Weekly Tech Roundup — February 13
As the weeks roll on, ransomware continues to dominate most cyber security headlines. But it wasn’t just stories of data loss and malware attacks that made the front page. Hackers continued to take advantage of the growing number of data vulnerabilities that permeate our digital world today—but some of them took it upon themselves to fight fire with fire, exposing some particularly harmful websites to the kind of attack they themselves perpetuate. Find out what you missed in the stories below.
Group affiliated with Anonymous hacks 20% of Dark Web
An Anonymous-affiliated group hacked into a number of websites hosted on the Dark Web, according to International Business Times. More than 10,000 websites on the popular Freedom Posting II service were hacked by the group, and visitors to these sites were met with this message:
“Hello, Freedom Hosting II, you have been hacked.”
75 GB worth of data was stolen, and 2.6 GB of databases were compromised in the hack. The hackers claim that the data they stole will be returned after a payment of $100 or 0.1 bitcoin. It is very unlikely, however, that this is a genuine offer.
The hackers released information about the hack, claiming that over 50 percent of the data stored on Freedom Hosting II websites was child pornography sites. This doesn’t come as a shock, as the original Freedom Hosting site was shut down after it was found to be hosting massive amounts of child pornography.
15-20 percent of all sites hosted on the Dark Web are believed to be hosted through Freedom Hosting II. As a result, it’s believed that this attack took down one fifth of the Dark Web itself.
Macro malware moving to Mac users
Malware that has long abused macros in Microsoft Word documents and plagued Windows users is now targeting Mac users.
The malware was found in a Word document entitled, "U.S. Allies and Rivals Digest Trump's Victory - Carnegie Endowment for International Peace." according to Ars Technica. Once opened, embedded macros begin checking to make sure that the LittleSnitch firewall for Macs (which looks for suspicious outbound connections) isn’t running, then downloading, decrypting and executing an encrypted malware payload.
"By using macros in Word documents, they are exploiting the weakest link; humans! And moreover since macros are 'legitimate' functionality (vs. say a memory corruption vulnerability) the malware's infection vector doesn't have to worry about crashing the system nor being 'patched' out,” said Director of Research at Synack Patrick Wardle.
This is a major innovation in this type of malware targeting Apple devices, but it is still in its early stages. Even Mac users should be vigilant and take data protection seriously. If your device is hacked, it’s important that you always have a backup to fall back on.
Congress launches Congressional Blockchain Caucus
Congress is getting serious about blockchain.
Representatives Jared Polis (Democrat from Colorado) and David Schweikert (Republican from Arizona) officially launched the Congressional Blockchain Caucus last Thursday, according to a government press release. The aim of the caucus is to work towards safe public policy around blockchain technologies and digital currencies.
Education and research are top priorities for the Congressional Blockchain Caucus as they work to help policymakers make decisions and enact legislation surrounding blockchain integration.
The congressmen behind the relaunch of this caucus understand the importance of blockchain in keeping America a country of innovators. They recognize the importance that this technology will play in the future.
“Blockchain has the potential to transform the 21st century economy. Lawmakers need to understand that as the world rapidly changes, it’s our responsibility to ensure that we craft policies and adapt laws that match our ingenuity. Blockchain’s potential to reshape everything from the financial industry, to supply chains, to cybersecurity, to health care is something we should embrace,” said Rep. Jared Polis.
Much like Polis, Acronis recognizes the revolutionary aspects of blockchain, integrating this technology into products like Acronis True Image 2017 New Generation to increase data protection and ensure that your backups are tagged and fingerprinted for users to authenticate at will.
Wordpress vulnerability leads to major hacking
The WordPress blogging platform is the latest victim of a widespread hacking attack, according to Computerworld. Hackers are taking advantage of webpages with a critical unpatched vulnerability.
This vulnerability allows hackers to deface unpatched WordPress sites. This flaw was repaired on January 26, but WordPress failed to highlight the vulnerability until a week later, so not all users immediately installed the patch. In the intervening week, hackers modified the content of more than 1.5 million WordPress pages.
"This vulnerability has resulted in a kind of feeding frenzy where attackers are competing with each other to deface vulnerable WordPress websites. During the past 48 hours we have seen over 800,000 attacks exploiting this specific vulnerability across the WordPress sites we monitor,” says Mark Maunder, CEO of Feedjit, which makes a security plug-in for WordPress sites.
With all web services seemingly becoming more vulnerable, computer backup and data protection have never been more important. Imagine if your blog was hacked, or you clicked on a hacked page—what would happen to your data then?
Ranion Ransomware-as-a-Service available on the Dark Web
If you weren’t worried about ransomware-as-a-service (RaaS) before, you should be now.
Ranion, a new RaaS portal that recently debuted on the Dark Web, is enabling low-skilled criminals to get into the ransomware racket at incredible cheap rates, Bleeping Computer reports. The service claims to be available “for educational purposes,” but the ease and inexpensive nature of this service is raising alarms.
Unlike other RaaS services, however, Ranion doesn’t take a cut of the profit made from ransomware attacks. Other RaaS offerings ask between 20-60 percent from every complete ransom payment. Ranion also allows would-be ransomware distributors to test its services before committing. Ranion distributors receive ransomware payloads that work on both 32-bit and 64-bit Windows PCs, targeting popular file types like those used with Microsoft Office Suite.
RaaS services have grown over the last two years due to how easy and cheap they are, and Ranion cuts these costs down even further. As a result, both individuals and businesses need to make data protection a priority. The only way to recover from an attack is with computer backups—and for businesses, an effective disaster recovery strategy.