Articles about Variants

Ransomware scum infect cancer non-profit

Ransomware scum have hit a new low by infecting a not-for-profit cancer support organization in Muncie, Indianapolis, US. Little Red Door provides diagnostics, treatment, and supplies to under-served patients, among other services. It told told the Associated Press this week that miscreants infected its central server, …
Team Register, 18 Jan 2017

Ransomware brutes smacked 1 in 3 NHS trusts last year

A third (30 per cent) of NHS trusts have been infected by ransomware, with one – the Imperial College Healthcare in London – suffering 19 attacks in just 12 months. According to results of a Freedom of Information-based study, none of the trusts reported paying a ransom or informed law enforcement. All preferred to deal with …
John Leyden, 17 Jan 2017

IBM: Cognitive computing needs flash arrays, mark our words

IBM has announced all-flash versions of three DS8880 monolithic arrays revealed last year, with increased flash capacities and a coat of cognitive marketing paint. The previous systems were the DS8884, DS8886 and DS8888. Now we have all-flash variants, denoted by an "F" suffix. These arrays are tailored to provide storage for …
Chris Mellor, 12 Jan 2017

Like stealing data from a kid: LA school pays web scum US$28,000 ransom

A Los Angeles school has made a whopping US$28,000 ransomware payment after hackers raided its network. Attackers had encrypted enough to ruin computer services, email, and messaging at the Los Angeles Community College District. The school paid the bitcoin ransom after learning it had no other alternatives by way of backups …
Darren Pauli, 10 Jan 2017
typewriter_wtf_648

Insane blackhats behind world's most expensive ransomware 'forget' to backup crypto keys

Variants of the KillDisk data wiping malware, famous for nuking computers in Ukrainian energy utilities, is now being used in possibly the world's most expensive ransom attacks. Attackers are targeting Windows and Linux desktops and servers and demanding a laughable 222 bitcoins (right now US$247,000) for the data to be …
Darren Pauli, 06 Jan 2017
backdoor_648. Pic via Shutterstock

Windows PC spy nasty dormant for three years, mutates and resurfaces

Two new variants of some Windows spyware first discovered in 2013 have surfaced in targeted attacks, security firm Forcepoint warns. The new nasties – BigBoss and SillyGoose – are based on the three-year-old MM Core backdoor. MM Core spawned a spin-off named "StrangeLove" shortly after its discovery before mysteriously …
John Leyden, 05 Jan 2017
Africa Studio http://www.shutterstock.com/gallery-137002p1.html

Ransomware scum: 'I believe I'm a good fit. See attachments'

Criminals are posing as job applicants to drop ransomware into human resources departments. The ransomware vector contains two attachments. One is a harmless PDF cover letter designed to convince the human resources operative that the criminal's email exchange is legitimate. A second Excel spreadsheet attachment contains the …
Darren Pauli, 05 Jan 2017

Bad news, fandroids: Mobile banking malware now encrypts files

Cybercrooks have outfitted ransomware functionality onto an already dangerous mobile banking Trojan. The modified Faketoken can steal credentials from more than 2,000 Android financial applications, security researchers at Kaspersky Lab warn. Based on telemetry, Kaspersky Lab estimates that Faketoken has claimed over 16,000 …
John Leyden, 20 Dec 2016

TCL snags global deal to build n'flog BlackBerrys

Chinese giant TCL has snagged the global contract to design, make and sell BlackBerry-branded phones. The deal applies to all but four countries: India, Sri Lanka, Nepal, Bangladesh and Indonesia. Licensing isn’t a major departure for the company formally known as TCT (TCL Communication Holdings Ltd) – it’s been doing it for a …
Andrew Orlowski, 16 Dec 2016
Newly passed out 2Lts from 6 RIFLES on Salisbury Plain Training Area. Crown copyright, 2013

Ransomware scum face unified white hat army

More security players have joined the No More Ransom initiative, which should make life hard for the cretins who create ransomware. More than 30 security research firms and law enforcement agencies have joined the initiative to unify their efforts to free victims from ransomware extortion. More than 6,000 users have used the …
Darren Pauli, 16 Dec 2016

