The Week In Ransomware

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

And a slow one. No real big stories popped up and frankly unless I actually try to pursue building an app, there isn’t much I can talk about. So here’s the week in ransomware.

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-17th-2017-live-hermes-reversing-and-scada-poc-ransomware/

I suspect that like many thing, cybercime has it’s fads that blowup and then die down.  Frankly if I were a cybercriminal I wouldn’t want something with the potential to blow up in my face like ransomware does.

Cybercrime: Fun And Games On Linked In

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

Ran into this on 40pluscareerguru. This is the electronic update to the old badger game.

Inadequate cyber security has enabled an explosion of online fraud. Yesterday the BBC reported that online fraud and computer misuse is now the largest category of crime happening in the UK today. There were over 5 million cases reported in the last year and probably many more which went undetected.

Social media is the new hunting ground for criminals and fraudsters. And they are exploiting it with virtual impunity because the platforms are simply not doing enough to counter this threat to users.

Worse, police resources are just not large or capable enough to combat a problem which is often conducted from outside their jurisdictions. So we have to take care of ourselves and do our bit to protect our online friends as well.

Criminals are lurking even in places we’d not expect to find them. Like Linkedin. Here, fake or misleading profiles are used to create aliases that are then used to commit fraud on unsuspecting victims.

Security specialists Symantec recently investigated LinkedIn. Its investigation uncovered dozens of fake accounts on the social network, across a variety of industries.

I was shocked. Not that they found some. But that they found so few. I’d expect them to do better than this because even my cursory review suggests there are not dozens of these but thousands.

Depending on the nature of the fraud intended, the fake profile will vary. Some aim to acquire sensitive intelligence information from government employees. Others have more humble crimes in mind such as phishing or email scams. But one which has had fatal consequences is sexploitation. This has already resulted in at least one suicide by the victim.

I don’t know how extensive Symantec’s project was, but it took me about 5 minutes to uncover a whole heap of fake profiles without any of Symantec’s technology or resources. And I was shocked to see that the first fake profile I found had over 500 connections and a whole host of endorsements.

Meet Amber Grace Fowler and her friends:

‘Amber’ has absolutely nothing about herself on her profile. She’s not on the staff list at the estate agents she claims to work at. She has a Twitter account which is locked. All this says to me the account is fake, nonetheless the account has over 500 connections, and numerous endorsements for all sorts of things and ALL of course from (dumb) men.

This is what I call a Linkedin honeytrap. This particular fraud involves tricking unwary men into making a connection with the fake account. They are then seduced into committing sexual acts in front of a webcam, not realising they are dealing with an organised criminal gang. The footage is recorded by the criminals and then they have all they need to proceed to blackmail the victim.You might think that anyone stupid enough to get caught like this deserves all they get. That you’d never be lured into such a trap. But it’s happening all the time. So much so that the government have invested in this film which warns of the dangers:

I’m actually not very surprised that this sort of thing goes on in Linked In.  The site is primarily a site for job hunters and career people, both of whom tend to be vulnerable to social reinforcement. This is just the old badger game without the risks to the perpetrators.
The honey trap is as old as humanity, but heretofore the participants actually had to interact with victim, with all the risks that that involves if the victim refuses to be blackmailed and sets you up.  With cybercrime, all that goes away.  So be careful with social media interactions.

Well, It’s happened.

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

A hotel was locked out of its key system by ransomware. From the sounds of it, the ransomware encrypted the file used maintain the key system, rendering it useless and unable to issue new keys.

Read More

Just The Week In Ransomware

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

Just the week in ransomware this week.  I’ve been working on a post about cryptography but haven’t been able to get out and pull some resources from the library.  There are also no big changes anyway except more of the pernicious malware.  I may actually have to talk to some friends about actually doing some of the ideas I had last week.

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-27th-2017-potato-spora-goes-global-and-sage-2-0/

 

 

House And Shop Gates Against Ransomware

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

When you lived or ran a shop in NYC back in the days before the Guiliani  administration you had to take special measures to protect your home or business.  You put multiple lock on the doors and you put steel grates or panels over the windows and doors of you business.  All because nobody was enforcing the laws back then.

Read More

Throw The Book At Him

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

Once caught malware creators shouldn’t be able to plea down.  At this point, the risk level for malware creators needs to be enhanced.  The authorities need to show that doing this stuff is not a kids game. Especially to all smart stupid kids like this. They can code, but they don’t really understand the risks of letting bad code out.

Read More

ransom

Dear Micah Lee: Maybe Russian Hackers don’t use TOR, but Russian(and every other country’s) extortionists do

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

Maybe Russian  Hackers don’t use TOR, but the ransomware extortionists and other malware creators take full advantage of TOR’s ability to anonyminize IP addresses.  As for “smoking gun,” well, check the top of this post.  I was hit with ransomware last year and I can attest that all communication was through the TOR network, which allows the Reveton people the protection of anonymity.  A protection that the network and the way the OS is set up do not allow me, or most users.

Read More