Connect with us

Cybersecurity

Report: Healthcare Services Pay Nearly $100,000 to Ransomware Attacker

Published

on

A new report has found that hospitals are increasingly targeted by ransomware attackers because of the low-security measures put into place.

The McAfee Labs Threats Report: September 2016 has found that hospitals paid around $100,000 to a bitcoin address in the first quarter of the year.

In February 2016, one hospital in California was reported to have been targeted by hackers demanding a ransom of 9,000 bitcoins, amounting to around US$5.77 million.

The hospital reportedly paid $17,000 to have its files and systems restored; however, it suffered a downtime of five days.

Different Method of Attacks

In most ransomware attacks, ransomware is delivered through phishing when emails are sent with subjects such as ‘failed delivery’ or ‘my resume’. They have attachments, which then download the ransomware.

Another method that hackers tend to use is through exploit kits; however, according to the McAfee report, none of these methods were employed during the first quarter of 2016.

The report found that through the open-source tool JexBoss, hackers targeting hospitals were able to scan for vulnerable JBoss web servers before sending an exploit to initiate a shell on those hosts. Once the servers were then infected, available tools used by the hackers were then utilized to map the trusted network.

Hospitals Off Limits

When it comes to hospitals these are typically seen to be off limits for ransomware attacks. That’s according to McAfee.

The report said:

In the Russian underground, there is an ethical ‘code of conduct’ that places hospitals off limits, even if they are in countries normally targeted in their cybercrime campaigns and operations.

Hospital stock

It was concluded that these types of hospital attacks that took place at the beginning of the year were undertaken by malicious hackers and even though the attacks were effective they were not very sophisticated.

In the first half of 2016, most ransomware attacks took place on American and Canadian hospitals with a few targeting U.K. and Australian hospitals. As a result, the U.S. and Canadian cybersecurity agencies issued an alert earlier this year regarding ransomware attacks, as reported by CCN.

Ransomware Profit

The report found that a ransomware author and distributor had received BTC 189,813, translating to around $121 million. The author, the report stated, claimed that they have earned $94 million in the first six months of 2016.

As it can be seen, money can be made quickly through ransomware attacks. While the report discovered that the majority of victims did not pay the ransom demand, hospitals that were targeted by the ransomware family samsam did appear to pay.

The amounts involved varied, but the biggest direct costs were from downtime or lost revenue, incident response, system recovery, audit services, and other cleanup costs. Those targeted had a downtime for at least five to 10 days.

It seems, though, that unless health care services improve on their cybersecurity, malicious hackers will continue to target them, gaining access to personal and oftentimes irreplaceable data. For now, the advice from the FBI is to avoid paying the ransom demand to hackers.

Featured image from iStock/zimmytws and Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...





Feedback or Requests?

Bitcoin

Bitcoin Network Faced One-Two Punch of Inflation and DoS Threats

Published

on

Bitcoin Core has emerged seemingly unscathed from a major vulnerability that threatened to shut down parts of the network in a denial-of-service (DoS) attack. But apparently, the bug was even worse than originally thought. According to a Bitcoin Core Full Disclosure Report, the issue included an “inflation vulnerability,” one in which if seized upon could have bolstered the supply of bitcoin beyond the famous 21 million coin ceiling. By pouring more coins into the supply, the hackers would have diminished the value of the circulating bitcoins.

The decision to expose only the lesser extreme part of the bug to the public was deliberate. According to the report:

“In order to encourage rapid upgrades, the decision was made to immediately patch and disclose the less serious Denial of Service vulnerability, concurrently with reaching out to miners, businesses, and other affected systems while delaying publication of the full issue to give times for systems to upgrade. On September 20th a post in a public forum reported the full impact and although it was quickly retracted the claim was further circulated.”

Double-Edged Sword

The strategy was a success and the bug is no longer a threat, as evidenced by more than 50% of the bitcoin mining hashrate having been upgraded to the patched nodes with no known attempts to “exploit this vulnerability.”

