Tag Archives: ransomware

Netflix target of cybercriminals

http://www.pandasecurity.com/mediacenter/src/uploads/2017/03/pandasecurity-netflix-phishing-ransomware.jpg

Netflix Accounts Are Being Used In Cyber Scams

Netflix has enjoyed huge success over the last couple of years. As stated in the company’s overview, they have over 93 million members in over 190 countries enjoying more than 125 million hours of TV shows and movies per day.

Not bad for a company that started out during the declining years of physical entertainment, renting out DVD’s by mail.

Unfortunately, success often comes at a cost. Along with the adulation and well wishing, it often garners other types of, unwanted, attention. In the case of Netflix, this attention, as you can imagine, is increasingly coming from malicious cybercriminals.

What exactly are they doing though?

How They Can Get You

Cybercriminals are using several methods to breach vulnerabilities in people’s accounts. People who are probably too busy binge watching shows like Black Mirror to know what’s going on. Oh the irony!

Among the methods these cybercriminals are reportedly using are the theft of user credentials that can be sold on the deep web, the exploiting of vulnerabilities, and most recently, the infecting of systems with Trojans capable of stealing the user’s financial and personal information.

What could a cybercriminal do with stolen user information though?

They could be sold on to other cybercriminals wanting to use the service for free. There’s another layer to the equation. A double-crossing of sorts; the lure of a free account could be used to trick someone into installing malware or ransomware onto their laptop.

Cybercriminals using details in this way can make a profit out of the initial selling of the information as well as by taking hostage of the same persons data. Never trust a criminal.

Trend Labs Security recently came across a ransomware luring Windows users via a pirate login generator. This is a typical way illegal websites share premium and paid for website details for free, as shown below.

Via TrendMicro.com

Clicking the “Generate Login” button in this case leads to another prompt window that purportedly contains the stolen information of a genuine Netflix account. RANSOM_NETIX.A uses these fake windows as a distraction, however, all the while performing its encryption routine on 39 files, unbeknownst to most users.

The ransomware is employed using an AES-256 encryption algorithm and appends the files with the .se extension. As can be seen below, the ransom note demands $100 worth of Bitcoin (0.18 BTC).

Via TrendMicro.com

This is actually relatively little, as ransomware demands go, some iterations demanding $500 dollars within a very short time frame. Others even ask you to infect your friends with ransomware in order to decrypt your information.

How Can You Keep Yourself Safe?

There are, of course, two victims in this ransomware scam; those who are unknowingly having their details used to lure the other type of victim, and the other one who receives the ransomware.

The first type of victim can perform a simple action if they suspect they’re account is being used illegally. Look through the “recently watched” section of your Netflix account to see if any shows are popping up that you haven’t seen. For this reason it’s good practice not to share your account with many people, however tempting it may be to allow friends or family in on the action.

It’s also good practice to stick to your provider’s security recommendations. As always, be wary of unsolicited emails pretending to offer legitimate services. A good antivirus, of course, can also act as a barrier to certain types of malware and cyber attacks.

For the second type of victim, the advice is simple; pay for the service. The ten euros a month in savings really won’t seem so great when the device it’s used on, and everything on it, is at the mercy of cybercriminals.

The post Netflix target of cybercriminals appeared first on Panda Security Mediacenter.

This Ransomware Malware Could Poison Your Water Supply If Not Paid

Ransomware has been around for a few years, but in last two years, it has become an albatross around everyone’s neck, targeting businesses, hospitals, financial institutions and personal computers worldwide and extorting millions of dollars.

Ransomware is a type of malware that infects computers and encrypts their content with strong encryption algorithms, and then demands a ransom to decrypt

Your Smart TV Has Been Hijacked. To Continue, Please Pay Ransom

Cybercriminals that specialize in ransomware, which affects thousands of computers and mobile devices every year, are ramping up their attacks against businesses. It is here that they can get their hands on valuable information and large sums of cash. This particular kind of malware, which hijacks devices and demands a ransom for their return, has managed to conquer another kind of technology: smart TVs.

