StalinLocker Ransomware

A new , sophisticated screenlocker / Ransomware has been detected which gives you only 10 minutes to enter code or it locks your screen and starts wiping data on your PC.
stalin

It displays a screen that shows Stalin while playing the USSR anthem and displaying a countdown until files are deleted.

StalinLocker may land on computers via phishing emails and corrupted updates to browser plugins like Adobe Flash and Java. The StalinLocker is a severe threat to PC users as it is designed to wipe data securely if the victim fails to enter a “disarm code” on the Stalin Screen Lock window. Once the StalinLocker Wiper is on the computer, it loads ‘C:\Users\\AppData\Local\stalin.exe’ that covers the screen with a program window completely. As the name implies, the Screen Lock window includes a Photoshopped photo of Josef Stalin after he is appointed as the acting political and military leader of the Soviet Union (USSR). Additionally, it play an MP3 file from ‘C:\Users\\AppData\Local\USSR_Anthem.mp3’.

The Screen Lock message presented to users features the following quote from Josef Stalin:

Translated into English:
‘The victory of socialism in our country is assured
The foundation of the socialist economy is complete
The reality of our production plan is millions of working people who are creating a new life.
J. Stalin.’

A detailed review of the code showed that the StalinLocker Wiper is programmed to give its victims the chance to disable it by entering a code until eleven minutes (660 seconds) are passed. Researchers pointed out that the unlock code is a sequence of numbers. The correct sequence is determined by subtracting 1922.12.30 from the current date. Interestingly, December 30th, 1922 is the date the USSR was established after a revolution took over Russia. If PC users fail to enter the correct disarm code, the StalinLocker Wiper proceeds to delete all data on the local drives starting with drive letter A:\ all the way to Z:\. The StalinLocker Wiper is reported to terminate the processes of the Windows Explorer (explorer.exe) and the Windows Task Manager (taskmgr.exe) when it is loaded on the desktop.

The StalinLocker Wiper does not demand money from users like other Ransomware, and it does not need users to play a game to unlock their files . On the contrary, StalinLocker is a simple data wiper, which can be countered by only one way — backups. We advise PC users to incorporate a reliable backup solution such as provided by Max Total Security.

Cybersecurity Predictions for 2018

cyber-security-1

As BlackBerry’s Chief Security Officer, below are his predictions for 2018:

1. 2018 will be the worst year to date for cyberattacks

With 2017 being the worst year ever for cyberattacks, it’s tempting to think that we’ve hit rock bottom, but what we’ve seen so far is just the tip of the iceberg.

The fundamental issues that have caused the majority of recent cyberbreaches have not been resolved. IT departments are being tasked to manage increasingly complex networks, support new types of endpoints, and protect more and more sensitive data. Legacy systems are still rampant throughout most industries and cannot be easily upgraded or replaced. These systems often contain publicly known software vulnerabilities which can be exploited to penetrate the corporate network.

At the same time, attackers are getting increasingly sophisticated and have more incentives than ever to mount cyberattacks. From building ransomware or mounting DDoS attacks and demanding bitcoin payments, to working with organized crime and even national governments, malicious hackers have numerous ways to monetize their skills and to protect themselves.

2. Cyberattacks will cause physical harm

Securing the Internet of Things is even more important than securing traditional IT networks for one simple reason: IoT attacks threaten public safety. A hacked computer or mobile device typically cannot cause direct physical harm. While it’s certainly frustrating to have our personal information stolen, it doesn’t compare to the impact of being involved in a car accident or having your infusion pump or pacemaker compromised. IoT security will literally become a matter of life and death, and we cannot simply wait for that to happen.

3. Insurance and cybersecurity products will go hand and hand

Firms not only add more cyber policy holders to their roster, but also seek out two strategic avenues to help manage risk for them and their customers: products and experts.

Just like Progressive’s Snapshot plug-in device which helps the insurer provide personalized rates based on your actual driving, insurance companies will start selling products to help track their client’s security posture. They will even partner with security experts to appropriately evaluate a company’s ability to protect against a cyberattack. Scorecards will be given and companies that perform the best will be rewarded with a lower policy amount.

4. Hackers will target employees as they become a growing cybersecurity vulnerability

IT departments typically focus their spending on preventing external attacks, but the reality is that most data breaches start internally – either by sharing documents through unsecure, consumer applications or clicking on increasingly sophisticated phishing attacks.

