WannaCry Ransomware

• A good article detailing what this is about.
• The "hero" who reserved the domain name to halt the spread.
• Variations start emerging, and more expected soon.
• Suspected links to North Korea
• A beginners guide to what this is all about
• Profits Finally Hit $100,000
• Can be decrypted -- well sort of - in some conditions

Free Rides at San Francisco Metro

27-Nov-2016:
A hacker deployed ransomware making the metro system un-usable, and asked for $73000..!

30-Nov-2016:
The hacker gets hacked. Reminder to change those password recovery questions.

No More Ransom

Europol in collaboration with others have introduced a simple portal to provide all know antidotes to the common cryptoware out there:   https://www.nomoreransom.org/

Update 29-Jul-2016:

Victims of the Chimera ransomware were thrown a lifeline this week after a rival malware author appeared to leak the decryption keys online.

Kudos to competing hackers as well?!

Free Open Source Ransom Ware

Good news for bad guys, we now have an open source ransomware [Hidden Tear], which can be tweaked and used by anyone with literally basic scripting skills. Features include:

• Uses AES algorithm to encrypt files.
• Sends encryption key to a server.
• Encrypted files can be decrypted in decryption program with encryption key.
• Creates a text file on Desktop with given message.
• Small file size (12 KB)
• Undetectable by antivirus programs

Introducing Dyre Wolf

An innovative and daring technique to steal money - using a malware and a call-center team!

While many popular banking Trojans have targeted individuals, Dyre has always been used to target organizations. Since its start in 2014, Dyre has evolved to become simultaneously sophisticated and easy to use, enabling cybercriminals to go for the bigger payout.

MITM on Lenovo Computers - Introducing Superfish

A tool deployed by default to help push 'relevant' advertisements, has been found to be doing MITM attack to grasp HTTPS website data. The tool internally uses a password called 'komodia'.
[Sighh... why do security researchers give out the exploits on a silver platter?]

Full Story

Culprit of corporate wide infections

Who is the biggest culprit when it comes to corporate wide infections? It's the senior management!!

ThreatTrack found that bosses, or senior leadership, end up with malware on their PC or mobile device by:
56% clicked on a malicious link in a phishing email.
47% attached an infected device to a corporate PC.
45% let a familiy member uses a company computer.
40% surfed to a malware-infected porn site.
33% installed a malicious app.

Economics of CyberCrime

Update 03-May-2012:

Microsoft Researchers say cybercrime loss estimates are a bunch of bunk. In "Sex, Lies and Cybercrime Surveys", the Microsoft Researchers wrote, "Cyber-crime, like sexual behavior, defies large-scale direct observation and the estimates we have of it are derived almost exclusively from surveys." The research paper concludes. 

Pretty Interesting

Update 08-Oct-2012:
As per, "The 2012 Cost of Cyber Crime Report", some highlights:

• The frequency of successful cyber attacks has more than doubled over the last three years
• The annual cost to organizations has slowed dramatically in the last two years
• The average time to resolve a successful attack has grown from 14 days in 2010, through 18 days in 2011, to 24 days in 2012
• Most costly cyber crimes are those caused by malicious insiders, denial of services, and malicious code

Update 14-Aug-2013:
Another good post on a similar subject of - CyberCrime as a service.

Update 01-Sep-2013:
A report based on "The econimic impact of cybercrime and cyber espionage", dated July-2013

Commercial Malware For Linux - Hand of Thief

Hand of Thief Banking Trojan -  Takes Aim at 'Secure' Linux OS

Bogus Chrome, Firefox extensions

Fake browser extensions, which are digitally signed!

Carberp financial malware gets leaked online

Source code for a malware, which originally costs $5000, is up for grabs. Go ahead and tweak your own free malware!

Update 18-Aug-2013:
Here is a link to download it.

The World of Financial Trojans

A symantec's report  on trojans - I am sure it will be super biased by the business of the creator

AutoIt Malwares

AutoIt, which is a Windows scrpting language is now popularly being used to create malwares. In fact there is some really good code on Pastebin up for grabs!

Malware Deep Dive

InfoWorld's report on malware analysis. As always some scary statistics - the accuracy of which is always doubtful, and biased coming from antivirus companies.

However, there is a good list of pointers for the newbies to stay safe from viruses.

Report is here

NIST DB Hacked

Malware hits National Institute of Standards and Technology..!!

New York Times Hacked by China

Looks like Symantec became overly defensive here.

Update 20-Feb-2012:
NY times, engages  Mandiant (a security firm), who releases a report, that says majority of the hacks in China are state sponsored!! And of course the Govt of China refutes. Full report is here.

Update 22-May-2013:
Attacks are back with a slight modification.

Three charged with distributing Gozi virus

A little about this virus

Cuckoo Sand Box - Analyse Malware

Malware? Tear it apart, discover its ins and outs and collect actionable threat data. Cuckoo is the leading open source automated malware analysis system.

CuckooSandBox

Trojan bypasses two-factor authentication, steals $46.5 million

A very sophisticated malware, good job done by the coder.

Taking scareware scams to the next level

.. purporting to be affiliated with major computing vendors including Dell, Microsoft, McAfee and Norton, the telemarketers conned unwitting consumers into believing that their computers are riddled with viruses, spyware and other malware, charging anywhere from $49 to $450 per PC to remotely access and "fix" the machines.

Full Story