Putin: WannaCry Ransomware Backfired on Microsoft and US intelligence services

[HAPPY2BME]

The outbreak of the virus, dubbed WannaCry, began last Friday. According to some cybersecurity experts, it is based on an NSA-developed tool that was leaked to the public by a group called Shadow Brokers. The virus, which is ravaging computer networks worldwide, encrypts user files and demands a ransom in cryptocurrency Bitcoin to release them.

Putin: WannaCry Ransomware Backfired on its Creators

Russian President Vladimir Putin noted that the WannaCry cyber attack is an example of intelligence agencies creating weaponized malware and it backfiring on its creators.

(WASHINGTON, DC) President Putin addressed the recent ransomware attack while speaking in Beijing, China at the One Belt One Road silk road conference over the weekend.

The ransomware was apparently developed in the U.S., Putin said. “Microsoft’s management has made it clear that the virus originated from US intelligence services,” the Russian president stressed.

Putin added that launching cyber-viruses is “lifting a lid” that "could backfire on those who developed and created them," including intelligence agencies.

The ransomware attack that affected thousands of computers all across the globe should encourage the international community to tackle cybersecurity on “the highest political level,” he added.

Last year, Moscow proposed discussing cybersecurity threats with Washington with the aim of drafting a bilateral agreement, but to no effect. “Unfortunately, they refused our proposal,” Putin said.

“The previous administration told us they were interested in reaching back to this proposal again, but nothing was actually done,” he explained.

Though the attack did not significantly affect Russia’s cyber infrastructure or the systems used by its banks and healthcare facilities, it is an issue of concern, Putin noted.

The outbreak of the virus, dubbed WannaCry, began last Friday. According to some cybersecurity experts, it is based on an NSA-developed tool that was leaked to the public by a group called Shadow Brokers. The virus, which is ravaging computer networks worldwide, encrypts user files and demands a ransom in cryptocurrency Bitcoin to release them.

http://www.trunews.com/article/putin-wannacry-ransomware-backfired-on-its-creators

[HAPPY2BME]

ISIS Vows to Kill Man Who Hacked 250 ISIS Twitter Accounts and Posted Gay Porn



Hacker breaks into 250 ISIS accounts and posts gay porn.

    Unverified but hilarious! #hero #gay #gayISIS #yeasss pic.twitter.com/M5noZ1MBLI

    — kathleen kiddo (@djdancingfool) May 4, 2017

The hacker said he did it for the lives lost at the Pulse dance club in Orlando.

http://www.thegatewaypundit.com/2017/05/isis-vows-kill-man-hacked-250-isis-twitter-accounts-posted-gay-porn/

[HAPPY2BME]

Cyber attack latest: Vladimir Putin blames US for hack as thousands more computers hit by ransomware



Putin blamed the US for creating tools to exploit Microsoft flaw and denies Russian involvement in the hack

The cyber attack, which wreaked havoc at dozens of NHS trusts on Friday, has continued to spread, hitting thousands of computers in China and Japan.

Putin said Russia had "nothing to do" with the attack and blamed the US for creating the hacking software that affects Microsoft computers. 

http://www.telegraph.co.uk/technology/2017/05/15/nhs-cyber-attack-latest-authorities-warn-day-chaos-ransomware/

[HAPPY2BME]

Massive Ransomware Outbreak Thanks to NSA - WannaCry Worm Spreading Fast

[youtube]https://www.youtube.com/watch?v=ibLaCEL8E4E[/youtube]

[HAPPY2BME]

FWIW, in the past three days, Microsoft has an update that blocks this virus from attacking your computer, so you should probably update your Windows before it gets hit.

There are patches for Windows 7, 8, and 10 from the Microsoft update tool within your operating system.

[HAPPY2BME]

A 22-year-old who lives with his parents stopped the worldwide malware hack by registering a domain for $10.69

 The "accidental hero" who halted the global spread of an unprecedented ransomware attack by registering a garbled domain name hidden in the malware has warned the attack could be rebooted.

The ransomware used in Friday's attack wreaked havoc on organizations including FedEx and Telefónica, as well as the UK's National Health Service, where operations were canceled, X-rays, test results, and patient records became unavailable, and phones did not work.

But the spread of the attack was brought to a sudden halt when one UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from the security firm Proofpoint, found and inadvertently activated a "kill switch" in the malicious software.

The kill switch was hard coded into the malware in case the creator wanted to stop its spread. This involved a very long nonsensical domain name that the malware makes a request to — just as if it were looking up any website — and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading. The domain cost $10.69 and was immediately registering thousands of connections every second.

http://www.businessinsider.com/how-22-year-old-stopped-global-cyberattack-ransomware-registering-domain-2017-5

[HAPPY2BME]

In Computer Attacks, Clues Point to Frequent Culprit: North Korea

Intelligence officials and private security experts say that new digital clues point to North Korean-linked hackers as likely suspects in the sweeping ransomware attacks that have crippled computer systems around the world.

