According to the EU’s law enforcement agency Europol a complex ransomware network has been shut down. The operation to close the network was headed by Spanish police in cooperation with the agency. Eleven people have been arrested from Russia, Georgia and Ukraine. The scheme planted malware on computers which accused the users of viewing illegal
New malware that attacks point-of-sale (POS) systems had been detected in 40 countries in recent months. The malware, dubbed “Dexter” is able to skim credit card information from compromised POS systems.
This morning when I logged into LinkedIn I was greeted with several front page references to the reported hacking of the site, and instructions for changing my password, which I did immediately. This is a good time to change all of your social media passwords, making sure you create a fresh password that is hard
It's been a busy few weeks. Last week I was in Krems, Austria for the EICAR conference. The week before, I was in Prague for the CARO workshop (where my colleagues Robert Lipovsky, Alexandr Matrosov and Dmitry Volkov did a great presentation on "Cybercrime in Russia: Trends and issues" – more information on that shortly),
…we have just published a lengthy analysis that considers many of these questions, as well as discussing some of the characteristics of this fascinating and multi-faceted malicious code. The report is already available here, and will shortly be available on the ESET white papers page.
A bit of news this week dealt with Cyberwarfare. Far from becoming part of the tinfoil hat crowd, cyberwarfare has been growing in real world relevance in the past eighteen months and is the primary impetus for pending legislation. While in the Cold War, detente could be measured in the megatonnage of nuclear weapons, the
Interesting news this week with some heavy anticrime work in Russia resulting in the arrests of the alleged RBS Worldbank cybercriminals. In related research I had to laugh out loud at this particular turn of phrase reported by the Financial Times; The Russian Federal Security Service (FSB)has detained suspects including Viktor Pleshchuk, an alleged mastermind
Some more information on the Hexzone botnet has come my way, mostly from FireEye’s Atif Mushtaq and Paul Ferguson’s hairdresser (don’t ask!). Atif also mentions the association with ransomware: the malware is installed as a Browser Helper Object (BHO) on the victim’s machine, and hijacks browsing sessions, taking the victim to a page hosting pornography.
There is some chatter about a news item that has been released by Finjan in a blog post this morning. The news has been picked up by Computer Weekly and USA Today. The un-named bot involved in this story is detected by ESET as Win32/Hexzone.AP. It is a typical Trojan that reports to a command
Well, hopefully my power sockets are not leaking computer viruses and keyloggers, but who knows? Quite a few news outlets have picked up on a story in the Wall Street Journal claiming that spies from China and Russia have "penetrated the U.S. electrical grid". Scary… A little too scary and not enough detail to convince some
If it was the intention of the Conficker gang to create a huge splash, they succeeded. (In fact, it’s quite possible that they’ve attracted more attention than they really wanted.) In any case, it seems that lots of people are looking nervously over their shoulders for any indication that something unpleasant and Conficker-related is about