It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Another global ransomware cyber-attack

page: 3
18
<< 1  2   >>

log in

join
share:

posted on Jun, 27 2017 @ 05:12 PM
link   
a reply to: knowledgehunter0986

Everyone hacks everyone now, right?




posted on Jun, 27 2017 @ 05:16 PM
link   
a reply to: Kali74

I'm still not sure what you're trying to allude to..



posted on Jun, 27 2017 @ 05:49 PM
link   
As research is still continuing the variant has been identified as modified version of Petya called Petrawarp.
And yes it is moving west. U.S. drug company Merck has been hit as well.

There is absolutely no need for all of this, we built the Foxtrot Frankenstein.



posted on Jun, 27 2017 @ 08:01 PM
link   
a reply to: flatbush71
Power source may also refer to:

A source of primary energy, an energy form found in nature that has not been subjected to any conversion or transformation process
Energy carrier, or secondary energy, a substance or phenomenon that contains energy that can be later converted to other forms such as mechanical work or heat or to operate chemical or physical processes



posted on Jun, 27 2017 @ 08:14 PM
link   

originally posted by: flatbush71
As research is still continuing the variant has been identified as modified version of Petya called Petrawarp.
And yes it is moving west. U.S. drug company Merck has been hit as well.

There is absolutely no need for all of this, we built the Foxtrot Frankenstein.


Exactly.

I wondering if there's more to PetrWrap than what just seems to be going on.



posted on Jun, 28 2017 @ 01:48 AM
link   
a reply to: knowledgehunter0986

You can't never be sure, but I simply applied Occam. If I were a cracker that aimed at taking out as many as possible Windows systems, I would certainly NOT advertise this fact by putting up banners and ask for money. I would silently infect as many systems as I could and then, say after a few days, would encrypt the hard drive without any further notice. Let "them" figure out what happened.

The rather clumsy way they asked for money - mail your bitcoin data to this address.. - is suspicious, but may indicate that the author may be quite young aand/or inexperienced. Similarly, the odd choice of files that are and aren't decrypted seems to indicate a rather stupid agent. Add to that that it does not take much to assemble stuff like this if you have time and some open source toolkits at your hand and the picture emerges of some Ukrainian boy that hacked himself to glory (well, kinda). No new exploits were used, in as far as we know by now.

Not too many infections have been spotted outside Eastern Europe and the number of reported infections isn't rising as quickly as expected. It seems that MeDoc was the infection source.

So: a script kid / beginner. Not the NSA, nor the Russians (whom, as I read, now have to send out real scientists of flesh and blood to Chernobyl, as the reporting stations that measure the current levels of radiation also were taken out).



posted on Jun, 28 2017 @ 03:15 AM
link   
I think this is a combination of people out to make a quick buck in bitcoin taking advantage of apparently incompetent admins who still havent updated their systems even after WannaCry but also a precursor to something more serious..

Some of these infected systems could be confronted with the typical 300$ ransom and encrypted files. The companies give in and pay the ransom then go on to think all is dandy meanwhile there could be other holes left open. I mean, with this kind of access - other malware could also be hiding without a notification via ransom being displayed just waiting, gathering data in the meantime silently.



posted on Jun, 28 2017 @ 11:58 AM
link   

A global cyber-attack that affected companies around the world may have started via corrupted updates on a piece of accountancy software.

Fingers are increasingly pointing to a piece of Ukrainian tax-filing software, Medoc, as the source of the infection, although the company denies it.

Malware generally infiltrates networks via email attachments that users click on in error.

...

In email correspondence with the BBC, Mr Hutchins said: "It looks like the software's automatic update system was compromised and used to download and run malware rather than updates for the software."

It was not yet clear how it had been compromised, he added

BBC.com, news, technology - Tax software blamed for cyber-attack spread.

A back-door through a legitimate update? The article says it hit the Ukraine the hardest so it may be "politically motivated."

If it was a Ukrainian "tax software" that would explain why the US was mostly spared. The US would not be using that tax system or software. And it looks for MS MFT and the previously patched SMB exploit. Which means people did not patch their systems with the SMB patch.

With auto-update on and a trusted update it would be very hard to stop this from spreading.

The bad thing is it now shows the script kiddies a new approach to getting mal-ware/ransom-ware onto computers.



posted on Jul, 1 2017 @ 03:49 PM
link   




On topic:

Yeah, it looks like the NSA tools allowed this to happen.


Not so sure. Actually, many software engineers introduce "backdoors" in their code for testing purposes, with the full intent to remove them in the production version. But sometimes such backdoors remain in the code. Intelligence agencies are aware of this and try to find such backdoors. Most backdoors give you access to the core of the system, and often with elevated rights. This enables you to do with the system whatever you want. So, you can actually do stuff like monitoring the screen, gather keypresses (including your passwords), sniff disks and networks, take screenshots etc. - and all without the subject even realising this. Secret services SHOULD of course report this to - say - Microsoft, but well, then MS would patch the systems and in effect kill their intelligence..

OK so not Ivan after all, having given thought to this, given that all Intel or MS chips have built-in codes & that there is certainly not only a back door but a means to trace the owner of said CPU, now add to that, that the G**gle complex in America is next door to the NSA mainframe, and that the new G**gle complex is situated right where the fibre optic cables from the USA meet mainland Europe, you can imagine they can look into everything.

The latest attack cost the rotterdam shipyards millions, and now they want 100 million to deal with the problem.
WTF...i can install their computers with some free online software that would have prevented the NotPeta attack.

Hell i only want 50 mill for the job, i'm not greedy or anything


It's their own damn fault for not paying attention but hey, let's try to milk a disaster, right?



posted on Jul, 1 2017 @ 04:07 PM
link   
a reply to: TEOTWAWKIAIFF

Absolutely right!

My passport is dealt with by a private company in Paris, my wages calculated by an Amercan company, my pension & tax are dealt with by a Dutch software firm, my pension index is worked out on a computer in India.

Yet i am a citizen of none of these countries.

Scary isnt it?



new topics

top topics



 
18
<< 1  2   >>

log in

join