June 25, 2019

Cyber-news from the dark side – cyber-hypocrisy, an eye for a Mirai, GCHQ-watching-you, and keeping BlueKeep at bay.

Hi folks!

Let’s kick off with some good news….

‘Most tested, most awarded’ – still ).

Just recently, the respected independent test lab AV-Comparatives released the results of its annual survey. Taking place at the end of 2018, the survey, er, surveyed 3000 respondents worldwide. Of the 19 questions asked of each, one was ‘Which desktop anti-malware security solution do you primarily use?‘. And guess which brand came top in the answers for Europe, Asia, and South/Central America? Yes: K! In North America we came second (and I’m sure that’s only temporary). In addition, in Europe we were chosen as the most frequently used security solution for smartphones. We’re also at the top of the list of companies whose products users most often ask to test, both in the ‘home’ segment and among antivirus products for business. Great! We like tests, and you can see why! Btw – here’s more detail on the independent tests and reviews that our products undergo.

“Thou hypocrite, first cast out the beam out of thine own eye;
and then shalt thou see clearly to cast the speck out of thy brother’s eye.”
Matthew 7:5

In May, yet another backdoor with features reeeaaal useful for espionage was discovered. In whose tech was the backdoor found? Russia’s? China’s? Actually – Cisco‘s (again)! Was there a hullabaloo about it in the media? Incessant front-page headlines and discussion about threats to national security? Talk of banning Cisco equipment outside the U.S., etc.? Oh, what, you missed it too?! Yet at the same time, Huawei’s international lynching is not only in full swing – it’s in full swing without such backdoors, and without any convincing evidence thereof whatsoever.

source

HiddenWasp DetectedWasp.

Continuing the theme of backdoors, some new malware has been discovered: HiddenWasp. So what’s the big deal?

Well, first, this malware is for Linux – an OMG-fact in the first place. Second, it initially went unnoticed by most antivirus systems. This new malware is used in targeted attacks on previously-infected Linux machines. Its functionality differs from the standard functionality of the modern Linux malware (DDoS attacks and cryptocurrency mining): it can hide files uploaded to an infected computer, copy the contents of hard drives, run programs, and forcefully terminate active processes on the infected system. The malware uses storage in Hong Kong and the file names are in Chinese; I’ll let you make of that what you will. But in the meantime, I hasten to reassure our users – we detect this malware and all its modifications.

source

Oh my, oh my, oh Mirai.

For anyone who wants to dive into the world of new cyberthreats in more detail, I’d advise you to read our quarterly report. In there you’ll find lots about financial threats, the increase in the number of mobile ransomware Trojans, the LockerGoga encrypting-malware attack on large enterprises, plus analysis of the Mirai IoT botnet.

Regarding the latter, there’s a lot of interesting findings. First, Mirai has expanded its network of victims and learned how to attack corporate IoT devices. Second, if the worm detects that it’s running in a sandbox (an artificially isolated environment for the safe execution of computer programs), it just stops working. Besides, in one version of Mirai a mechanism for clearing the environment of other bots has been detected. Well, well! So it not only hides, it also gets rid of all the competition!

LockerGoga dancing.

In March of this year, the Norwegian metals giant Norsk Hydro was severely affected by the encryption virus LockerGoga (and it wasn’t alone: the virus infected the systems of a lot of other industrial companies too). The infection practically paralyzed the company’s IT systems, which caused a breakdown in the work of its production facilities and offices. In early June the company released its financial report for the first quarter of 2019, in which was published the figure as to the financial damage from the cyberattack: around 70 million dollars!

source

Big Brother update 1: GCHQ is watching you!

