Collaborate Disseminate
Whenever I think that the various criminals behind ransomware can’t sink any lower, someone comes along and proves me wrong. Edmund Brumaghin and Warren Mercer in a post for Talos describe a particularly vicious example of ransomware they call Ranscam, which doesn’t bother to encrypt files. It claims that the files have been moved to a ‘hidden, encrypted […] Continue reading Ranscam: paying up won’t get your files back
For CSO Online, Steve Ragan describes how Ransom demands are written in Russian via the Find my iPhone service. Here’s how he describes the attack: It starts with a compromised Apple ID. From there, the attacker uses Find My iPhone and places the victim’s device into lost mode. At this point, they can lock the device, […] Continue reading Ransomware and a rumoured Apple ID breach
Here’s an article from my colleague ESET Camilo Gutiérrez Amaya, Head of Awareness & Research for Latin America: Ransomware: First files … now complete devices. The article is actually adapted from the ransomware section of ESET’s 2016 trends paper (In)security Everywhere, but worth reading if you haven’t read that somewhat hefty document. David Harley Continue reading ESET Latin America on Ransomware
For eWeek, Robert Lemos observes Security Researchers Puzzled by Demise of TeslaCrypt Ransomware. To be honest, I think the media are more preoccupied with the reasons behind the TeslaCrypt group’s actions than security researchers are in general, but I was happy to give him the benefit of my prejudices opinions, and flattered that he gave them so […] Continue reading The TeslaCrypt puzzle
Jérôme Segura adds to our knowledge of current support scam tricks by describing how Scammers Impersonate ISPs in New Tech Support Campaign. Scammers have, in fact, impersonated ISPs before, though not as often as they’ve pretended to be Microsoft (or working on behalf of Microsoft), and not as often as I expected when I wrote about this […] Continue reading Tech support scammers impersonating ISPs
On the SC Magazine web site, Biocatch’s VP of Product Management Oren Kedem asks ‘After a decade, why can’t we finally be rid of the Microsoft scam?‘ Which is slightly odd, in that he reckons the support scam (no, he wasn’t talking about the way Microsoft is pushing Windows 10!) has been around since ‘at […] Continue reading Beating the ‘Microsoft scam’
An article for Trend Micro by Echo Duan illustrates one of the complications of having an operating system that works on and connects all kinds of otherwise disparate objects: FLocker Mobile Ransomware Crosses to Smart TV. Of course, embedded versions of operating systems such as other versions of Linux, Windows and so on, are not in themselves […] Continue reading FLocker: Android Ransomware meets IoT
Ondrej Kubovič for ESET: Beyond TeslaCrypt: Crysis family lays claim to parts of its territory. The ransomware that ESET calls Win32/Filecoder.Crysis encrypts files on fixed, removable and network drives. It uses strong encryption algorithms and a scheme that makes it difficult to crack in reasonable time. It encrypts everything except system files and its own bits and pieces, and […] Continue reading Crysis? What Crysis?
Another FBI alert, this time summarizing an increase in reports of tech support scams. While law-enforcement alerts are often behind the curve, there are several points well worth noting here: The addition of two approaches to initial contact that have been particularly noticeable recently: Via BSOD/locked screen Addition of an audio message urging the victim […] Continue reading Support scam alert from the FBI
Not ransomware, but related in that it clearly involves extortion/blackmail: the FBI has issued an alert about Extortion E-Mail Schemes Tied To Recent High-Profile Data Breaches. The threatening messages arrive in the wake of a flood of revelations of high-profile data thefts. The ready availability of stolen credentials is used by crooks to convince victims that they […] Continue reading Data breaches used as basis for extortion