Wow... it has been a really busy week for ransomware. The top stories this week are the rise of Pop Culture Ransomware, as seen by two Pokemon variants and a Mr. Robot variant, and Check Point's Cerber report and short-lived, but useful, decryption service.
A new ransomware called DetoxCrypto has been discovered that includes variant that take pictures of your active screen or try to take part in the PokemonGo craze.
A new deal is available for 97% off the CompTIA Linux+ Certification Exam Prep. This online course will prepare you for the CompTIA Linux+ Certification Exam. With access to 10 prep modules, this course will train you on how to become a Linux system administrator.
On 17 August, open-source project Bitcoin.org announced on their website that the next version of Bitcoin Core, a popular digital wallet for the cryptocurrency, could be hacked and replaced with a malicious look-alike by state sponsored actors.
Adware vendors are constantly using new methods to inject advertisements or to hijack the home pages of computer user's browsers. Recently, Djordje Lukic, a malware researcher for Zemana, passed along a sample of a a new variant of the Youndoo Browser Hijacker. This sample uses DLL Hijacking and information in the registry to hijack
Today Michael Gillespie discovered a new EDA2 variant that I have dubbed the FSociety Ransomware based on the image used on the infection's wallpaper. Fans of Mr. Robot, will instantly recognize the image as the logo of the show's infamous hacking group called FSociety.
Members of a pornography website targeted dozens of Australian schools so they could view and swap graphic sexual images of female students and other non-consenting women. News.com reports that members of the site have posted and shared more than 2,000 images since December 2015.
A new deal is available for 92% off the Become an Ethical Hacker Bonus Bundle. This 9 course bundle and over 60 hours of training teaches you how to become an ethical hacker and to learn the fundamentals of pentesting. These courses are normally priced at $681.00, this deal has been discounted 92% to $49.00
Well it's time once again, Microsoft has released Windows 10 Insider Preview Build 14905 to insiders on the fast ring. In this build Microsoft has made more sounds available that can be used to personalize Windows. Information on how to access these sounds can be found below.
In just one day, the developers behind the Cerber Ransomware have made changes that blocked Check Point Software from decrypting Cerber victim's for free. At the same time, Cerber has added a captcha to their payment system. Was a simple captcha used to block Check Points' decryption system?
Security researchers have uncovered a "strong connection" between a mysterious data dump and a group of hackers known as the Equation Group who are believed to be working for the United States National Security Agency. This connection indicates that the data dump does indeed containing information that belonged to the Equation Group.
Check Point Software, along with IntSights, have released a very detailed report on the Cerber Ransomware and its Ransomware as a Service affiliate system. The revenue generated by the Cerber affiliate system is staggering, with Cerber generating $195,000 in profits for July and the malware developer taking a 40% cut from this total.
Malware is believed to have infiltrated point-of-sale (POS) terminals and compromised customers' payment card information at 20 HEI Hotels & Resorts locations. This malware affected a total of 12 Starwood hotels, six Marriott resorts, and one location of Hyatt and Intercontinental each.
For those who have been affected by the Cerber Ransomware and decided not to pay the ransomware, we have good news for you! Today, Check Point released a free decryption service for files encrypted with the .CERBER and .CERBER2 extensions.
A new Ransomware as a Service, or RaaS, called the Shark Ransomware Project has been discovered. The Shark Ransomware Project offers would-be criminals the ability to create their own customized ransomware without needing any technical experience and by simply filling out a form and clicking a button.
Researchers have devised a new cryptocurrency called DDoSCoin that could potentially incentivize criminals to harass, extort, and attack websites designated as targets. This coin would award people who perform Denial of Service Attacks on chosen victims by rewarding them with DDosCoins.
A new deal is available for 95% off the Complete Citrix Enterprise Course Bundle. This bundle contains 50 hours of online courses that teach you how configure and optimize Citrix environments. These courses are normally priced at $1,008.00, this deal has been discounted 95% to $49.00.
A new variant of the TorrentLocker ransomware, otherwise known as Crypt0L0cker, that pretends to be a bill from the Italian energy company Enel. When the ransomware is executed it will encrypt a victim's data and append the .ENC extension to encrypted files.
With the popularity of PokemonGo, it was inevitable that a malware developer would create a ransomware that impersonates it. This is the case with a new ransomware that impersonates a PokemonGo application for Windows and includes such interesting new features such as a backdoor and spreading to removable drives.
This week we have 4 new ransomware infections, 1 new decryptor, and 1 new ransomware variant. Lots of development ransomware discovered, which only indicates how many criminals are getting into the ransomware game. Also, saw some interesting hacks by Pen Test Partners, where they installed ransomware on a thermostat!