Ransomware scum offer free decryption if you infect two mates

Ransomware scum are suggesting that victims infect their friends instead of paying for decryption keys. The ransomware variant "Popcorn Time", unrelated to the popular Bittorrent client by the same name, first tells users they have a week in which to pay one bitcoin (US$770) in order to have their files decrypted. The menace …
Darren Pauli, 11 Dec 2016
WDC new products Dec 2016

WDC loads its belt-fed drive cannon, blasts out disks 'n' cards galore

Western Digital Corp wowed analysts with exec spiel and five – or was it six? – product announcements. We have helium gas-filled drives, a 3D TLC NAND microSD card, two SSDs and a promised furiously fast flash platform array overflowing with IOPS. We'll start with the rotating rust and an Ultrastar He12, 12TB helium-filled …
Chris Mellor, 08 Dec 2016
My Friend Cayla and i-Que robot

Playtime's over: Internet-connected kids toys 'fail miserably' at privacy

The Electronic Privacy Information Center (EPIC) and the European Consumer Organization (BEUC) are calling for US and EU data protection authorities to take action against insecure networked toys. Declaring that "My Friend Cayla," a Bluetooth-enabled doll released in 2014, and "i-Que," a connected robot released last year, " …
Thomas Claburn, 08 Dec 2016
Image by Lawrey https://www.shutterstock.com/gallery-702868p1.html

Masterful malvertisers pwn Channel 9, Sky, MSN in stealth attacks

A two-year long, highly sophisticated malvertising campaign infected visitors to some of the most popular news sites in the UK, Australia, and Canada including Channel 9, Sky News, and MSN. Readers of those news sites, just a portion of all affected (since it also affected eBay's UK portal), were infected with modular trojans …
Darren Pauli, 08 Dec 2016

Sony kills off secret backdoor in 80 internet-connected CCTV models

Sony has killed off what, charitably, looks like a debug backdoor in 80 of its web-connected surveillance cameras that can be exploited to hijack the devices. The hardcoded logins can be potentially used by malware, such as variants of the Mirai bot and its ilk, to automatically and silently commandeer swathes of Sony-built …
Chris Williams, 06 Dec 2016
Image by Maythee Voran https://www.shutterstock.com/gallery-3935591p1.html

Poison .JPG spreading ransomware through Facebook Messenger

Checkpoint has found an image obfuscation trick it thinks may be behind a recent massive phishing campaign on Facebook that's distributing the dangerous Locky ransomware. The security firm has not released technical details as the flaw it relies on still impacts Facebook and LinkedIn, among other unnamed web properties. The …
Darren Pauli, 25 Nov 2016

Telegram API ransomware wrecked three weeks after launch

Ransomware scum abusing the protocol of the popular Telegram encrypted chat app have been wrecked and their malware ransom system decrypted. TeleCrypt throws a message to Russian-speaking victims thanking them for helping the "Young Programmers Fund" via the US$78 (5000 ruble) ransom payments, a comparatively small charge …
Darren Pauli, 23 Nov 2016

Hospital info thief malware puts itself into a coma to avoid IT bods

A Trojan targeting US healthcare organizations attempts to avoid detection by going to sleep for prolonged periods after initial infection, security researchers warn. Symantec estimates that thousands of organizations have been hit by the Gatak Trojan since 2012. The malware is programmed to spread aggressively across an …
John Leyden, 22 Nov 2016
Microsoft's Scott Guthrie addresses Connect: any developer, any app, any platform

Microsoft's development platform today: What you need to know

Connect 2016 At the Connect event under way in New York, Microsoft laid out its plans for developers targeting its platform – though what the "Microsoft platform" means has changed radically from what it used to be. The slogan today is "Any developer, any app, any platform," whereas a couple of years ago the theme was "Windows everywhere …
Tim Anderson, 17 Nov 2016
wolves_shutterstock_compressed

Harder, better, faster, stronger (apparently). The IronWolf goes Pro

Seagate has tweaked its IronWolf NAS drive to make it stream data faster for longer and tacked the epithet "Pro" on the end. The IronWolf drive was unveiled in July and came in 1, 2, 3, 4, 5, 6, 8 and 10TB capacity points. The 10TB product is a helium-filled enclosure with seven platters, the others being traditional, air- …
Chris Mellor, 16 Nov 2016
Blackmail