The indicators are far from conclusive, the researchers warned, and it could be weeks, if not months, before investigators are confident enough in their findings to officially point the finger at Pyongyang’s increasingly bold corps of digital hackers. The attackers based their weapon on vulnerabilities that were stolen from the National Security Agency and published last month.

https://www.nytimes.com/2017/05/15/us/nsa-hacking-shadow-brokers.html?_r=0

[HAPPY2BME]

Microsoft Blames NSA for ‘WannaCry’ Cyber Extortion

Software maker sent patch 2 months ago for flaw used in large-scale ransomware

BY: Bill Gertz   
May 16, 2017

Technology giant Microsoft is blaming the National Security Agency for the cyber extortion that hit hundreds of thousands of computer networks worldwide.

Tom Bossert, White House assistant to the president for homeland security and terrorism, said the ransomware infected more than 300,000 computers in 150 nations. "The good news is the infection rates have slowed over the weekend," he told reporters.

The ransomware extortion scheme is one of the largest computer attacks recorded.

The attack involved remote break-ins of computers that scrambled key data inside infected systems, followed by offers from the attacker to unscramble the data if victims pay $300 in Bitcoin, the digital currency.

The ransomware used in the hack exploited a vulnerability purportedly from NSA called EternalBlue, according to cyber security experts. Microsoft issued the patch shortly after the vulnerability was made public.

Bossert said the hackers have been paid less than $70,000 by victims so far.

Attacks by WannaCry, also called WannaCrypt, WCry, and Wanna Decryptor, were reported in China, Russia, Taiwan, France, and Japan, according to an FBI notice sent Saturday. The malware has been identified using 27 different languages.

Authorities are investigating who is behind the attacks, but a Russian cyber criminal group is suspected.

Some cyber security investigators think North Korean hackers may have conducted the attack.

"We don't know," Bossert said when asked who conducted the attack. "Attribution can be difficult here. I don't want to say we have no clues."

The FBI said the hacker or hacking group behind the ransomware gained access to servers either by compromising Windows' Remote Desktop Protocol or by exploiting a critical flaw in its Server Message Block, a computer file-sharing system.

Microsoft issued a security update for the vulnerability on March 14, 2017.

http://freebeacon.com/national-security/microsoft-blames-nsa-wannacry-cyber-extortion/

[HAPPY2BME]

More Clues Suggest North Korea Behind Massive Cyber Attacks

More reason to stop them…

Via Daily Caller:

    The WannaCry ransomware attack that wreaked havoc on computer systems around the world over the past few days may be the handiwork of North Korea, some early clues suggest.

    Google security researcher Neel Mehta sent out a tweet Monday linking two samples of malicious code: One from an early version of WannaCry and the other from the Lazarus Group, a collection of cybercriminals reportedly affiliated with North Korea.

    Lazarus launched an attack on the Bangladesh central bank’s account at the Federal Reserve Bank of New York from an IP address in North Korea, according to Kaspersky Lab. The hackers stole $81 million. Lazarus has been active for years, but it wasn’t until recently that researchers discovered a connection to North Korea. The Lazarus Group is also reportedly behind the infamous Sony hack, as well as a breach at a Polish bank.

http://dailycaller.com/2017/05/16/more-clues-suggest-north-korea-behind-massive-global-cyberattack/

[HAPPY2BME]

Online pirates claim to hold Disney's latest 'Pirates of the Caribbean' movie hostage, demand ransom



ackers have once again struck at Hollywood, this time claiming one of the summer’s biggest blockbuster releases — Disney’s “Pirates of the Caribbean: Dead Men Tell No Tales,” the fifth installment in the highly profitable swashbuckling franchise, starring Johnny Depp.

Walt Disney Co. Chief Executive Bob Iger told ABC employees in New York on Monday that hackers have claimed to have stolen a movie and are threatening to release it in segments until their demands, which include a pirate-like ransom paid with Bitcoin, are met.

Iger didn’t identify the movie, and the Burbank-based Disney declined to comment. But a person with knowledge of the situation who was not authorized to comment said the movie that was hacked was the new “Pirates of the Caribbean” sequel.

“Pirates” is set to open nationwide on May 26. The last four installments in the franchise have been huge successes for Disney, collectively grossing nearly $3.73 billion worldwide.

The theft comes a few weeks after hackers stole the latest season of Netflix’s “Orange is the New Black.” Hackers leaked episodes of the new season after Netflix refused to meet their demands.

Disney is currently working with federal authorities to investigate the attack, according to another source not authorized to speak to the media.

News of the “Pirates” hack was earlier reported by the Hollywood Reporter and Deadline.

The hack is believed to be unrelated to a massive ransomware attack that has spread across the globe. Ransom-style computer attacks have grown in popularity in the last few years as banks and other institutions make it harder for hackers to infiltrate their systems.

http://www.latimes.com/business/hollywood/la-fi-ct-disney-pirates-caribbean-hack-20170515-story.html