Back in
October, the FBI recommended paying the ransom. Flag for my Computer
Security students.
ProtonMail
pays Bitcoin ransom to stop DDoS attack then is attacked further
Distributed denial of service (DDoS) attacks with
extortion demands for payments in Bitcoin to stop them are becoming
more and more popular in 2015, but what happens if you give in and
pay the ransom?
Switzerland-based email service provider
ProntonMail (Proton Technologies AG) has found out the hard way that
paying the ransom doesn’t work after the company experienced the
multiple DDoS attacks and paid the ransom.
… “The coordinated assault on our ISP
exceeded 100Gbps and attacked not only the data center, but also
routers in Zurich, Frankfurt, and other locations where our ISP has
nodes. This coordinated assault on key infrastructure eventually
managed to bring down both the data center and the ISP, which
impacted hundreds of other companies, not just ProtonMail.”
Given the impact of the attack on other companies,
the company explained why the paid the money demanded, writing “At
this point, we were placed under a lot of pressure by third parties
to just pay the ransom, which we grudgingly agreed to do
(Related) Encryption when they gain access to
your site, DDOS when they can not.
Extortionists are busier than ever. This past
week saw more reports on ransomware that corrupts files even if you
pay the ransom, and DDoS attacks so powerful that usual defenses may
be inadequate.
Brian Krebs reports:
One of the more common and destructive computer crimes to emerge over the past few years involves ransomware — malicious code that quietly scrambles all of the infected user’s documents and files with very strong encryption. A ransom, to be paid in Bitcon, is demanded in exchange for a key to unlock the files. Well, now it appears fraudsters are developing ransomware that does the same but for Web sites — essentially holding the site’s files, pages and images for ransom.
Read more on KrebsOnSecurity.com,
where Brian also includes
some info on backing up your system. One of the things he
reports – and I’ve seen this elsewhere as well – is that
there’s something about the new ransomware that even when you are
eventually able to decrypt your files (assuming you pay the ransom),
some of the files seem to
be corrupted by the ransomware’s decryption.
TheHackerNews
also has more on the Linux ransomware Brian discusses.
Besides the ransomware threat this week, I am also
seeing more about companies paying extortion demands to avoid massive
DDoS attacks that are taking down web sites. A few days after
ProtonMail announced that it had paid the extortion demands at the
urging of its web host and other companies affected by the massive
attack, a tweet from @CocaineSecurity suggested that Swedbank had
paid an extortion demand to stop a DDoS attack. In a tweet on
November 7, @CocaineSecurity wrote:
Thanks for the bitcoins! @Swedbank Nobody will now touch your website.— CocaineSecurity (@CocaineSecurity) November 7, 2015
As of the time of this posting, there’s been no
statement from Swedbank either confirming or denying the claim that
they paid the extortion demand.
Update: Swedbank just responded
to my tweeted inquiry about this by replying that they have not
paid any ransom demand and have reported the individual to the
police:
@PogoWasRight We haven’t paid anyone. We have reported the person behind this to the police. — Swedbank Sverige (@Swedbank) November 9, 2015
@CocaineSecurity quickly responded with its own
tweet:
@PogoWasRight @Swedbank Wanna go down again? We do bite — CocaineSecurity (@CocaineSecurity) November 9, 2015
“Because
our customers are too dumb to realize what we're doing...” I would
be interested to see the raw numbers. I bet only a small percentage
of customers go over 300GB in a month. Are they really looking at
peak usage or are they projecting a future where everyone runs 24
hour TV and downloads movies and surfs the Internet and listens to
music and... and... and...?
Comcast
leak shows that data caps aren't about congestion
Many internet providers with data caps (especially
in
mobile) will tell you that those limits exist to prevent network
congestion – that's not necessarily true, but it's the
official line. However, Comcast isn't even trying to make that
claim. Leaked
support documents show that the cable giant's customer service reps
will deny that the expanding
internet caps are about congestion in any form. Instead, the
ceilings are about "fairness" and offering a "more
flexible policy" to subscribers. Also, Comcast is telling
agents to avoid describing cap-free areas as having unlimited usage.
Instead, staffers are supposed to tell you that unfettered areas are
still subject to Comcast's longstanding 250GB soft cap – the
company just isn't "currently enforcing" the limit. In
other words... it's unlimited.
An interesting tool to compete with other search
engines. Pin your own image then search? God help me when my wife,
the “power shopper” discovers this.
Pinterest
Sharpens Its Visual-Search Skills
Photo-sharing
site Pinterest Inc. is considered a social network, akin to Facebook
Inc. It would rather be more like Google.
The San Francisco startup plans to introduce
Monday technology to let users search its site without using text.
The new tool would allow a user who, for example, admires a light
fixture pictured hanging above a dining-room table to highlight it,
and then see pictures of other light fixtures in similar styles or
colors.
Pinterest says the technology is a step toward a
new type of visual search engine that it calls “a discovery
engine.” The company’s executives say it will help users find
things they didn’t know they liked.
Perspective.
Snapchat
triples video traffic as it closes the gap with Facebook
Snapchat is closing the gap with Facebook
in the social networks’ battle for scale in video. The number of
videos viewed on messaging
app Snapchat every day has tripled
since May to 6bn, according to people close to the
company.
That compares with the 8bn daily video views
announced
by Facebook last week, which has doubled from 4bn in April.
Facebook’s figure includes both desktop and mobile views, while
Snapchat’s audience — though smaller in size overall — is
entirely made up of smartphone users.
… Video is fast becoming one of the most
popular activities on social networking apps, and the race for
eyeballs comes as analysts predict huge growth in digital video
advertising. Clips are an important source of new revenue, as
advertising rates tend to be higher for video compared with static
images or text.
No comments:
Post a Comment