In other RansomwareNewz: Sex, Crime, Nudity & Revenge!

While news in the cybersecurity world is dominated by Bad Rabbit, we knew that mentions of sex, nudity, crime and revenge would grab your attention like a President might grab a *****, and today’s RansomwareNewz has it all, just like a Shakespearian play… only without the murder and ghosts but with sixteen century insults like…

YOU SCURVY-RIDDEN, POCK-MARKED, MAGGOT-BRAINED CUTLET MAKER

We begin where Cybercrime meets a more traditional crime – well, one that involves the physical theft. They didn’t have ATM machines in the 1500’s but a suspiciously Shakespearian-sounding malware called Cutlet Maker is being hawked on the dark web as MaaS or Malware as a Service.

In the Dark Ages, hackers used to exploit ATM hardware with swords and rocks and skimmers to steal customer’s details and occasionally exploited ATM software vulnerabilities, but now anyone can simply buy a malware to steal oodles of money from cash machines.

Yes, for as little as five thousand dollars, you too could be the proud owner of Cutlet Maker malware, meaning you can rock up to a specific type of ATM machine, anywhere in the world and seconds later walk away with bundles of banknotes in the hundreds of thousands.  

For your money, you’ll receive a detailed manual for the malware toolkit, including details of the equipment you’d need, ATM models to target and tips and tricks for the malware’s operation.

Cutlet Maker tricks the bank ATMs from a specific vendor to release cash without authorization, meaning this form of crime, known as jackpotting is victimless as you’re stealing from the bank directly and not the customers.

While RansomwareNewz would never condone illegal activity, who hasn’t daydreamed about ATM’s spitting out endless cash!

CELEBGATE NUDES

Remember back in 2014 when a rash of nude celebrity photos were leaked, including Jennifer Lawrence, Rihanna and Kim Kardashian?

Well, on Monday, the US Attorney’s Office in Chicago revealed that 32-year-old Emilio Herrera, has signed a plea deal and is expected to plead guilty to a felony violation of the Computer Fraud and Abuse Act (CFAA) in connection with the hack.

Herrera launched phishing and password-reset scams on celebrities’ iCloud and email accounts and is the third douchebag hacker to be charged after Edward Majerczyk, was sentenced to nine months in jail in January and Ryan Collins was thrown in the clink for double that last October.

Jennifer Lawrence told Vanity Fair she believed the publishing of stolen nude photos “is not a scandal. It is a sex crime.”

TYRANT TARGETS IRAN

It’s not often that Iran makes tech news, but it’s Iran Computer Emergency Response Team Coordination Center has reported that ransomware named Tyrant has targeted Iranian computers running Microsoft Windows.

The news broke on Iran CERTCC’s official website – www.nwwceaad.com which stands for Nuclear weapons? We can’t even afford a donkey.

In most cases, Tyrant ransomware was disguised as Psiphon, a popular VPN in the Middle East and victims were told they have 24 hours to pay $15 to the hackers in the form of WebMoney, an online cryptocurrency before files were eliminated.

While a ransom of $15 may not seem much to you and I, Iran’s 2017 minimum wage is 66% below the poverty line.

REVENGE IS A DISH BEST SERVED COLD

Korean drama is full of revenge, so in what some may feel is South Korea being given an ironic dose of their own medicine, a new ransomware family called Magniber targets only users in South Korea and the Asia-Pacific regions.

While the majority of the cyberattacks that come out of Korea are believed to come from the communist north, it’s not beyond the realms of possibility that some stems from South Korea.

The ransomware is primarily being distributed by the Magnitude EK (exploit kit,) a primary distribution vehicle in the past for Cerber ransomware hence why researchers are calling the new ransomware Magniber, a portmanteau or mashup (port-mashup?) of both names.

The malware contains a binary payload in its resource section encrypted in reverse using RC4. After unpacking in memory, the malware executes the contents of its payload. If the Magniber Ransomware is executed, the malware then starts to encrypt user files on the system, renaming them by adding a “.ihsdj” extension before issuing a command to delete itself like Old Boy himself wiping down the scene of a particularly gruesome vengeance murder. 

That’s enough tales of lust and revenge for one week, we hope you’ve enjoyed this thrillingly sensationalist RansomwareNewz Desk, we’ll be back down to earth with more news stories very soon, until then… a pox on both your houses! 

 

Leave a Reply

Your email address will not be published.