Here’s what we know, according to the report –

“A developer by the title earlz independently discovered and reported the vulnerability to the Bitcoin Core security contact email.”

Meanwhile, on social media, a contributor identified as a Bitcoin Cash developer who goes by the handle “Awemany” was cheered on Reddit for discovering and reporting the bug and cementing their place in “bitcoin’s history book.” Awemany in a blog post pointed to bitcoin developer Matt Corallo, whose 2016 pull request in an attempt to accelerate validation times led to what Awemany characterized as “one of the most catastrophic bugs in Bitcoin ever.”

The bottom line is that the bug was discovered and the threat has been lifted. It’s both a reminder of the risks associated with the consensus mechanism and a demonstration of good faith among the decision makers.

While it’s mostly the future of ETH that has been contemplated of late, given the plummeting of the No. 2 cryptocurrency’s value this year along with the confidence of investors, bitcoin has its own issues. In an exclusive interview with CCN, Sheffield Clark, who is at the helm of bitcoin ATM maker Coinsource, pointed to potentially “stagnant” mainstream adoption of bitcoin amid a lack of regulatory framework to help resolve issues like extreme volatility.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 62 rated postsGerelyn has been covering ICOs and the cryptocurrency market since mid-2017. She's also reported on fintech more broadly in addition to asset management, having previously specialized in institutional investing. She owns some BTC and ETH.




Feedback or Requests?

Continue Reading

Cyberespionage

North Korea is now Targeting Crypto Users with Macs

Published

on

AppleJeus Malware Hack

The Lazarus group has earned quite a reputation for themselves in cyber-security circles.

This group of North Korean hackers have been responsible for some of the most well known intrusions in the past few years. For example, they were behind the Sony Pictures hack in 2014, the Bangladesh central bank heist in 2016 and the Wannacry ransomware outbreak in 2017.

It is safe to say that these are quite effective operators.

However, with the popularity of cryptocurrencies, the Lazarus group has changed their attack vectors and are targeting every day users with Malware.

The latest report now has the hackers using MacOS malware to hoover up information from those cryptocurrency users who work on Macbooks.

“AppleJeus”

This was the first time that the Lazarus group has developed malware to target Mac users. Indeed, Mac operating systems are far less susceptible to Malware than Windows based systems.

It was a surprise for researchers at Kaspersky Lab to have learned about the latest Lazarus attempt to target users with there macOS malware. They have labelled it “AppleJeus”.

This was first spotted on machines that were being used by cryptocurrency company in Asia. Indeed, this is no coincidence as the Lazarus group has often targeted cryptocurrency related businesses and exchanges in South Korea.

How Does it Work?

AppleJeus hides itself inside the code of a seemingly legitimate piece of cryptocurrency trading software called Celas Trade Pro. The user will download the app from the website of the developer. When it is first downloaded, there are no signs that anything could be off. The app appears to operate normally.

Celas Trade Screenshot

Screenshot of Celas Trade, the offending program. Source: kaspersky labs

Once the app is installed on the device, it will request to update the software. This sort of request is present in authentic software and as such will not trigger any alerts. However, there is malicious code that is inside of this update.

The moment that the update is installed, it will scan the computer and gather as much information as possible. This will then be sent back the hacker’s server so that they can make a decision on whether the person is worth attacking.

If they think that there is valuable information (or cryptocurrency) on the machine then they will instruct the software to install a trojan called “Fallchill”. For those who do not know, Trojans are malicious malware that will install a “backdoor” into the machine

Fallchill is a particularly robust trojan and can gather a great deal of information from the machine. This includes data such as financial information, login credentials and of course, information about cryptocurrency trading accounts.

Once the hackers have this personal information, they can either access your online accounts or they can conduct other spear phishing attacks against you. It is indeed a troubling development and according to Vitaly Kamluk of Kaspersky:

“For macOS users this case is a wakeup call, especially if they use their Macs to perform operations with cryptocurrencies”

So now that you know North Korea is actively trying to get their hands on your cryptocurrency, how do you protect yourself?