Recently in an open letter, 47 large companies, associations and NGOs – including Microsoft, Apple, Google, WhatsApp and Human Rights Watch – criticized the proposal of the UK’s Government Communications Headquarters (GCHQ) to pass encrypted messages to the state. The letter noted that GCHQ’s plans undermine the credibility of encryption services and threaten the right to privacy and freedom of expression of users. The GCHQ proposal was published in an open essay at the end of 2018. The authors suggested that though intelligence officers read messages in encrypted chats, users should not be aware that they were being spied on. Allegedly, this solution corresponds to ‘current practices in surveillance’ and does not differ from listening to unencrypted telephone conversations. Such a proposal made by the authorities is not an isolated case, but a world trend. The German magazine Der Spiegel recently reported that a law was already being developed in the country that would force popular instant messengers such as WhatsApp to cooperate with law enforcement agencies and provide chat texts in decrypted form by court order. Similar pushes from state security authorities are being made in Russia too, targeting the country’s popular Yandex email and Telegram instant messenger services.

Big Brother update 2: Keeping BlueKeep at bay.

Very recently, a serious vulnerability called BlueKeep was discovered in Windows, which threatens old versions of the operating system no longer supported by Microsoft. For those who, like me, aren’t big fans of Windows 10 – this is very unsavory news. Anyway, our guys were the first to come up with defense for the hole, and shared it with our industry colleagues so that any and all antiviruses could quickly shut down the attack. Microsoft itself understood the seriousness of this vulnerability – going so far as releasing a patch for ‘unsupported’ Windows XP. But!…

Do you think XP users around the world rushed with the patch and update? That’s right: noooooo. That means a hacker could exploit the hole, allowing “an infectious worm to rip through millions of PCs”. Oops. Eek. So, stay tuned – with fingers crossed…

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email
  • No, thanks

READ COMMENTS 0
Leave a note
Facebook

April 12, 2024

You’ve heard of a road trip. But what about an ice-road trip?!

You’ve had your intro posts already; now, if there are no questions from the audience, I’ll proceed to my next tale from the Far Northern side, which could have been titled “Yakutian ice roads heading north from Kolyma Highway“. But first, I think – an explainer… What is an ice road? And what’s a winter […]

April 9, 2024

My friend, the North. Yakutsk-Tiksi-Yakutsk 2024.

Hi folks! Last week I completed quite possibly my most mind-blowingly awesome trip up to the Far North – from Yakutsk in a northeasterly direction and then further north to Russia’s northern coast. You’ve had a few intro-posts on the expedition already; now for a (slightly) deeper dive… My regular readers will know well how […]

April 4, 2024

Yakutian winter roads, photoshoots on frozen rivers, and 4×4 and other good fun.

Hi folks! You’ve had your aperitifs, finger-nibbles, and soup (one, two, and April 1); now for… a salad starter!… How long have we been road-tripping on Yakutian highways and winter roads? Oh – three weeks already! Time to be heading back home I guess… As usual for my expeditions, I’ve taken a ton of photos […]

April 2, 2024

Far-North Road-Trip 2024: onward – northward!

The internet connection here is really unstable – coming and going all day long. Just now it’s available though, so here’s my next mini-tranche of Siberian on-the-road/wilderness pics: These photos are of a winter road upon a frozen river. As you can see – sunny and cloudless: a beautiful day indeed. The internet’s disappeared again […]

April 1, 2024

A new scientific discovery (of ours) in Siberia: mega-heavy water (and floating stones)!

Hi folks! Well, well; I wasn’t expecting this: we’ve made a world-first discovery in Yakutia while on our Far-North Road-Trip – mega-heavy water! The pioneering discovery was made in the Indigirka river, here. We were crossing said frozen river in our 4x4s, and we decided to take a photo-stop as the surrounding scenes were so […]

March 29, 2024

Far-North Road-Trip 2024: the adventure begins…

Hi folks! Been a while, I know. But there’s a good reason, as you’ll see… I’ve finally – after getting on for three weeks! – gotten the opportunity to share with you at least some details about our latest winter remote Siberian road-trip adventure. I wasn’t able to earlier since the distances involved are dizzying […]

More

Travel Vlog

You might also like…