North Korea Behind Ransomware...?!

[easyt65]

https://www.nytimes.com/2017/05/15/us/nsa-hacking-shadow-brokers.html?_r=0

"Intelligence officials and private security experts say that new digital clues point to North Korean-linked hackers as likely suspects in the sweeping ransomware attacks that have crippled computer systems around the world.

The indicators are far from conclusive, the researchers warned, and it could be weeks, if not months, before investigators are confident enough in their findings to officially point the finger at Pyongyang’s increasingly bold corps of digital hackers. The attackers based their weapon on vulnerabilities that were stolen from the National Security Agency and published last month.

Security experts at Symantec, which in the past has accurately identified attacks mounted by the United States, Israel and North Korea, found early versions of the ransomware, called WannaCry, that used tools that were also deployed against Sony Pictures Entertainment, the Bangladesh central bank last year and Polish banks in February. American officials said Monday that they had seen the same similarities.

All of those attacks were ultimately linked to North Korea; President Barack Obama formally charged the North in late 2014 with destroying computers at Sony"

At least 99 countries were 'hit' by this latest computer attack...if indeed proven to have been caused by North Korea, Un just got the world's attention...attention he does NOT want.

 

[Remodeling Maidiac]

They need to be delt with. Stealing files that could be life saving from a hospital or medical instution and holding them hostage can not be tolerated.

 

[TNHarley]

Didn't the group Anonymous say it was about to happen last week?

 

[Remodeling Maidiac]

The kid that found the solution to this attack is only 22. What a future he has!

 

[easyt65]

The Russians reportedly accused the United States for being behind this cyber attack.

Well, they're not totally wrong. The NSA developed software that allowed them to hack into computers...and then the NSA was hacked.

'Frankenstein's Monster' has been 'unleashed'.

The NSA under Obama testified it was not spying on Americans...right before it was exposed that YES they were spying on millions of Americans. The Obama administration spied on Americans, reporters, the media, and even Congress. The US Intel agencies have gone 'rogue', spying, leaking, and causing chaos (Being hacked no and its creation turned on the world).

Way past time to reign it in, but I am not sure you can get the 'genie back in the bottle' now.

 

[waltky]

NSA hacking tool used to create ransomeware...

Bad Rabbit malware allegedly used NSA hacking tool
Oct. 27, 2017 -- The Bad Rabbit malware, which U.S. analysts say originated in Russia, allegedly used a leaked National Security Agency hacking tool.

Cisco researchers found that the malware used an NSA tool called EternalRomance that takes capitalizes on a vulnerability in Windows computers by bypassing security over Server Message Block file-sharing connections. The vulnerability enables hackers to remotely execute instructions on Windows clients and servers. EternalRomance was leaked this year by a group called The ShadowBrokers, who released the tools they said were from the NSA.

Bad Rabbit was reportedly spread to computers using a fake Adobe Flash update.​

It is not, however, the same NSA tool made famous by earlier ransomware outbreaks NotPetya and WannaCry. The ShadowBrokers released several packages of the EternalRomance tools, all of which they said had been stolen from the NSA. The news comes after the U.S. Computer Emergency Readiness Team, a division of the Department of Homeland Security, said it's "received multiple reports" of ransomware infections called Bad Rabbit in many countries around the world, including Russia, Ukraine and Germany.

A fake Adobe Flash update reportedly helped spread the malware. Once installed on one computer, the hackers could use other techniques to spread it to other computers on the same network. The hack predominantly affected Russian users and even interrupted service in Ukrainian mass transit. However, the source of the attack is still unclear. "There is a lot of speculation that Russia is the main target, which may be true, but does not rule out Russia as the attacker," Dr. Andrea Little Limbago, chief social scientist at Endgame, said.

Bad Rabbit malware allegedly used NSA hacking tool

 

[waltky]

Mebbe it wasn't the No. Koreans after all...

5 arrested in Romania for spreading ransomware in U.S., Europe
Dec. 20, 2017 -- Romanian officials have arrested five people they believe are responsible for one of the most widespread ransomware crimes ever, authorities said Wednesday.

Officials said the group of five were arrested on suspicion of unauthorized computer access, serious hindering of a computer system, misuse of devices with the intent of committing cyber crimes and blackmail. A device compromised with ransomware will not function until the user pays a price.

Romanian officials said Wednesday five people were arrested, believed to be responsible for one of the most widespread ransomware schemes ever.​

Officials believe three of the suspects infected computer systems by spreading the Curve-Tor-Bitcoin Locker malware. The other two are believed to be involved with spreading Cerber, a ransomware focused on extorting money from users in the United States. The five suspects did not design the software but are believed to have paid the designers 30 percent of their take.

According to computer security software company McAfee, CTB-Locker was the widest used ransomware in 2016. In July, Google ranked Cerber as the most criminally profitable ransomware, with a haul of nearly $7 million from victims.

5 arrested in Romania for spreading ransomware in U.S., Europe