Articles for July 2018

New research reveals that SamSam ransomware has affected far more victims, and raised far more ransom, than previously thought.

Source: SamSam: The (almost) $6 million ransomware

Researchers are tracking a remote access trojan (RAT) on underground markets that, so far, has only been attributed to one small malicious email campaign. However, the RAT, dubbed Parasite HTTP by the

Source: Highly Sophisticated Parasite RAT Emerges on the Dark Web

Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.

The upshot of this weakness is that cyber criminals could harvest the data and use it in targeted phishing campaigns that spoof LifeLock’s brand. Of course, phishers could spam the entire world looking for LifeLock customers without the aid of this flaw, but nevertheless the design of the company’s site suggests that whoever put it together lacked a basic understanding of Web site authentication and security.

Source: LifeLock Bug Exposed Millions of Customer Email Addresses — Krebs on Security

Vulnerable ERP applications are being increasingly targeted by attackers.

Source: ERP security warning as hackers step up attacks on systems | ZDNet

There’s terrible news for Apple users in China.

Apple’s Chinese data center partner has transferred iCloud data, belonging to 130 million China-based users, to a cloud storage service managed by a state-owned mobile telecom provider—raising concerns about privacy.

Back in February this year, Apple moved the encryption keys and data of its Chinese iCloud users from its US servers to local servers on Chinese soil to comply with the new regulation of the Chinese government, despite concerns from human rights activists.

Source: Apple Transfers Chinese Users’ iCloud Data to State-Controlled Data Centers

The worst offenders have been thrown behind bars for up to 20 years.

Source: US makes an example of Indian call center scam artists with stiff sentences | ZDNet

37 terabytes of data per second… let that sink in… 37 terabytes per second.  That’s a lot of game analytics!

Parent Epic Games has to process data from its flagship game, devices and micro services. Here’s a look at Fortnite’s AWS’ powered architecture.

Source: How Fortnite approaches analytics, cloud to analyze petabytes of game data | ZDNet

The punishment (possible) doesn’t fit the crime… IMHO.

As it was speculated that the author of LuminosityLink RAT was arrested last year, a plea agreement made available to the public today confirmed the news.

Back in September last year, Europol’s European Cybercrime Centre (EC3) and National Crime Agency began the crackdown on the LuminosityLink RAT, targeting sellers and users of the malware, which resulted in the seizure of a considerable number of computers and internet accounts across the world, and complete takedown of the threat.

Source: 21-Year-Old Creator of LuminosityLink Hacking Tool Pleads Guilty

Security researchers have uncovered a “highly targeted” mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India.

The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control and enforce policies on devices being used their employees—to contol and deploy malicious applications remotely.

Source: Hackers Used Malicious MDM Solution to Spy On ‘Highly Targeted’ iPhone Users

Last week’s megastory was the Gentoo breach that saw an entire online Linux code repository hacked – now we know how it happened…

Someone broke into the Linux distro’s GitHub repository, took it over completely by kicking out all the Gentoo developers, infected the source code by implanting malcious commands (rm ‑rf) all over the place, added a racist slur, and generally brought a week of woe to the world of Gentoo.

Source: Linux experts are crap at passwords!