Keeping Safe from AppleJeus

The most effetive way to protect yourself from this Malware is to make sure that you only download software that is well known and reputable. This of course goes without saying but it is far too often that relatively inexperienced cryptocurrency traders will avoid doing their research.

The researchers have recommended that people and businesses do not download the software of Celas Trade. Even though they appear to have a a good reputation and verified digital certificates, this cannot be fully trusted.

You should also consider investing in some effective anti-malware software that you should use to scan all files that you have downloaded. This should be done even if you trust the source because hackers have been known to infiltrate trusted websites.

Cryptocurrency Security 101

Even if you are unlucky enough to have your machine infected with crypto grabbing malware, basic crypto security best practices will still protect you.

If you do a great deal of online trading with your cryptocurrency then it is essential that you secure your accounts with 2 factor authentication. This way, you are at least able to reduce the number of attack vectors.

You should always secure your large cryptocurrency holdings in hardware wallet. This is because the wallets operate external from the machine and hence the trojan cannot read your private key information.

Caution and a healthy does of scepticism will protect you from the an unhealthy does of AppleJeus.

Featured Image via Fotolia.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 3 rated postsNic is an ex Investment Banker and current crypto enthusiast. When he is not sitting behind six screens trading Bitcoin, he is maintaining his numerous mining rigs.




Feedback or Requests?

Continue Reading

Cryptocurrencies

Crypto Pump and Dumps Have Generated $825 Million in Activity This Year: WSJ

Published

on

Price manipulation involving ‘pump and dump’ schemes are alive and well in the cryptocurrency market. According to new research by The Wall Street Journal, organized cryptocurrency groups have generated at least $825 million in trading activity over the past six months.

Pump Groups Thrive in Nascent Crypto Market

In a comprehensive review of trading data and online communications among crypto traders between January and July, WSJ identified 175 pump and dump schemes spanning 121 different coins. Among the 50 pumps with the biggest increase in price, nearly half had lost their value.

Among the dozen pump groups analyzed by WSJ, Big Pump Signal and its 74,000 Telegram followers have had the biggest impact on markets. The group engineered 26 pumps resulting in $222 million in trades.

Pump schemes have exploded over the past 18 months as initial coin offerings (ICOs) garnered mainstream attention. More than $12 billion has flowed into coin offerings since January 2017, according to ICOData.io, inviting a new form of speculation in markets that remain largely unregulated to this day.

Analysts say most pump and dumps following a similar pattern: the group announces a time and exchange for a pump; at the set time, traders execute the signal, creating a short-term buying frenzy; after a set time (usually a few minutes), the coin is sold for instant profit.

One of the biggest pumps in recent memory came in early July after Big Pump Signal commanded its followers to buy cloakcoin (CLOAK), an obscure cryptocurrency that purports to be “fully private, secure and untraceable.” After the call was made, CLOAK spiked 50% on Binance before plummeting more than 20% after two minutes.

Stopping the Fraud

Although the pump and dump is one of the oldest forms of market fraud, regulators have struggled to stem the practice. As WSJ reports, similar practices were banned in the 1930s, but that hasn’t stopped pump and dumps from proliferating at different points in history. Jordan Belfort, whose life was chronicled in the movie “Wolf of Wall Street,” pleaded guilty in 1999 for running pump and dumps costing investors more than $200 million.

The U.S. Securities and Exchange Commission (SEC) regularly deals with pump and dumps in the stock market, but has yet to bring a case involving cryptocurrencies. In the meantime, the U.S. Commodity Futures Trading Commission (CFTC) has offered a reward for anyone who warns the agency about potential pump and dump schemes involving cryptocurrencies.

“If you have original information that leads to a successful enforcement action that leads to monetary sanctions of $1 million or more, you could be eligible for a monetary award of between 10 percent and 30 percent,” a CFTC memo, released in February, read. That translates into a potential reward of at least $100,000.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.6 stars on average, based on 610 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending