slocker, has had a major upgrade. SLocker has been seen before, but was offline for a while after the creator had been arrested just days after its initial release.

CopyCat malware infected 14 million outdated Android devices

“Fradulent ad revenue collected”

A new Android malware strain dubbed, CopyCat, has injected itself into over 14 million outdated devices globally. The malware hijacks applications to display fradulent ads, according to CheckPoint researchers. On Thursday, the security firm claimed that most victims were in Asia, but over 280,000 U.S. devices were also affected. Google was tracking the malicious software for the better part of two years, but third party app downloads, phishing attacks, and other avenues make the infection difficult to contain.

Enjoy your read? Check out our other blogs and content here.

10Fold- Security Never Sleeps- 162

BitKangoroo Ransomware Deletes User Files

“Currently poses limited threat” 

BitKangaroo, a new ransomware program making rounds on the web, deletes files if cash payments are not made within a certain time period. While the prospect of the new software is dangerous, its creator does not seem to be particularly skilled. It is currently capable of affecting only files saved in the Desktop folder, but given time may be able to be developed into a much more competent threat.

The Long Tail of the Intel AMT Flaw

“Exploitable firms may need time to apply patches”

Many Intel chips containing the recently disclosed critical privilege escalation security vulnerability in AMT firmware may leave many enterprises using the product exposed to remote attacks. Analysts recommend thise with the product in use take time to apply firmware patches, as the vulnerabilities can leave users devestated for a reasonably long time.

SLocker Ransomware Variants Surge

“Over 600 unique versions now circulating”

Android malware plague SLocker has increased in number by over six times over the last six months, with over 600 variants in use by cybercriminals on the web.

Enjoy your read? Check out our other content here.