On October 12, 2017, the SBU's Ukrainian security service warned against a planned massive cyber-attack against Ukraine, which, like the June Petya/NotPetya ransomware attack, is targeting both government institutions and private companies. He attacked about 12500 computer systems running Windows, encrypted files on them and demanding a ransom of $ 300 for their decryption, which is now about $ 6600; according to security experts, decryption could not work.
On 24 October, a large-scale computer attack of a new cryptolocker named Bad Rabbit was detected in Ukraine, which attacked, for example, the Odessa International Airport, the Kiev subway and the Ukrainian Ministry of Infrastructure. Other targets are in the Russian Federation, Bulgaria, Japan, Germany, Turkey, Montenegro and probably the United States.
The initial infection of the computer will take place after a user visits a compromised website and can be sure to click on the installation of an alleged Adobe Flash update; in fact, it will install malware that attempts to expand to other machines using the ETERNALROMANCE attack (MS17-010), and of course encrypts files on the disk, displays a warning message, and requests a ransom of 0.05 BTC, currently around $ 200.
Bad Rabbit malware code is actually taken from Petya/NotPetya malware. Unlike the previous ransomware, however, the security teams state that the mechanism of potential decryption should actually work; however, you need to be warned before paying the ransom, just as usual.
A new malware attack that exploits the well-known Dynamic Data Exchange (DDE) in Microsoft Office allows malware to run on your computer. The dangers now do not lie in the fact that the user should allow macros to run as has been common; this time there are two considerably less bursting questions before the user:
This document contains links that may refer to other files. Do you want to update this document with the data from the linked files?
The remote data (...) is not accessible. Do you want to start the application c:\windows\system32\cmd.exe?
This malware is already being used extensively. The best defense is common sense, which is not to blindly accept any unsolicited offer.
Just before the year, October 25, 2016, an extremely powerful DDoS attack of the Mirai botnet took place at DYN's domain servers; it caused a massive downfall of many well-known Internet services. For example, Amazon, BBC, Fox, PayPal, Visa. There seems to be a similar or even larger attack in the near future: CheckPoint now warns against the new "IoT Reaper" bot, which consists of compromised IoT devices (Internet Things), allegedly now includes more than a million bottles, and each day about 10 thousand more. It uses vulnerabilities such as AVTECH, Goahead, JAWS, Vacron (IP cameras), D-Link, TP-link, Linksys, MikroTik, and NetGear (routers). Such a large number of boots would once again be well suited for massive DDoS attacks.
Opinions about the actual number of infected boobs in IoT Reaper are different, but the danger is real.
This domain is normally used to back up and restore backed up files on Dell computers. The domain expired on June 1, 2017 and then bought by another company; malware was detected on the server. According to Dell, support for Dell Backup and Recovery has ended in 2016; but many customers were unlikely to be aware of it and could have leaked their data or infected their systems.
HUF 3,754 / Month
HUF 30,035 / Month