|
Post by jetstream23 on Jun 29, 2017 12:22:36 GMT -5
This has been a very interesting, targeted, state sponsored attack against Ukraine that has spilled over.....masked as ransomware.
Not sure if you guys follow this stuff but I deal with these kinds of things with work. And this one is absolutely wild.
|
|
|
Post by DDNYjets on Jun 29, 2017 12:47:01 GMT -5
Who is responsible, the Russians? Seems odd to go through all this trouble for just $12k in bitcoins. And who are the idiots that actually paid the ransom?
I wonder what effect, if any, the proliferation of these types of attacks will have on the values of cryptocurrencies.
|
|
|
Post by tbp on Jun 29, 2017 14:51:08 GMT -5
If they attacked the Hampur people would pay money to keep us off the net. #antiransom!
|
|
|
Post by quantum on Jun 29, 2017 14:55:42 GMT -5
it appears to be more aimed at destruction (ie a disk wiper, but not with a cloth!) than ransom. I think Kaspersky Labs is calling it "NotPetya"
|
|
|
Post by DDNYjets on Jun 29, 2017 15:08:41 GMT -5
|
|
|
Post by Big L on Jun 29, 2017 17:27:52 GMT -5
This has been a very interesting, targeted, state sponsored attack against Ukraine that has spilled over.....masked as ransomware. Not sure if you guys follow this stuff but I deal with these kinds of things with work. And this one is absolutely wild. Please elaborate.
|
|
|
Post by jetstream23 on Jun 29, 2017 22:08:31 GMT -5
This has been a very interesting, targeted, state sponsored attack against Ukraine that has spilled over.....masked as ransomware. Not sure if you guys follow this stuff but I deal with these kinds of things with work. And this one is absolutely wild. Please elaborate. It was disguised as ransomware but the email address to send Bitcoins was offline just a few hours after the attacks started. People I work with are convinced it was Russia. It targeted Ukrainian infrastructure like banks, airports, power grid, seaports, etc. and there is no evidence that anyone who paid ever received a successful decryption key. The attacks originated from a software update performed by a legitimate company that makes business software in the Ukraine called M.E. Doc. Their updating software was compromised (believed by a forged digital certificate that allowed them to distribute the attack to look like a legitimate, authentic software update from M.E. Doc) and then any business using that software that received an update was initially infected. The attacks also started the day before a Ukraine national holiday that celebrates the country's independence. The exploit that's used is something that's been known about since March and affects Windows-based OS's. Microsoft issued a patch months ago but not everyone has installed it which left them vulnerable. The initial exploit/attack was developed by our own NSA (Eternal Blue) and then stolen in a major hack done by a group called the Shadow Brokers who released a virtual treasure of NSA cyber attack tools including this.
|
|
|
Post by Big L on Jun 30, 2017 6:41:26 GMT -5
Sounds like we're all fucked eventually.
|
|
|
Post by DDNYjets on Jun 30, 2017 6:56:47 GMT -5
Sounds like we're all fucked eventually. I thinked they hacked the hampurs photobucket
|
|
|
Post by tkasper01 on Jun 30, 2017 7:23:29 GMT -5
Sounds like we're all fucked eventually. Not really. You need good perimeter protection and make sure all devices are patched to the current month, third party apps as well. You can also help yourself by not following links.
|
|
|
Post by Raoul Duke on Jun 30, 2017 8:09:19 GMT -5
|
|
|
Post by Big L on Jun 30, 2017 8:50:26 GMT -5
Sounds like we're all fucked eventually. I thinked they hacked the hampurs photobucket this place is getting sadder by the day.
|
|
|
Post by DDNYjets on Jun 30, 2017 9:01:40 GMT -5
I thinked they hacked the hampurs photobucket this place is getting sadder by the day. Im grateful for every one of them though.
|
|
|
Post by quantum on Jun 30, 2017 12:25:10 GMT -5
Sounds like we're all fucked eventually. on this site, with this team? THANKS CAPT. OBVIOUS!
|
|
|
Post by JStokes on Jun 30, 2017 12:36:40 GMT -5
Sounds like we're all fucked eventually. I thinked they hacked the hampurs photobucket Somebody hacked my avatar. I think I'll PM Ragu, see if he can fix it. _
|
|