Connect with us

People 'n' Issues

Malware demands Bitcoin ransom

Published

on

Security software provider ESET has reported that it has received multiple reports of a new malware-spreading campaign in various countries.

Security software provider ESET reports that it has received multiple reports of a new malware-spreading campaign in various countries, mostly in Latin America and Eastern Europe. It starts with a fake email purporting to contain a fax, but is in reality a campaign to spread malicious code. The code encrypts the victim’s files and is then used to extort a ransom in bitcoins for retrieval of the encrypted information.

Called CTB-Locker Ransomware, the malware has caused headaches for thousands of users. Poland, Czech Republic and Mexico iare the most affected, as shown in the following graphic:

The attack began with a fake email arriving in the users’ inbox.  The subject of the email pretends that the attachment is a fax; the file is detected by ESET asWin32/TrojanDownloader.Elenoocka.A.  If you open this attachment and your antivirus software does not protect you, a variant of Win32/FileCoder.DA will be downloaded to your system; all your files will be encrypted and you will lose them forever, unless you pay a ransom in bitcoins to retrieve your information.

Files with extensions such as mp4, .pem, .jpg, .doc, .cer, etc. are encrypted by a key, which makes it virtually impossible to recover the files. Once the malware has finished encrypting user information, it displays a warning and also changes the desktop background with a message similar to that seen in the image below:

unnamed

Another peculiar detail of CTB-Locker is this: not only is the message shown to the user in different languages , but it also displays the currency appropriate to that language. If the user chooses to view the message in English, the price is in US dollars, otherwise the value will be in Euros.

While the encryption technique used by CTB-Locker makes it impossible to recover files by analysing the payload, there are certain safety measures that are recommended for users and companies:

unnamed-1

·         If you have a security solution for mail servers, enable filtering by extension. This will help by allowing you to block malicious files with extensions such as .scr, as used by Win32/TrojanDownloader.Elenoocka.A

·         Avoid opening attachments in emails of dubious origins where the sender has not been identified.

·         Delete emails or mark them as spam to prevent other users or company employees being affected by these threats.

·         Keep security solutions updated to detect the latest threats that are spreading.

·         Perform up-to-date backups of your information.

Mitigating such attacks is no simple task, and you need to take a proactive stance by supporting security technology with awareness and education.

Featured

Blockchain unpacked

Blockchain is generally associated with Bitcoin and other cryptocurrencies, but these are just the tip of the iceberg, says ESET Southern Africa.

Published

on

This technology was originally conceived in 1991, when Stuart Haber and W. Scott Stornetta described their first work on a chain of cryptographically secured blocks, but only gained notoriety in 2008, when it became popular with the arrival of Bitcoin. It is currently gaining demand in other commercial applications and its annual growth is expected to reach 51% by 2022 in numerous markets, such as those of financial institutions and the Internet of Things (IoT), according to MarketWatch.

What is blockchain?

A blockchain is a unique, consensual record that is distributed over multiple network nodes. In the case of cryptocurrencies, think of it as the accounting ledger where each transaction is recorded.

A blockchain transaction is complex and can be difficult to understand if you delve into the inner details of how it works, but the basic idea is simple to follow.

Each block stores:

–           A number of valid records or transactions.
–           Information referring to that block.
–           A link to the previous block and next block through the hash of each block—a unique code that can be thought of as the block’s fingerprint.

Accordingly, each block has a specific and immovable place within the chain, since each block contains information from the hash of the previous block. The entire chain is stored in each network node that makes up the blockchain, so an exact copy of the chain is stored in all network participants.

As new records are created, they are first verified and validated by the network nodes and then added to a new block that is linked to the chain.

How is blockchain so secure?

Being a distributed technology in which each network node stores an exact copy of the chain, the availability of the information is guaranteed at all times. So if an attacker wanted to cause a denial-of-service attack, they would have to annul all network nodes since it only takes one node to be operative for the information to be available.

Besides that, since each record is consensual, and all nodes contain the same information, it is almost impossible to alter it, ensuring its integrity. If an attacker wanted to modify the information in a blockchain, they would have to modify the entire chain in at least 51% of the nodes.

In blockchain, data is distributed across all network nodes. With no central node, all participate equally, storing, and validating all information. It is a very powerful tool for transmitting and storing information in a reliable way; a decentralised model in which the information belongs to us, since we do not need a company to provide the service.

What else can blockchain be used for?

Essentially, blockchain can be used to store any type of information that must be kept intact and remain available in a secure, decentralised and cheaper way than through intermediaries. Moreover, since the information stored is encrypted, its confidentiality can be guaranteed, as only those who have the encryption key can access it.

Use of blockchain in healthcare

Health records could be consolidated and stored in blockchain, for instance. This would mean that the medical history of each patient would be safe and, at the same time, available to each doctor authorised, regardless of the health centre where the patient was treated. Even the pharmaceutical industry could use this technology to verify medicines and prevent counterfeiting.

Use of blockchain for documents

Blockchain would also be very useful for managing digital assets and documentation. Up to now, the problem with digital is that everything is easy to copy, but Blockchain allows you to record purchases, deeds, documents, or any other type of online asset without them being falsified.

