[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

Ransomware attack in Ukraine 'not designed to make money',

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /news/ - Current News
  3. Ransomware attack in Ukraine 'not designed to make money',
Thread replies: 3
Thread images: 1

Anonymous
Ransomware attack in Ukraine 'not designed to make money', researchers claim 2017-08-26 03:29:59 Post No. 171782
[Report] Image search: [Google]
File: 4958.jpg (273KB, 1920x1152px) Image search: [Google]
4958.jpg
273KB, 1920x1152px
Ransomware attack in Ukraine 'not designed to make money', researchers claim Anonymous 2017-08-26 03:29:59 Post No. 171782 [Report]
Digital security researchers say malware attack that spread from Ukraine appeared to be focused on damaging IT systems

A ransomware attack that affected at least 2,000 individuals and organisations worldwide on Tuesday appears to have been deliberately engineered to damage IT systems rather than extort funds, according to security researchers.

The attack began in Ukraine, and spread through a hacked Ukrainian accountancy software developer to companies in Russia, western Europe and the US. The software demanded payment of $300 (£230) to restore the user’s files and settings.

The malware’s advanced intrusion techniques were in stark contrast with its rudimentary payment infrastructure, according to a pseudonymous security researcher known as “the grugq”.

The researcher said the software was “definitely not designed to make money” but “to spread fast and cause damage, [using the] plausibly deniable cover of ‘ransomware’”.

This analysis was supported by UC Berkley academic Nicholas Weaver, who told the infosec blog Krebs on Security: “I’m willing to say with at least moderate confidence that this was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware.”

>The NotPetya malware is so-called because while it shares code with an earlier ransomware strain called Petya, it is “a new ransomware that has not been seen before”, according to security researchers at Kaspersky Lab. It requires infected users to send $300 in the cryptocurrency bitcoin to a payment address that appears hardcoded into the software.

>The address for sending the payment and a 60-character, case-sensitive “personal installation key”, are only presented in text on the ransom screen, and require a confirmation email to be sent to an address hosted by the German email provider Posteo.

https://www.theguardian.com/technology/2017/jun/28/notpetya-ransomware-attack-ukraine-russia
>>
Anonymous 2017-08-26 03:30:32 Post No.171783
[Report]
Anonymous 2017-08-26 03:30:32 Post No.171783 [Report]
>Posteo quickly closed the email account, meaning that even if victims paid, they would not be able to decrypt their computers.

>“If this well-engineered and highly crafted worm was meant to generate revenue, this payment pipeline was possibly the worst of all options (short of ‘send a personal cheque to: Petya Payments, PO Box …’),” the grugq said.

>In contrast to the payment infrastructure, the malware’s infection techniques were described as “well-written”, using a number of different methods to ensure maximum damage to the networks it penetrates.

>NotPetya, which uses the NSA hacking tool EternalBlue to enterWindows-operated machines with unpatched security, steals passwords in an attempt to gain administrator access over the entire network. It then begins spreading itself as a forced update to all machines on the network, before encrypting their hard drives.

>But unlike WannaCry, the malware that powered a global ransomware attack last month, NotPetya does not contain code that enables it to leave a network once it has spread.

>The majority of the infections – 60%, according to Kaspersky – are within Ukraine, where the accounting software which appears to have introduced the malware is one of two legally mandated software suites used to file taxes.

>At least one of the major non-Ukrainian organisations affected, the Danish shipping firm Maersk, also appeared to use the software, according to a job posting shared on Twitter.

>Ukraine has suggested Russia may have been behind the attack, which struck on the eve of Ukraine’s constitution day, which celebrates the country’s split from the Soviet Union. Russia annexed Crimea from Ukraine in 2015 and pro-Russia separatists continue to fight government troops in the east of the country.
>>
Anonymous 2017-08-26 03:34:50 Post No.171785
[Report]
Anonymous 2017-08-26 03:34:50 Post No.171785 [Report]
>Kiev has previously blamed Russia for a series of cyber-attacks, which Russia denies. Russian companies were also hit by NotPetya, including the Rosneft oil company which said cash registers at some petrol stations were affected without offering further details.

>Ukraine said on Wednesday it had contained the attack and “all strategic assets, including those involved in protecting state security, are working normally”.

>Finding the perpetrator of the attack is difficult, said Mark McArdle, chief technical officer at cybersecurity firm eSentire. “Finding irrefutable evidence that links an attacker to an attack is virtually unattainable, so everything boils down to assumptions and judgment.”

>The Kremlin spokesman Dmitry Peskov said: “[The attack] again proves the Russian thesis that such a threat requires cooperation on the global level.”
Thread posts: 3
Thread images: 1
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.