Last December, the American developer Darren Cauthon announced on Twitter that a family member’s television had fallen victim to one of these attacks. As Cauthon explained, it all came about after the victim had installed an app to watch movies on the Internet, apparently from a third-party website.

The television in question was an LG model that came out in 2014 that is compatible with Google TV, a version of Android tailored to televisions. Once it had infiltrated the device, the malicious software demanded a ransom of $500 dollars to unlock the screen, which simulated a warning from the Department of Justice.

The appearance of the false message would lead you to believe that it’s a version of the ransomware known as Cyber.police, also known as FLocker. Ordinarily this ransomware affects smartphones with Google’s operating system. After hijacking the device, the malware collects information from the user and the system, including contact information and the location of the device, to be sent encrypted to cybercriminals.

To avoid paying the ransom, Cauthon unsuccessfully attempted to restore the television set to factory values, but eventually had to resort to the manufacturer’s own services to return it to a state prior to the installation of the malware. Although his relative managed to regain control of the machine without paying any sum to the criminals, he did end up having to pay the manufacturer $340 for the service, not much less than the ransom itself.

The Cauthon case has not caught security experts by surprise, given that last summer a team of researchers had warned of FLocker’s activity on smart TVs. In addition to the United States, ransomware attacks have been reported on smart TVs in Japan.

LG’s post-2014 model are no longer compatible with Google TV, but rather use WebOS, an open source operating system based on Linux. However, new attacks should not be ruled out, as cybercriminals continually refine their tools, which are increasingly focused on infecting Internet of Things devices at business and in the household.

The post Your Smart TV Has Been Hijacked. To Continue, Please Pay Ransom appeared first on Panda Security Mediacenter.

When Ransomware Comes Knocking at Your Door… or Locks it

A lot of things can go wrong on your holidays, like losing luggage or missing a flight, forgetting your travel documents or getting sick at the worst possible time. But have you ever been locked out of your hotel room because of a cyberattack?

That’s just what happened to guests at a luxury hotel in Austria when they were left stranded outside of their rooms after a ransomware attack that overrode electronic key systems.

This concept, which can be summed up as “if you don’t pay, your guests won’t be able to get into their rooms”, underscores a strategy shift in ransomware. Instead of directly attacking the hotel chain directly, cybercriminals are looking to increase profitability by compromising the well-being of paying customers.

The Evolution of Cyberattacks against Hotels

Infected computers and POS systems, credit card theft, access to confidential information… in the age of the Internet of Things and smart homes, these attacks are becoming commonplace or even antiquated.

Clearly the attacks that this industry has been experiencing are not something casual or fleeting. Behind them lies a real economic interest and a preoccupation with stealthy operations. The hotel sector has become a major target for organized cybercriminals in possession of malware specifically designed to harm its running smoothly, not only in payment systems, but also by sealing off access to your room, turning lights on and off, or locking your blinds.

This is, undoubtedly, a worrisome situation that could cause significant harm not only on an economic level, but also a PR level, sowing fear among clientele.

Taking appropriate measures is a matter of necessity. Hotels are being forced to reinforce the security of their networks, devices, and systems to avoid becoming victims to this kind of attack. But not all protection systems offer the same level of security, nor are they all valid for any kind of business environment.

Traditional antiviruses are not effective against these attacks, since they are specifically tailored to the victim and are cleaned of all recognizable malware signatures before being launched. Current anti-malware solutions use proactive technology that rely on these signatures to catch malware, rendering them useless against attacks that actively avoid incorporating traits recognizable to these solutions.  That’s why it is vital to have advanced cybersecurity protection like Adaptive Defense 360, one that can activate protection systems before the malware is even able to run.

The post When Ransomware Comes Knocking at Your Door… or Locks it appeared first on Panda Security Mediacenter.