Lawrence Abrams reports: A new file wiping malware called Meteor was discovered used in the recent attacks against Iran’s railway system. Earlier this month, Iran’s transport ministry and national train system suffered a cyberattack, causing the agency’s websites to shut down and disrupting train service. The threat actors also displayed messages on the railway’s message boards…
Category: Malware
Ransomware via a call centre? BazaCall means no email attachment or link required for infection
Graham Cluley writes: Unsuspecting users of Office 365 are being tricked by a cybercriminal gang into calling a bogus call centre, with the eventual intention of installing ransomware onto their computers. Microsoft has warned that fraudulent emails are being sent out, attempting to trick users into calling a phone number operated by a cybercrime group. Read more…
Illinois AG Raoul Spends $2.5M On Ransomware Hack: Report
Jeff Arnold reports: Illinois Attorney General Kwame Raoul’s office spent more than $2.5 million for cybersecurity after a ransomware hack in April that put the personal data of an unknown number of residents at risk and came after federal authorities told him that his office’s cybersecurity systems were lacking. …. In the meantime, Raoul’s office…
Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves
Mathew J. Schwartz reports: The ransomware landscape constantly changes, which can make it difficult to track which attackers are coming, going or simply rebranding. One example is the DoppelPaymer – aka DopplePaymer – ransomware-as-a-service operation, which has gone relatively quiet since early May, posting no victims to its data leak site since May 6 and…
Za: Blood service hit by cyberattack
Hanno Labuschagne reports: The Western Cape Blood Service (WCBS) has confirmed its information systems have been hit by a cyberattack. The non-profit regional health organisation collects blood from voluntary blood donors in the Western Cape and provides safe blood products and services to the community. WCBS said a cyberattack incident was being investigated by contracted…
McAfee: Babuk ransomware decryptor causes encryption ‘beyond repair’
Jonathan Greig reports that a new report from McAfee Advanced Threat Research gives horrible reviews to Babuk’s cross-platform binary — so horrible that not only should victims not pay them, but affiliates should avoid them. “It seems that Babuk has adopted live beta testing on its victims when it comes to its Golang binary and…