New Ransoc extortionists hunt for actual child abuse material

Hackers have unleashed a strain of scammer that activates on compromised computers when it encounters filenames containing strings that have been associated with child abuse clips and images. Ransoc kicks in when it finds potential "evidence" of child abuse material or media files downloaded via torrents on the targeted …
John Leyden, 16 Nov 2016

WileyFox Swift 2: A new champ of the 'for around £150' market

Review British startup WileyFox has made the best "for around £150"* phone since the first Moto G shook up the market for low-cost smartphones back in 2013. There are two models, the Swift 2 at £159 (list) and dual SIM Swift 2+ at £189 (list), both the same size. I tested the "Plus size" here. Both variants have a fingerprint sensor …
Andrew Orlowski, 14 Nov 2016
Africa Studio http://www.shutterstock.com/gallery-137002p1.html

Cerber ransomware menace now targeting databases

Criminals behind the massive Cerber ransomware enterprise are now targeting businesses as well as individuals with a module that kills and encrypts databases, warns Intel's former security arm McAfee. Cerber had conducted more than 160 campaigns when examined in July targeting 150,0000 users and raking in a cracking US$195,000 …
Darren Pauli, 07 Nov 2016
UCS_S_SEries_inner_lid_display

Cisco: This $200k UCS S-Series is cheaper than AWS S3 after 13 months

Cisco has designed a storage server that it claims is 56 per cent cheaper over three years than paying out for Amazon's S3 service. The networking giant also reckons it's the first fully modular server architecture in the industry. The S-Series is designed for data intensive workloads such as big data, streaming media and …
Chris Mellor, 02 Nov 2016

No nudes, bloated apps, Android sucks and 497 other complaints about Apple to the FTC

Exclusive Apple and its products prompted almost 500 complaints to the US Federal Trade Commission in the past 22 months – a number that suggests the iGiant has cut the rate at which consumers express dissatisfaction. That of course doesn't include social media ire about the new MacBook Pro. The Register sent a Freedom of Information …
Thomas Claburn, 28 Oct 2016
Intel_DC_P3100

Intel punches out data centre flash cardlet

Intel has released a tiny, single-sided and heavily read-optimised SDD for server use in data centres. The P3100 is an M.2 design (22 x 80mm) built from 3D TLC (3bits/cell) NAND. This format has begun appearing in tablets, thin notebooks and desktops as it doesn't take up much space and the use of TLC (3bits/cell) NAND means …
Chris Mellor, 28 Oct 2016
Surprised by smartphone

Not call, Intel – not call: Chipzilla modems in iPhone 7s fall short

Apple's iPhone 7 and iPhone 7 Plus come with one of two cellular modems, Qualcomm's MDM9645M modem or Intel's XMM7360 modem, depending upon the associated mobile carrier. In ideal conditions, the two modems perform equally well. But research firm Cellular Insights claims that at the edge of cell coverage areas, where signal …
Thomas Claburn, 26 Oct 2016
Image from Shutterstock 161369036

Will rush for New Radio compromise 5G quality?

Analysis The US operators have ended their long love affair with sub-1 GHz spectrum, which was so important to their LTE coverage roll-outs, and are leading the world in harnessing high frequency bands to address the challenge of the expected capacity demands of the 5G era. While regulators and operators in some areas – many in Europe …
Wireless Watch, 20 Oct 2016
Image by Daniel Wiedemann http://www.shutterstock.com/gallery-89719p1.html

Yahoo! spymasters! patent! biometric! online! ad! tracking! IRL!

