Daily Cyber News 10 Aug 17

Locky Ransonware Returns – Once considered the largest distributed ransomware ever, Locky, after a period of quietness is being heavily distributed again worldwide. Pushing a new variant, this campaign is being distributed through email with subject lines similar to “E[date] (random_number).docx (i.e. E2017-08-10 (736).docx).  The message within the email simply reads “Files attached. Thanks” If the attached zip file is opened, the ransomware will encrpt all files on victims computer with a message that people can unlock them for around $1,600 USD.
 
Make sure email controls and staff training are in place to spot this new threat as currently there is no way to decrypt encrypted Locky files.
 

 

DNA Hacking – Scientists have successfully encoded a software exploit in a gene to remotely hack into a computer. But why would you want to do this and how could it be useful? Well, this hack could target any computer in the DNA sequencing pipeline. The pipeline includes any facility that accepts DNA samples for sequencing and processing. This could lead to an attacker targeting police investigations by tainting blood, hair and saliva samples with malicious DNA.
 
There is no need for concern yet as the researchers rigged the test in their favour but it does show how hacking is developing and could become a factor in the future if the conditions are right for an attack.
 

 

 

Mughthesec – A potentially new set of MAC adware is going to be causing some people headaches in the coming months. I say new, as conflicting sources have said they have seen Mughthesec in the wild for the past 6 months. What makes this adware campaign particularly frustrating is that the only way to remove it and its secondary payloads is by reinstalling the macOS from scratch. The new name for the adware signals this is a new and improved version from the older OperatorMac adware family. Within the code of the adware is an MAC-address-based anti-VM detection system, which is signed by a valid Apple developer and allows it to pass undetected by Apple’s GateKepper system. The adware is believed to be spreading via malicious ads and popups on nefarious websites.

 
Like always keep your users trained and your policies up to date to prevent this appearing on your systems.