Category Archives: WannaCry

WannaCry’s bitcoins were converted to Monero, researchers say

Posted on by

Three months after WannaCry impacted more than 300,000 computers in over 150 countries, the bitcoins paid by victims have been exchanged for Monero, a privacy-focused cryptocurrency that’s seen a spike in popularity and price over the last year, according to researchers at the Italian cryptocurrency intelligence firm Neutrino. Beginning on Wednesday night, a Twitter bot set up by the business blog Quartz watched as money was drained from the wallet. The first such transaction can be seen below: 🚨 7.34128314 BTC ($20,055.52 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/wX2k9pJLNQ — actual ransom (@actual_ransom) August 3, 2017 Alberto Ornaghi, Neutrino’s chief technology officer, told CyberScoop that Monero is attractive because “it’s a highly oriented privacy cryptocurrency.” The idea of shifting the funds to to Monero, a three-year old project widely seen as a powerful anonymization tool, has been bandied about for months by a wide range of observers. It looks […]

The post WannaCry’s bitcoins were converted to Monero, researchers say appeared first on Cyberscoop.

Continue reading WannaCry’s bitcoins were converted to Monero, researchers say

TrickBot comes with new tricks – attacking Outlook and browsing data

Posted on by
TrickBot is still actively maintained and it is not going to leave the landscape any soon. Take a look at its new modules.

Categories:

Tags:

(Read more…)

The post TrickBot comes with new tricks – attacking Outlook and browsing data appeared first on Malwarebytes Labs.

Continue reading TrickBot comes with new tricks – attacking Outlook and browsing data

North Korea’s internet connections to China and India come under scrutiny

Posted on by

New analysis of recent North Korean internet traffic reveals that the reclusive regime is most likely carrying out its cyber-operations via the networks of other countries across Asia, Oceania and Africa. The report released Tuesday by threat intelligence firm Recorded Future finds fast-growing internet usage in North Korea that in many ways mirrors what people do online elsewhere: North Koreans go on social media, stream video, play video games and shop. But “a near absence of malicious cyber activity” from within North Korea itself supports the longstanding assumption that Pyongyang conducts cyber-operations from outside its own borders, researchers concluded. Another key piece of evidence that Recorded Future found in the data, which was collected by the nonprofit Internet security research group Team Cymru: above-average activity from North Korea’s internet to notable points in a handful of foreign countries, including China and India. The data was gathered from April 1 to July 6 on internet address blocks believed to be used by […]

The post North Korea’s internet connections to China and India come under scrutiny appeared first on Cyberscoop.

Continue reading North Korea’s internet connections to China and India come under scrutiny

A King’s Ransom It is Not

Posted on by

The first half of 2017 began with two intriguing ransomware events, both partly enabled by wormable exploit technology dumped by a group calling themselves “The ShadowBrokers”. These WannaCry and ExPetr ransomware events are the biggest in the sense that they spread the quickest and most effectively of known ransomware to date. Continue reading A King’s Ransom It is Not

Threatpost News Wrap, July 14, 2017

Posted on by

Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner. Continue reading Threatpost News Wrap, July 14, 2017