Tag Archives: european

It’s 2017, and UPnP is helping black-hats run banking malware

Pinkslipbot malware copies Conflicker for C&C channel Another banking malware variant has been spotted in the wild, and it’s using UPnP to pop home routers to expose unsuspecting home users, recruited as part of the botnet.…

Read the article:
It’s 2017, and UPnP is helping black-hats run banking malware

Mysterious Hajime botnet has pwned 300,000 IoT devices

The Dark Knight of malware’s purpose remains unknown Hajime – the “vigilante” IoT worm that blocks rival botnets – has built up a compromised network of 300,000 malware-compromised devices, according to new figures from Kaspersky Lab.…

Read More:
Mysterious Hajime botnet has pwned 300,000 IoT devices

Get ready for the cyber war in 2017: know your enemy

The current state of the cyber security industry is troubling to say the least, with 2016 experiencing a greater number of successful, more vicious cyber attacks than ever before The past few months have summed up the current state of the cyber security industry. In a matter of days at the end of November the European Commission was brought offline by a distributed denial-of-service (DDoS) attack, San Francisco’s Municipal Railway was held to ransom by ransomware in a system-wide attack and it was revealed that in September the Japanese Defence Ministry and Self-Defence Forces were hacked, which may have compromised Japan’s internal military network. It seems almost farcical, and from these recent examples it is evident that critical infrastructure is totally unprepared for an attack and will continue to be severely vulnerable at the beginning of 2017. It is not just the public sector that is suffering, with private organisations facing daily hacking attacks despite serious investment in cyber security strategies. The problem is inherently twofold. The first is that cyber criminals and their tactics are constantly evolving, becoming more overwhelming and hard to detect by the day, it seems. The ferocity of cyber attacks was illustrated last year by the Mirai botnet n(or Dyn) attacks that overran a number of systems using corrupted Internet of Things (IoT) devices. When the malicious code was first published online in October, it gave a suspected group of teenagers the ability to shut down the likes of Twitter and Spotify. In the preceding month, Liberia’s internet was taken offline using the same code. Improving the security of IoT devices will be crucial during 2017. This is where the most devastating cyber attacks will originate. Source: http://www.information-age.com/get-ready-cyber-war-123464202/

Original post:
Get ready for the cyber war in 2017: know your enemy

Indian Bitcoin Exchange Suffers Outage as DDoS Attacks Continue

T he onslaught of DDoS attacks targeting bitcoin websites around the world isn’t showing any signs of abating as an Indian bitcoin exchange came under attack today. Indian bitcoin exchange Coinsecure saw a spike in traffic this Monday morning local time. The number of connections attempting to reach the website was enough to disrupt exchange activity. Operational delays ensued on its website, mobile application and other API-enabled platforms. In an email to customers, the bitcoin exchange revealed the reason for the delays. We were under a massive DDoS attack this morning that blocked traffic temporarily to our website, API and Android App. You may have experienced delays in withdrawals and deposits as well, this morning. The email, which reached customers afternoon in local time, confirmed that the website was fully operational again, following several hours of disruption. Bitcoin Exchanges. Ripe Targets? Bitcoin exchanges and websites are perhaps the most-obvious targets for DDoS extortionists seeking ransom in bitcoin.  Still, Kraken CEO Jesse Powell told CCN in an earlier exchange that bitcoin companies aren’t always the best targets. “Most Bitcoin companies aren’t profitable and we’re therefore not great targets,” said Powell, whose exchange suffered a DDoS attack in November last year. Thai bitcoin exchange Bitcoin Co. Ltd., also suffered a DDoS attack in November 2015, albeit from a different perpetrator. “We have received several DDOS-ransom letters to https://bx.in.th,” Bitcoin Co. Ltd Managing Director David Barnes told  CCN . “[The] last was supposedly from Armada Collective requesting 10BTC.” More importantly, he added: Attackers seem to lose interest quickly when you block them or don’t respond to their messages. CCN was also targeted in November 2015, with one extortionist communicating via email to demand 2 bitcoins in ransom. The email was ignored and we duly put up a 5 BTC reward for any information leading to a successful police report. While we came short of finding details, CCN continues to be targeted frequently with DDoS attacks. At the time in 2015, bitcoin was trading near peaks of $500 and has come a considerable way since while avoiding volatility. As the value of the cryptocurrency makes gains with stable footing, bitcoin businesses and websites continue to remain targets. A New Wave of Attacks The latest instances of DDoS disruptions could ostensibly be new wave of attacks targeting bitcoin websites. Last week, European bitcoin and altcoin exchange BTC-e was also targeted, resulting in temporary disruption of exchange activity. CCN was also the target of a DDoS attack last week. The website saw temporary disruption lasting 1-2 hours before the attacks were mitigated. Source: https://www.cryptocoinsnews.com/indian-bitcoin-exchange-suffers-outage-ddos-attacks-continue/

Continue reading here:
Indian Bitcoin Exchange Suffers Outage as DDoS Attacks Continue

FBI Tries to Curb Young DDoS Hackers

In coordination with Europol’s European Cyber Crime Centre (EC3), the FBI conducted a series of interviews and arrests Dec. 5-9 aimed at reducing the number of young people acting as Distributed Denial of Service (DDoS)-for-hire hackers. “DDoS tools are among the many specialized cyber crime services available for hire that may be used by professional criminals and novices alike,” said Steve Kelly, FBI unit chief of the International Cyber Crime Coordination Cell (IC4). “While the FBI is working with our international partners to apprehend and prosecute sophisticated cyber criminals, we also want to deter the young from starting down this path.” Law enforcement agencies participated from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States, and the combined effort led to 34 arrests and 101 suspects interviewed and cautioned. The effort mainly targeted hackers under 20 who were suspected of paying for services that would maliciously flood an online target with so much data that users would be unable to gain access. The operation also marks the kick-start of a campaign in all participating countries to raise awareness of young people getting involved in cyber crime and to point those people toward positive outlets for their hacking skills. “Today’s generation is closer to technology than ever before, with the potential of exacerbating the threat of cyber crime,” said Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3). “Many IT enthusiasts get involved in seemingly low-level fringe cyber crime activities from a young age, unaware of the consequences that such crimes carry. One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose.” Europol also identified that young hackers are most likely to be responsible for crimes in which they hack to take control or information from a computer, create or use malware and viruses, and carry out DDos attacks. “No law enforcement agency or country can defeat cyber crime alone,” an FBI statement said. “This demands a collective global approach.” Source: https://www.meritalk.com/articles/fbi-tries-to-curb-young-ddos-hackers/

Follow this link:
FBI Tries to Curb Young DDoS Hackers

Larger, more complex, financially motivated DDoS attacks on the rise

DDoS attacks are becoming increasingly larger, more complex, and perpetrated by cyber extortionist instead of hacktivists and vandals, the results of Arbor Networks' 11th Annual Worldwide Infrastructu…

See more here:
Larger, more complex, financially motivated DDoS attacks on the rise

Group using DDoS attacks to extort business gets hit by European law enforcement

On 15 and 16 December, law enforcement agencies from Austria, Bosnia and Herzegovina, Germany and the United Kingdom joined forces with Europol in the framework of an operation against the cybercrimin…

More here:
Group using DDoS attacks to extort business gets hit by European law enforcement

Xen Project plugs critical host hijacking flaw, patch ASAP

The latest security update (XSA-145 through 153) for the popular Xen virtualization software fixes nine issues. Eight of them can lead to Denial of Service, but the ninth is much more serious than…

Read More:
Xen Project plugs critical host hijacking flaw, patch ASAP