Weekly Tech Roundup — April 24
New malware botnets, Ransomware as a Service campaigns, and financial breaches littered the technological landscape last week. But that doesn’t mean the world of tech isn’t going to fight back. Find out what’s being done to combat these emerging threats, and what you can do to protect your data in the meantime in our weekly tech roundup.
The Mirai botnet has some new competition
The Mirai botnet has become infamous for its ability to infect Internet of Things (IoT) devices and do with them what they please, but a new malware variant is stealing the spotlight and undermining data protection plans worldwide.
Called “Mirai on steroids” by BackConnect CTO Marshal Webb, the new IoT botnet called Hajime has been seen infecting vulnerable IoT products with a strength unmatched even by Mirai, according to PC World.
It’s been around for about six months so far and has infected around 100,000 devices worldwide.
Hajime was discovered after researchers began intensifying their search for Mirai following a massive Distributed Denial of Service (DDoS) attack—something Hajime could very easily execute as well. But while the two use similar tactics, compromising unsecure devices by inundating them with possible username and password combinations and installing malicious programming, they have significant differences.
Unlike Mirai, which takes orders from a command-and-control server, Hajime communicates and infects a system through a peer-to-peer network of protocols in BitTorrent. This makes the botnet decentralized, harder to trace, and even harder to stop.
It’s “much more advanced than Mirai,” according to Webb, and it’s growing at an alarming rate.
Researchers have not been able to attribute this new botnet to any individual or group, but with its ever-increasing attempts at infecting vulnerable devices, it’s likely gearing up to launch a major DDoS attack.
In order to stop this botnet from conquering IoT devices, these vulnerabilities need to be patched. But to ensure no data is lost in the crossfire, it’s important to execute regular backups. These will keep your data safe even if malicious hands get a hold of them.
Ransomware “starter pack” emerges on the black market
A new ransomware example is now available for cybercriminals to deliver ransomware-as-a-service, according to ZDnet. The malware is easily modified and customized by the criminal deploying it. It’s also special in its ability to allow hackers to remotely control the attack from their web browser. This allows hackers to see their ransomware in action.
Dubbed Karmen, it is easily deployed and managed from a centralized web dashboard, giving novice hackers everything they need to launch a successful attack, and it only costs $175.
It comes with limited support, a 12-kilobyte file for emails, the malware itself, and a defense mechanism that self-deletes if debuggers are found on the system it’s trying to infect.
The hacker behind the low-cost ransomware script is known as “DevBitox.” According to Recorded Future, the motivation behind this ransomware is solely financial gain, which is why the rather run-of-the-mill ransomware is up for sale to anyone who can pay. The author has already made at least $2000, and is likely to make much more.
There have been 20 buyers so far, which means there are 20 more hackers out there trying to evade your data protection plans and steal your money. Make sure you have backups ready so that you don’t become a victim.
Malware infects restaurant chain for months
Shoney’s, a restaurant chain based in Nashville, Tennessee and spread out across 17 other states, was made a victim of credit card information-stealing malware for months, PC Mag reports.
Since news of the payment system breach was released, Best American Hospitality Corp. confirmed the attack. This is a company that manages dozens of Shoney’s restaurants. 37 restaurants and their locations were infected by the installed malware.
"The malware searched for track data (cardholder name, card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the affected computer," Best American Hospitality Corp. said in a statement.
What’s worse is that this malware went uncontained for months, first appearing on December 27. It wasn’t managed until March 6.
There is no word yet on how much data was stolen, but it’s advised that anyone who visited these locations should check their statements.
Delaware is paving the way for blockchain
The Delaware General Assembly is considering an amendment to the state law in favor of blockchain. The amendment hopes to make the process of tracking stocks and their owners more efficient and transparent, according to Delaware Online.
Those who support the amendment cite two advantages it will have for the state of Delaware. First, it will increase competition across corporations, Delaware being the home of 1 million corporate entities—64% being Fortune 500 companies. The second advantage is the fact that utilizing blockchain will put Delaware at the forefront of the blockchain revolution. This will pave the way for business growth and expansion.
This amendment to Delaware General Corporation Law will allow entities incorporated in the state to use blockchain to track stock sales legally.
This push for blockchain comes after a class-action lawsuit involving Dole Foods after the company gave out 12 million more shares of stock than it thought. There was also an incident where the court stopped Dell Inc. shareholders from pursuing litigation when confusion led to their shares voting against their favor.
"It's not just complex, but you have to figure out all kinds of legal provisions," he said. "It's prone to human error and not a very good process. Blockchain changes all that,” Marco Santori, a partner at Cooley LP, said of the stock issuing process.
NSA’s Windows exploits patched after leak
A data dump by the hacking group known as Shadow Brokers led to the discovery of many Windows vulnerabilities, but Microsoft assured users most of these vulnerabilities have since been patched, Computerworld reports.
"Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products," said Microsoft Security Response Center group manager Phillip Misner in a blog post.
The release of these vulnerabilities is part of a larger dump of NSA internal operations and exploits. Other documents released include code used by the NSA to hack into computers and other electronic devices worldwide.
Misner went on to say that most of the vulnerabilities had been patched in previous updates, and that to ensure maximum data protection, users should update their current versions.
He stressed the importance of upgrading to newer versions, as older versions such as Windows Vista and Windows XP are no longer receiving security updates. These editions could be vulnerable to up to 12 of the exploits leaked in the data dump.
If still running older version, however, it’s important that you backup the data on your device before installing the update to ensure years’ worth of precious business and personal data aren’t lost.