Tag: Malware

1
Surveillance software targets WhatsApp users
2
Ransomware, get your ransomware here, and you too can share in the profits!
3
Step right up and get your malware – no skill required, prices start at $20!
4
2018 Trends in Cyber-crimes so far…
5
Cyber-criminals outspend organisations more than 10 times in bid to find cybersecurity weaknesses – who says cyber-crime doesn’t pay?
6
Research reports say risks to smartphone security aren’t phoney
7
Malware with your coffee? Starbucks customers sent to the virtual mines… to find bitcoins
8
Is nothing safe? New malware targets industrial control systems
9
A New Type of Cyberattack: AI-Powered Cyberattacks
10
Update everything: Discovery of Wi-Fi flaw in connected devices

Surveillance software targets WhatsApp users

By Cameron Abbott, Rob Pulham and Michelle Aggromito

Unfortunately for all of us, Privacy Awareness Week doesn’t mean a chance to take a break from seemingly endless data breach notifications and social media vulnerabilities.

This week it’s WhatsApp’s turn, with reports that hackers, or as WhatsApp described as “an advanced cyber-actor”, have been able to remotely install surveillance software on phones and other devices of select targets, likely to be lawyers, journalists, activists and human rights defenders. The hackers were able to compromise the devices by using WhatsApp’s call function to ring the devices. The surveillance software was still installed even if the call was not picked up and the call reportedly would disappear from the compromised device’s call log. This means the malware could be installed without any action from the compromised user – and potentially without them even being able to determine that they had been compromised.

The surveillance software effectively rendered the app’s prized end-to-end encryption redundant as it allowed the attacker to read messages on the compromised devices.

WhatsApp released a fix last Friday and has encouraged all its users to update their apps, but some questions still remain.

In particular, while the app update fixes the issue that allowed the attack in the first place, it is not clear if the update can also remove the surveillance software embedded in already compromised devices.

WhatsApp has described the hackers as “a private company that has been known to work with governments to deliver spyware”, which news outlets have reported is Israel’s NSO Group. Regardless of the parties involved, the ability to defy WhatsApp’s encryption is a scary reminder of the potential impact of a “technical capability” that could be required under the recently enacted Australian encryption laws (except that it has not been kept secret!). If you would like to know more about the new laws, check out our recent blog posts ‘What do you need to know about the encryption killing legislation’ and ‘To encrypt or not encrypt? That is the question’, or feel free to contact us for any assistance or information.

Ransomware, get your ransomware here, and you too can share in the profits!

By Cameron Abbott and Colette Légeret

The expansion of the “service industry” into malware-as-as-service (MaaS), is not the only cyber-attack available online, Bleeping Computer found ransomware-as-a-service (RaaS), that not only uses FilesLocker malware and targets Chinese and American victims, it also offers users a sliding commission pay-scale that rises the more ransomware victims infected.

Bleeping Computer was put on the trail of this RaaS by security researcher, Neutral8✗9eR, who saw it being marketed through a Chinese malware forum on TOR.

Read More

Step right up and get your malware – no skill required, prices start at $20!

By Cameron Abbott and Colette Légeret

It seems that the “service industry” has expanded into cyber-crime without us knowing about it as the Fortinet research team recently discovered. They came across malware-as-a-service schemes available on several Dark Web forums, with one designed as an easy-to-use point of entry for beginner Distributed Denial of Service (DDoS) attackers.

The DDoS kit disguises itself as a legitimate “booter” or “stresser” service and as it is relatively easy to set-up, almost anyone can go into the “DDoS a website for a fee” business. Some of the offerings are incredibly customisable. The research team found one such service that went operational on 17 October 2018 called “Ox-booter” which uses the Bushido botnet for its attacks. Bushido itself is relatively new, having only been identified in September 2018.

Read More

2018 Trends in Cyber-crimes so far…

By Cameron Abbott and Colette Légeret

The first half of 2018 has been busy for cyber-criminals and cyber-security alike. According to Trend Micro, cryptocurrency mining detections have jumped 96% in this six month period compared to the total number detected in 2017.

In that same time, over 20 billion threats were blocked by Trend Micro’s Infrastructure, a few billion threats less than in the first half of 2017. Of these threats, less were “spray and pay” ransomware attacks and breaches, as cyber-criminals are flying under the radar with crypto-jacking, along with fileless, macro and small file malware techniques.

Read More

Cyber-criminals outspend organisations more than 10 times in bid to find cybersecurity weaknesses – who says cyber-crime doesn’t pay?

By Cameron AbbottRob Pulham and Colette Légeret

Cyber attackers are able to search for that one weak link in corporations defences whereas corporates have to create a completely strong chain of defence against every possible scenario.  This asymmetrical fight would you think mean organisations would have to outspend attackers by many multiples.

However, according to software company, Carbon Black, the situation is worse than that because it appears that cyber criminals are outspending corporation!  Cyber-crime is big business, and as such, cyber-criminals are spending an estimated $1 trillion each year on finding weaknesses in the cyber defences of organisations and developing new ways of attacking them, in comparison to the $96 billion spent by organisations in an attempt to secure themselves from these cyber-attacks.

Read More

Research reports say risks to smartphone security aren’t phoney

By Rob Pulham, Warwick Andersen and Sarah Goegan

Beware! Your favourite apps may be putting your phone and data at risk. Reports from Allot and BitSight have examined rising threats to the security of our mobile devices.

Read More

Malware with your coffee? Starbucks customers sent to the virtual mines… to find bitcoins

By Cameron Abbott and Harry Crawford

“Free” Wi-Fi isn’t necessarily so. The Wi-Fi provided in a Starbucks store in Buenos Aires was recently discovered to be planting malware onto customer’s laptops. This is another lesson in how cybersecurity can affect even the most innocuous corner-store businesses.

Read More

Is nothing safe? New malware targets industrial control systems

By Cameron Abbott and Harry Crawford

I’m sure I saw this in Die Hard 4 but “life imitates art”.   A new type of malware has been discovered in a very rare field of operation for hackers: attacking industrial control systems. Cybersecurity firm FireEye has been tight-lipped in detailing the attack, but has indicated that it was against “a critical infrastructure organization” which inadvertently caused operations to shut down. The attack is also reminiscent of the infamous “Stuxnet” virus that was used against Iranian nuclear power plants in 2010. Read More

Update everything: Discovery of Wi-Fi flaw in connected devices

By Cameron Abbott, Rob Pulham and Olivia Coburn

A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.

The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.

Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.

Read More

Copyright © 2019, K&L Gates LLP. All Rights Reserved.