While hackers are often depicted as technical geniuses using complex algorithms to break advanced cryptography, the reality is that simpler techniques can be just as effective. Criminal hackers aren’t seeking style points; they’re simply looking to breach the system as efficiently as possible. As our technical defenses continue to improve, employees will become the weakest link, increasingly targeted by attackers as part of their overall strategy.

In my opinion, in 2018 companies need to focus on good end point security products, with good essential technical support from vendor and if you do not have enough resources to keep a check on security then outsource to the security vendor who specilizes in detecting new outbreaks and can manage with advanced approach. Try Max Total Security which can fulfill all f your security concerns.

5 Common Hacking Techniques, you should watch out for

aa

 

According to Warren Buffett, cyber-attacks are a bigger problem to man-kind than nuclear attacks.

Depending on the type of hacker that is carrying out these attacks, the reasons behind them are varied. The motives range from personal, political, ethical or financial. By 2021, the costs from cyber-crime damage are expected to be $6 trillion per year and will rake in more profits than the global trade of all illegal drugs combined!
Here are 5 of the most common hacking techniques used to gain access to confidential data.

  • Cookie Theft/Cookie or Session Hijacking

Cookie theft, also known as cookie or session hijacking, is when an unencrypted session data is copied by a third party. It is then used to impersonate the real user to make financial transactions or posting false posts on their behalf.

  • SQL Injection

SQL (Structured Query Language) injection is one of the most common hacking techniques used in 2017. It is a code injection technique that inserts malicious SQL statements into an entry field and is used to attack data-driven applications. To prevent this attack from occurring, the use of prepared statements with parameterized queries is recommended.

  • Man in the Middle (MITM) Attack

A MITM attack is when data transmission between two people is intercepted. This can happen over any form of online communication, such as email, social media, etc. Transmitted data can be modified to trick either party in divulging sensitive information.  Encryption of emails through S/MIME (Secure/Multipurpose Internet Mail Extensions) is an optimal way to ensure only the intended recipients can read the emails.

 

  • Ransomware

Ransomware is a type of malware, which encrypts data on the infected system not allowing access until a ransom amount is paid to the hacker. The motive behind these attacks is almost always financial gain and payment is demanded via virtual currency. These attacks can occur through malicious phishing emails, infected software apps, infected external hard disks or compromised websites. The best way to protect your system from ransomware attacks is to make sure your anti-virus software is up to date.

  • Phishing

Phishing attacks occur when hackers impersonate a legitimate organization to gain access to confidential data such as usernames, passwords, credit card and bank account details, usually through electronic communication. Phishing attacks have evolved into many versions, such as: Deceptive phishing, Spear phishing, Whaling, Business Email Compromise (BEC), Dropbox phishing, etc. Like ransomware, most phishing attacks are also financially motivated.

The Bottomline

Threats to cyber-security are on the rise. With hackers using various innovative techniques to gain access to confidential data, the best way to protect your presence online is to make sure your anti-virus software is up to date.

To protect against online data theft, download Max Total Security today!

 

 

BananaCrypt ransomware

banana

BananaCrypt Ransomware is yet another ransomware that makes use of AES encryption to lock files and make them inaccessible. It adds .bananaCrypt file extension to stored files on the system and thereby forcing victims to pay $300 for file decryption.

The Bananacrypt ransomware is spread with some flaws in its code; hence, the encryption process is not carried out successfully. This was observed when analysing the sample obtained by malware researchers. The version analyzed have not created any file containing a ransom note, but it has been revealed that the Bananacrypt ransomware should create a notepad file named “readme.”

As soon as all files are encrypted by Banana ransomware, malware delivers a ransom note where cyber criminals give people instructions what they have to do. The full message of the ransom note:

!!!What happened!!!!
Your files have been decrypted using a unique key, generated for this computer
Send 300 USD worth of bitcoin to the address below to obtain your key to decrypt your files
Address: asdffdsaasdf
Dont waste your time looking for a way to decrypt your files. This is only possible using our decrypter

 

Ransomware-type cyber threats can be spread via:

  • malicious ads that can be placed on legit and corrupted sites;
  • fake software updates or downloads;
  • exploit kits that take advantage of the outdated software or operating system.

Do not pay any ransom to these warnings and always remember to use a good Total Security program such as Max Total Security which will take regular daily back up on your hard disk or another computer on network to restore in such times.