11 total posts
2 in 5 Brits cough up for CryptoLocker ransomware's demands
"Cowed victims hand over thousands rather than install basic security measures"
Around two in five people who fall victim to CryptoLocker have agreed to pay a ransom of around £300 to recover their files, according to a survey of victims.
Researchers from the University of Kent quizzed a total of 48 people who had been affected by CryptoLocker. Of the sample, 17 said they paid the ransom and 31 said they did not.
CryptoLocker encrypts files on compromised machines. Compromised files become unintelligible and unrecoverable - unless victims have made back-ups - without paying crooks an unlock fee, which skyrockets to as much as four Bitcoins (about £1,350) unless victims cough up within a 72 hour deadline.
The finding comes from the second survey (PDF) on Cyber Security by members of the University's Interdisciplinary Research Centre for Cyber Security. The "fieldwork" for the online study involved polling a sample of 1,500 adult Brits of various ages on eight cybercrime and information security-related questions.
Cryptolocker hit more UK victims than previously realised, researchers find
41% of British CryptoLocker Victims Sent Money to Cybercriminals
How emails can track your location and how to stop it
A new, free Google Chrome browser extension called Streak lets email senders using Google accounts see when recipients open email.
And, oh my, it also lets senders see who, exactly, opened the email, and where the recipient is located.
The extension, part of a customer relationship management (CRM) system that includes tools for sales, support and hiring, places email recipients on a map, with big red dots indicating their locations. It also gives users real-time location updates. [Screenshot]
Streak is a bit creepy. But it's not, of course, "changing the email game", as has been somewhat breathlessly claimed.
Streak may well be in the business of giving marketers the ability to eyeball our whereabouts and our email-opening schedules, but it certainly didn't invent email tracking - not by a long shot.
RSA rebel conference TrustyCon sells out despite ..
.. 'dirty tricks'
"Raises $20,000 for EFF, and support for some in security industry"
TrustyCon The TrustyCon security convention in San Francisco today has had a sell-out first show - which generated a $20,000 check for the Electronic Frontier Foundation.
TrustyCon was organized following the decision by F-Secure's Mikko Hypponen to pull out of the annual RSA conference in protest at the company's apparent complicity in using a cryptographic algorithm at the behest of the NSA - an algorithm that turned out to be hopelessly flawed. After more speakers pulled out of the RSA 2014 gathering, the decision was made to hold an alternative security conference discussing how to ensure trust in technology.
"For me it was a very personal decision. The revelations of the cooperation of a security company with an intelligence agency regarding weakening security are the definition of losing trust. If our users don't trust us we lose," Hypponen said.
Related: TrustyCon's RSA Conference rebels promise more to come
F-Secure Antivirus Research Weblog:
TrustyCon, the first "Trustworthy Technology Conference" was held yesterday in San Francisco. And Google/YouTube volunteered a camera crew. Nice! The full event can be viewed here:
Mikko's presentation begins at 15 minutes and 45 seconds.
Other speakers: Alex Stamos, Cindy Cohn, Marcia Hofmann, Christopher Soghoian, Joseph Menn, Bruce Schneier, Garrett Robinson, Yan Zhu, Chris Palmer, Dan Boneh, Steve Weis, Jeff Moss, and Ed Felten.
Continued : http://www.f-secure.com/weblog/archives/00002679.html
WhatsApp Hack Promises Messages, Delivers PUPs
"Malwarebytes Unpacked" Blog:
What is it? A site claiming to offer up a tool designed to grab WhatsApp user messages.
What does it do? Installs PUPs (Potentially Unwanted Programs) instead. Your messages are safe from would-be thieves.
Do we detect it? Yes, we detect the updater as PUP.Optional.OutBrowse
As we saw yesterday, WhatsApp is currently a hot target for scammers wanting to infect PCs - but it isn't just email spam you have to be wary of.
Here's a site offering up what it claims is a program designed to "grab all the messages of your friends now!" located at
Continued : http://blog.malwarebytes.org/fraud-scam/2014/02/whatsapp-hack-promises-messages-delivers-pups/
Google keeps an ever-closer eye on non-Play Store apps
SAN FRANCISCO -- Android owners who use apps installed from outside of the Play Store will soon find their devices just a smidge safer, as Google announced at the RSA Conference here that Verify Apps will soon keep an eye on non-Play Store apps even after you install them.
Adrian Ludwig, Google's Android security engineer lead, said the change builds on the Verify Apps security feature introduced last year. He explained the change during a talk on how Google has created a secure open-source operating system.
When the Verify Apps option is checked, Google will scan apps installed outside of the Play Store to make sure they're not malicious. This was a one-time check, but the new component, which requires no additional changes by the user, will warn you when an app is determined to be malicious even if it passes muster the first time around.
Gameover malware tougher to kill with new rootkit component
A new variant of the Gameover malware that steals online banking credentials comes with a kernel-level rootkit that makes it significantly harder to remove, according to security researchers from Sophos.
Gameover is a computer Trojan based on the infamous Zeus banking malware whose source code was leaked on the Internet in 2011. Gameover stands apart from other Zeus-based Trojan programs because it uses peer-to-peer technology for command and control instead of traditional servers, making it more resilient to takedown attempts.
At the beginning of February, researchers from security firm Malcovery Security, reported that a new variant of Gameover was being distributed as an encrypted .enc file in order to bypass network-level defenses. However, the latest trick from the Gameover authors involves using a kernel rootkit called Necurs to protect the malware's process from being terminated and its files from being deleted, researchers from Sophos said Thursday in a blog post.
Continued : http://www.pcworld.com/article/2103401/gameover-malware-tougher-to-kill-with-new-rootkit-component.html
Notorious "Gameover" malware gets itself a kernel-mode rootkit..
Gameover Borrows Kernel-Mode Rootkit from Necurs Malware
Identity Theft, Among Most Popular Complaints of 2013
Identity theft was one of the most prevalent complaints of US customers in 2013, a new Federal Trade Commission report (pdf) reveals.
Of the 2 million complaints analyzed last year, over 290,000 were related to identity theft. Some 30 per cent of the incidents were tax-related, the largest category within identity theft complaints.
The study also shows 43 percent of scammed victims were contacted via email, 21 percent by telephone and 20 percent via spoofed websites. In most cases, an identity thief used a legitimate taxpayer's identity to fraudulently file a tax return and claim a refund.
The report says 41 per cent of those affected by ID theft contacted law enforcement to solve the problem.
Florida has the highest rate of fraud and identity theft among US states, followed by Georgia and California. Theft affected all age groups fairly equally. One in five of those who fell victim to identity theft are in their 20s, while 19 per cent were between 30 and 39 and 17 per cent were aged from 50 to 59.
Netflix Phishing Scam leads to Fake Microsoft Tech Support
"Malwarebytes Unpacked" Blog:
Tech Support scammers are really creative these days. As if the Microsoft ruse was no longer in fashion, they are impersonating other popular companies, such as Netflix.
I came across what I first thought was a typical phishing scam targeting Netflix: [Screenshot]
Until I realized it wasn't, or at least that there was something more to it. Of course it stole my credentials: [Screenshot]
But it also displayed a message saying my account had been suspended: [Screenshot]
In order to fix this issue, you are urged to call "Netflix" at a 1-800 number. If you do a bit of a search you will find out this is not the official hotline, so this warranted a deeper investigation.
Once I called the number, the rogue support representative had me download a "NetFlix Support Software":