Privacy sell-out Yahoo! has filed patents for roadside billboards outfitted with biometric spy cameras and microphones to collect data from passers-by. The NSA's bed warmer described a billboard that contained video and audio collection capabilities, and even retina scans and speech recognition to determine what viewers are …
Darren Pauli, 09 Oct 2016
image by TSHIRT-FACTORYdotCOM http://www.shutterstock.com/gallery-110716p1.html

Smash and grab PoS pwners ready with pre-Xmas malware update

A smash and grab malware gang has updated its FastPoS point of sales hack app to plunder credit cards more efficiently ahead of the festive season. The FastPoS author is known for issuing an annual update to the malware which throws stealth to the wind in favour of quick and noisy raiding. The technique marks FastPoS as …
Darren Pauli, 07 Oct 2016

Wasted: Kaspersky makes jokers of upstart ransomware VXers

Kaspersky has released a decryption tool that neuters the MarsJoke ransomware, less than a month after it was first revealed. The decryption effort is salvation for victims who are told they have 96 hours to pay the 0.7 Bitcoin (US$427) ransom before their data is permanently encrypted. MarsJoke, also known as Polyglot, …
Darren Pauli, 05 Oct 2016

Happy VXers get 400 enterprise-popping apps hosted on Google Play

More than 400 malicious apps from a single attacker have been successfully uploaded to the Google Play store, with one downloaded up to half a million times, Trend Micro malware researcher Echo Duan says. The malware is disguised as various games, phone boosters, and themes that when executed can compromise devices and …
Darren Pauli, 04 Oct 2016

Malware figures out it's running on VMs and refuses to execute

Malware writers are looking for the absence of documents to figure out which PCs are potential victims and which are virtual machines being used by white hats. SentinelOne senior researcher Caleb Fenton found the novel technique while attempting to coax the malware into activating so it could be analysed. The worm he was …
Darren Pauli, 23 Sep 2016
NSA

Cisco plugs another 'Shadow Brokers' hole

Cisco's post-Shadow Brokers security review has uncovered an IKEv1 vulnerability that can leak memory contents of its (deprecated) PIX firewalls and various IOS environments. Don't delay the patch, because the investigation found the bug was exploited in “some Cisco customers”. It attributes the bug to “insufficient condition …

iPhone 7's Qualcomm, Intel soap opera dumps a carrier lock-out on us

Analysis Love rat Apple two-times its long-suffering squeeze Qualcomm with dishy Intel – and it's going to keep the baby but only let some of us see it. Over a cheap bottle of chardonnay one dark night in Cupertino, Intel wooed Apple with flimsy promises. The pair felt a connection (around the 1.9GHz mark) after the iPhone maker opened …
Chris Williams, 18 Sep 2016

Top infosec vendors, cops, liberate thousands from ransomware

Warriors from industry and law enforcement collective No More Ransom have cleansed more than 2500 machines of ransomware by distributing free decryption keys and other tools to eradicate infections. No More Ransom is an alliance of cops and anti-malware experts including McAfee and soon-to-be-former parent company Intel, …
Darren Pauli, 14 Sep 2016
Nine inch iPad Pro and Smart Keyboard

Apple killed OS X today and binned its $10,000 BlingWatch too

Amid all the glamour and excitement of the the iPhone 7 launch, Apple snuck out a few other nuggets, some of them a little unhappy. Reg readers administering Macs need to know that come September 20th Mac OS X is dead. It'll be replaced on that day by macOS Sierra and probably spur a download frenzy, accompanying social media …
Simon Sharwood, 08 Sep 2016
Child sized crash test dummies at the TRL

Crash test dummy? Love the excitement of breaking an OS? Fedora 25 Alpha has landed

If you're a chronic complainer and nit-picker with a spare machine and a willingness to suffer multiple crashes, weird screen artefacts and possible data loss: Fedora 25's alpha has landed ahead of its anticipated November 2016 release. If you want to help the developers by breaking stuff, don't risk dual-boot on OS X if you' …

OneLogin breached, hacker finds cleartext credential notepads

Password attic OneLogin has been breached, and it's bad, because the service that suffered the breach is one often used by people to store credentials like admin password and software keys. The online credential manager says its Secure Notes facility was breached, allowing the intruder to read in cleartext notes edited between …
Darren Pauli, 31 Aug 2016
Image by Arak Rattanawijittakorn http://www.shutterstock.com/gallery-2364116p1.html

Demise of Angler, the world's worst exploit kit, still shrouded in mystery

The Angler exploit kit has all-but vanished and whoever knows why isn't talking. Angler was the most powerful and sought-after exploit kit on the market boasting rapid integration of new vulnerabilities that made it able to employ zero day attacks on Flash, Java, and Silverlight. It also employed a battery of complex …
Darren Pauli, 16 Aug 2016

