Page 49 - Cyber Warnings
P. 49
It was in the third quarter of this year that we became witness to a higher level of specialization
in the ransomware trade. The best example of this featured the creators of the ransomwares
Petya and Mischa, specialized in the development aspect of malware and its corresponding
payment platforms, leaving distribution in the hands of third parties, a practice that can be called
Ransom as a Service (RaaS).
Essentially, once they’ve done their part they leave it up to the distributers to be in charge of
infecting their victims.
Much like in the legal world, the distributers’ profit is derived from a percentage of the money
acquired. The higher the sales, the higher the percentage that they receive.
Business Email Compromise Phishing
This kind of attack is rapidly gaining in popularity. The attackers pose as the president or
financial director of a company and request a transfer from an employee.
Before doing so, they learn about how the company operates from the inside and get
information from their victims off of social networks to give credibility to their con.
One of the most resounding cases this year featured Mattel, the well-known toy manufacturer of
Barbies and Hot Wheels. A high ranking executive received a message from the recently
appointed CEO soliciting a transfer of $3 million to a bank account in China.
After making the transfer, he then confirmed with the CEO that it was done, who in turn was
baffled, since he had never given such an order. They got in touch with the American authorities
and with the bank, but it was too late and the money had already been transferred.
In this case they were fortunate. It was a bank holiday in China and there was enough time to
alert the Chinese authorities. The account was frozen, and Mattel was able to recover their
money.
Mobile Devices
SNAP is one the most popular vulnerabilities that we’ve seen this year. It affects LG G3
mobile phones. The problem stemmed from an error in LG’s notifications app, called Smart
Notice, which gives permission for the running of any JavaScript.
The researchers at BugSec discovered the vulnerability and notified LG, which rapidly published
an update that resolved the problem.
Gugi, an Android trojan, managed to break through Android 6’s security barriers to steal bank
credentials from apps installed on the phone.
49 Cyber Warnings E-Magazine December 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
