Cyber Headlines: The Return of Locky, Russian Cyberspies, and Iran Petrochemical Malware
In the ever-changing landscape of CyberSecurity, it’s hard to keep up sometimes. Luckily, we’re here to keep you in the loop with all the current white-hat, grey-hat and black-hat hacker news of the day. Today, I sit down with Dennis Skarr to discuss The Return of Locky, Russian Cyberspies, and recent Malware found in Iran chemical plants. Peep the video below and don’t forget to let us know what you think!
The Return of Locky, Russian Cyberspies, and Iran Petrochemical Malware Recap:
- The Locky ransomware has morphed more than any other ransomware active today.
- It was created and developed by the same group that created the Dridex banking trojan, who also owns one of the most active botnets on the Internet.
- The download behavior is similar to that seen before, as the files downloaded from the URLs inserted in the script are decrypted and dropped in the Windows Temp directory.
- Crowdstrike revealed that the DNC had called it in to inspect the party’s servers, where it found “two separate Russian intelligence-affiliated adversaries present in the DNC network.”
- One of the groups, dubbed Cozy Bear, had been monitoring the emails and chats since gaining access last summer.
- he group called Fancy Bear, targeted opposition research files. That group broke into the DNC’s systems in April, setting off the alarm bells that resulted in the discovery of both infiltration
- “My bet is that it is an insider. In my opinion, if the Russians had these files, they would use them not leak them or any part of them to the world” – William Binney, the 36-year NSA veteran widely regarded as a “legend”.
- The Republican National Convention has had to fend off a wave of cyberattacks even before the opening gavel sounded.
- Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.
- The origins of the cyberweapon, which outside analysts dubbed Stuxnet after it was inadvertently discovered in 2010, have long been debated, with most experts concluding that the United States and Israel probably collaborated on the effort.
- Experts believe that Stuxnet required the largest and costliest development effort in malware history. Developing its many capabilities would have required a team of highly capable programmers, in-depth knowledge of industrial processes, and an interest in attacking industrial infrastructure.