Some benefits of digital health to NHS may be delayed by consent model consultation – expert

Opinion The realisation of some digital health benefits within the NHS might have been delayed by the extra requirement for consultation on a new consent model governing the use of patient data. A new consent and opt-out model could help clarify constraints that apply to data use in the NHS and promote new digital health initiatives. …
OUT-LAW.COM, 08 Aug 2016
HTTP/2 flow diagram

Two first-gen flaws carried over to HTTP/2, warn security bods

Black Hat Security researchers have unearthed four high-profile vulnerabilities in HTTP/2, a new version of the protocol. HTTP/2 introduces new mechanisms that effectively increase the attack surface of business critical web infrastructure, according to a study by researchers at data centre security vendor Imperva and released at the …
John Leyden, 03 Aug 2016

Diablo backers toss $18m in pot to forge software keys to XPoint DIMM kingdom

Analysis Things are looking up for Diablo Technologies. It has pulled in another $18m in funding and has tier 1 server OEMs qualifying its Memory1 flash-as-memory technology. Also the Netlist lawsuits seem to be going away. Back in January it announced a $19m C‑round of funding, taking total funding to $77.8m. That C‑round was kept …
Chris Mellor, 02 Aug 2016
Hammer and hardhat, image via Shutterstock

My Microsoft Office 365 woes: Constant crashes, malware macros – and settings from Hell

Sysadmin blog Microsoft Office remains one of the most important software products available, despite some rather nasty flaws. For me, Microsoft Office and video games anchor me to Windows. While video games seem set to remain largely Windows-only for the foreseeable future, Office is losing its grip. For a long time, I used Office because …
Trevor Pott, 29 Jul 2016
Batman. Credit: DC Comics.

Cisco busts ransomware rodent targeting bitcoin, cryptocoin subreddits

The eager-but-pwned net menace behind the JigSaw ransomware has been found targeting Reddit users with multiple malware in a bid to snare victims. The VXer is thought to be behind three ransomware variants, including the well-known Jigsaw which sports iconography from the Saw film, each lurking behind websites that foist the …
Darren Pauli, 27 Jul 2016
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Odds are your office is ill-prepared for network-ransacking ransomware

Organizations are unprepared for future strains of more sophisticated ransomware, a report by Cisco warns. The networking giant's 2016 Midyear Cybersecurity Report concludes that the next wave of ransomware is expected to be more pervasive and resilient. While current strains typically infect a single computer, future …
John Leyden, 26 Jul 2016

Security firms team to take down rudimentary ransomware

Two new ransomware efforts have been destroyed by meddling white hats. "PowerWare" and "Bart" have been dismembered and laughed at by good-guy hackers who found flaws that allow user machines infected by current forms of the threats to decrypt their files for free. Palo Alto's Tyler Halfpop, Jacob Soo and Josh Grunzweig, …
Darren Pauli, 25 Jul 2016
Seagate_Guardian_Brands

Seagate in 10TB drive brand brainstorm

Seagate has added three new 10TB helium drives, simultaneously re-branding its desktop/laptop disk and SSHDs, NAS and surveillance drive products in a complicated scheme involving disparate drive technologies. It introduced its first helium drive, the 7-platter 10TB Enterprise Capacity disk drive, in January. Now there are …
Chris Mellor, 21 Jul 2016

Ransomware gang: How can I extort you today?

Three out of four ransomware criminal gangs are willing to negotiate the shakedown price. And all the operators of file encrypting ransomware scams will give victims more time to pay up. So say security researchers at F-Secure, who investigated the "customer experience" of five active crypto-ransomware variants, beginning with …
John Leyden, 21 Jul 2016
Man reading newspaper with glasses on his head

Android malware blocks bank calls

Cybercrooks have put together a fake banking application that blocks victims’ outgoing calls to customer service. The Fakebank trojan blocks calls in order to stop victims from cancelling their stolen payment cards. The Android nasty is automatically programmed to cancel calls from being placed. Victims can, of course, use …
John Leyden, 14 Jul 2016