Wednesday, June 28, 2017

Opps, that ransomware wasn't ransomware - What I Am Reading 6/28/2017

Ars Technica - Tuesday’s massive ransomware outbreak was, in fact, something much worse -
In other words, the researchers said, the payload delivered in Tuesday's outbreak wasn't ransomware at all. Instead, its true objective was to permanently wipe as many hard drives as possible on infected networks, in much the way the Shamoon disk wiper left a wake of destruction in Saudi Arabia. Some researchers have said Shamoon is likely the work of developers sponsored by an as-yet unidentified country. Researchers analyzing Tuesday's malware—alternatively dubbed PetyaWrap, NotPetya, and ExPetr—are speculating the ransom note left behind in Tuesday's attack was, in fact, a hoax intended to capitalize on media interest sparked by last month's massive WCry outbreak.
My guess is this was Russian malware that was supposed to target Ukrainian infrastructure, probably in response to Trump's new sanctions and last weekends revelations about a potential CIA cyberattack on Russia, and it went rogue. Bothe the Russians and the NY Times (I think they published the article) should be held responsible. 

Wired - WikiLeaks Dump Reveals a Creepy CIA Location-Tracking Trick -
New documents released on Wednesday as part of WikiLeaks' series of CIA hacking revelations detail a method the agency uses to geolocate computers and the people using them. The agency infects target devices with malware that can then check which public Wi-Fi networks a given computer can connect to at a given moment, as well as the signal strengths of those networks. From there, the malware compares the list of available Wi-Fi options to databases of public Wi-Fi networks to figure out roughly where the device is.
And so once again, if you are ever on the run dump all your electronics.

Schneier on Security - Girl Scouts to Offer Merit Badges in Cybersecurity -

18 badges, girls as young as 5 can participate.

No comments: