Recent Posts

Recent Blog Posts

The PhishLabs Blog

New Ransonware Techniques, Prison Phone Breach, Christmas Fraud Predictions, and more | TWIC - November 13, 2015

Posted by Lindsey Havens on Nov 13, '15

TWIC_branding

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

  • ISIS supporter Cyber Caliphate takes over 54,000 Twitter accounts (ZDNet)
    ISIS sympathizers have launched an attack against the FBI, CIA and hijacked over 54,000 Twitter accounts in retaliation for a drone strike which killed a British ISIS extremist.

  • Ransomware Now Gunning for Your Web Sites (Krebs on Security )
    One of the more common and destructive computer crimes to emerge over the past few years involves ransomware — malicious code that quietly scrambles all of the infected user’s documents and files with very strong encryption.  A ransom, to be paid in Bitcoin, is demanded in exchange for a key to unlock the files. Well, now it appears fraudsters are developing ransomware that does the same but for Web sites — essentially holding the site’s files, pages and images for ransom.

  • Refined Ransomware Streamlines Extortion (Bank Info Security)
    Notably, the gang behind notorious CryptoWall ransomware, which has been tied to at least $325 million in criminal proceeds, has released an updated and more streamlined version of their data-encrypting malware, and more than doubled the ransom they demand to decrypt infected PCs.

    Ransomware meets Linux - on the command line! (Naked Security)
    In the past year, we've seen refrigerators being hacked, Jeeps being remotely controlled by attackers while the driver is a helpless passenger, and everything from baby monitors to routers being criticized for poor security which can place not only our Internet of Things (IoT) devices at risk, but our personal privacy and security.

  • TalkTalk Hack: UK Police Bust Teenage Suspect (Bank Info Security)
    TalkTalk has warned that the hack may have resulted in personal data on up to 4 million subscribers being stolen. The company recently confirmed that it received a ransom demand from the alleged hacking group behind the attack.

  • Police nab 9 for allegedly spoofing bank employees in £60 million scam (Naked Security)
    The Linux/Ransm-C "product" is ransomware, plain and simple, built into a small command line program designed to help out crooks who want to practise a spot of extortion against Linux users.

  • Securus prison phone call data breach raises privacy, supply chain questions (SC Magazine)
    The large breach of Securus Technologies prison phone call data that exposed more than 70 million phone records of prisoners in 37 states and, in many instances, revealed the content of privileged conversations between inmates and their attorneys, raises a number of privacy concerns and is a wakeup call for prisons and other organizations to tighten security at every point in their supply chains.

  • Bumper Christmas for Fraudsters Predicted After 25% Spike in Q3 (InfoSecurity Magazine)
    Anti-fraud experts have warned e-tailers that this year could be the biggest Christmas for cybercrime ever, after 45 million attacks on e-commerce firms were stopped in Q3.

  • Chrome Zero-Day Exploit Leaves Millions of Android Devices Vulnerable to Remote Hacking  (The Hacker News)
    Hackers have found a new way to hack your Android smartphone and remotely gain total control of it, even if your device is running the most up-to-date version of the Android operating system.

  • Ransomware-as-a-service surfaces, wants 10 percent profit cut (The Register )
    No technical information is offered regarding the capabilities of the ransomware -- which is claimed to be some version of the well known CryptoLocker -- and should serve as a warning for all would-be criminals thinking of signing up.

Topics: Phishing, PhishLabs, Exploit, Strategy, The Week in Cybercrime, Data Breach, Ransomware, Hacked, Breach

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all