Other blockchain uses

This technology could also revolutionise the Internet of Things  (IoT) market where the challenge lies in the millions of devices connected to the internet that must be managed by the supplier companies. In a few years’ time, the centralised model won’t be able to support so many devices, not to mention the fact that many of these are not secure enough. With blockchain, devices can communicate through the network directly, safely, and reliably with no need for intermediaries.

Blockchain allows you to verify, validate, track, and store all types of information, from digital certificates, democratic voting systems, logistics and messaging services, to intelligent contracts and, of course, money and financial transactions.

Without doubt, blockchain has turned the immutable and decentralized layer the internet has always dreamed about into a reality. This technology takes reliance out of the equation and replaces it with mathematical fact.

Continue Reading

Featured

Where mobility goes next

If we carry on addressing the need for mobility using the same paradigms and behaviours (such as car ownership and single person occupancy) that have existed since the early days of the Industrial Revolution we will doom ourselves to disaster, possibly even extinction, but says SIMON CARPENTER, Chief Technology Advisor at SAP Africa, Uber is an example of how networked technologies and digital platforms can change an industry and human behaviour at an exponential pace.

Published

on

It has been a long journey; one that started slowly and then accelerated at an exponential pace as we moved from the first wheel 5,000 years ago to the first steam-powered vehicle in the late 1700s to the internal combustion engine 159 years ago, the world’s first production motor car 27 years later (Karl Benz in 1886) and then very rapidly to flight, jet engines, gas turbines and today’s electric motors.

Along the way, the various modes of transport we have created have made incalculable contributions to socio-economic development and human progress. Apply your mind for just a moment and it’s hard to come up with a facet of modern life that is not impacted by some mode of transport or vehicular activity; whether it’s moving food from the farm to the fork, workers from the suburb to the workplace, tourists to their holiday destinations or patients to a hospital, transport and vehicles are inextricably involved in making society and economies work.

But, there is a downside to all this utility. As we stand at the tail-end of the industrial revolution and contemplate the future of humanity, it is clear that our love affair with the internal combustion engine has created some wicked problems.

The downside of mobility

Globally, the urban sprawl that personal mobility made possible in the first place has morphed into an unproductive commute in slow-moving traffic amplified by the fact that many of us travel alone in our cars. Today most people spend an increasingly frustrating chunk of their day and their disposable income simply getting to work. This problem is exacerbated in South Africa by the legacy of apartheid spatial planning which sequestered black people in townships far away from where they could find work. Most of those people are impoverished and therefore must spend a disproportionate and inequitable amount of time and money on their commutes.

The industrial-era paradigm of car ownership means we devote copious amounts of personal capital and social goods to acquire and house (i.e. park) vehicles that are used for a brief period each day. Those resources could be better used to address even more pressing concerns such as food security.

There is growing evidence to support the fact that vehicle emissions, both greenhouse gases and particulates, contribute not just to global warming but also the growing burden of chronic illnesses.  Recent studies have linked traffic pollution with reduced lung and cognitive function, and an increased risk of asthma, breast cancer, lung cancer, childhood leukaemia, heart disease, emergency hospital admissions and death.

And, of course there is the huge cost in lives and treasure associated with vehicle accidents. In South Africa alone 14,000 people die on the roads every year in accidents which cost our beleaguered economy ZAR 142 billion.

One thing is clear; if we carry on addressing the need for mobility using the same paradigms and behaviours (such as car ownership and single person occupancy) that have existed since the early days of the Industrial Revolution we will doom ourselves to disaster, possibly even extinction.

Reversing the challenges we have created will not be easy due to their multifarious, integrated nature and the many vested interests that will fight for the status quo. But, there is a solution at hand: Exponential Technologies, many of them digital in nature, accompanied by cultural, generational and societal shifts and innovative thinking offer us the opportunity to completely reshape how we move ourselves and our stuff around on this over-crowded little planet called Earth.

Exponential Technologies to the rescue

Uber is arguably the seminal example of how networked technologies and digital platforms can change an industry and human behaviour at an exponential pace. Uber’s system demonstrates the possibilities that emerge when exponential technologies such as smart mobile devices, networks and machine learning are synthesised with innovative thinking.

Another example is Nanjing City in China where authorities are using SAP’s real-time computing platform to gather data in real-time from cars, taxicabs, buses, traffic cameras and public transport users (via loyalty cards / tickets and mobile applications). Marrying this Big Data together (it amounts to some 23 billion individual records per year) provides deep insights into traffic patterns and trends. The beauty of the approach is that citizens get real time data that helps them plan their commutes better while city authorities use that same data to support short-term tactical decisions and long-term policy decisions such as where to invest in new roads or bus lanes.

These are great examples of how Exponential technologies such as IoT, Big Data, Artificial Intelligence and real-time computing can come together to solve complex problems in the real world. They are equally applicable in South Africa, where the apartheid regime’s spatial planning was such that black people were confined to townships on the outskirts of cities far from commercial and industrial centres. This legacy means that today the residents of these townships, often impoverished to begin with, must spend disproportionate amounts of time and disposable income to travel to their place of work. Exponential technologies could go a long way toward informing better policies from government and at the same time alleviating the daily travel woes of most of our population.

As the Digital Revolution takes hold we stand at a unique moment in human history with the opportunity to reshape our mobility systems for the better. Only we can choose – and only action will make it so.

Continue Reading

Trending

Copyright © 2018 World Wide Worx