Global Cyber Attack: Security blogger Halts Ransomware By Accident

CYBER ATTACK HALTED BY ACCIDENT

The world has become much advanced since the inception of the internet. The internet has revolutionised the world and has been able to bridge the gap between the world. This has made the world a much better place to live. We are quite fortunate that we are living in this era to experience the impossible ones.

Well, there are many cyber-attacks which break the net often. Some become the easy victim of all this. Often we hear that the accounts have been hacked and this leads to the chaos. Recently there was a news of a UK security where he has reported to the BBC that how accidently he had brought a stop of the malicious ransomware which has affected the numerous organisations.

THE REPORT 

The man is known as the Malware Tech which is his pseudo name. After hearing about the technological news about the latest malware attack, he wanted to investigate the matter. The cyber-attack spread all across the globe and it has created a huge impact in the world of technology.

The technological news kept the update on this cyber-attack. After the investigation, he found that the solution and brought malicious ransomware to a halt. It appeared to be a kill switch in the code of the software. He admitted that the discovery was purely accidental.

Even after the accidental discovery, it did not let to the proper repair of the ransomware. The event brought a halt in spreading it to the other computers. Well this was something very crucial that has to be needed.

THE DISCOVERY

After the discovery, the guy found that the malware was trying to contact a particular type of web address every time a new computer was affected. The web address was not that simple. It was a combination of letters and moreover it was not registered. The person decided to register the web address and eventually he ended up buying the address for $10.69 (£8). This gave him the access where the computers were accessed from. This gave him the idea how the ransomware was spreading.

THE DEFEAT

The registration has only stopped but that doesn’t mean it had stopped the malware spreading. There are still files which will be held for ransom. The recent technology news have stated that the ransomware has started ignoring the kill switch. You should keep an update on the recent technology news to know more details.

THE IMPACT

The impact has been huge in the UK affecting the health clinics and several computers. There were many spam emails that appeared to contain invalid invoices and job offers. The incident took the world by storm. There were also many security warnings and other valid files.

The encrypted ransomware demanded almost payment of $300 to $600 to restore access. Well, this was a huge issue and the people had to face the consequences for this. The digital transactions went for a toss. The antivirus giant Avast had observed infections of more than 57000 in 100 countries.

Apple Mac Virus Can Take Screenshots and See Everything You Type

Mac Users Cautioned – Latest Dangerous Virus

Owners of Apple Mac are being cautioned regarding a latest dangerous virus which seems to view all things typed, takes screenshots every thirty seconds as well as accesses all your documents and the videos.Some years back, Flashback malware had broken a security flaw in Java and managed to infect 600,000 Macs, roughly 1% of the user base. Details regarding the same have been posted on the website of Apple.

Thereafter there have been other issues. The KitM.A backdoor application on OS X had taken screenshots of the desktop of user and recently the Rootpipe exploit seemed to be difficult in fixing it. Bogdan Botezatu, Senior E-Threat Analyst of Bitdefender has clarified that `Mac OS X software has more high-risk susceptibilities than all forms of Windows put together.

Apple markets these products as virus-free and states that you do not need an antivirus since they are aware that people hate antivirus software. These utilities often tend to slow down the computer, so they don’t want to promote them’. The Apple Mac virus is a kind of a malware known as Mokes.A which had been discovered by Stefan Orloff from Kaspersky Labs. Same type of malware had also been discovered earlier this year on windows.

Enables Hackers to Remotely Take Control

Since the virus has the potential of seeing what keys have been typed by the user, it tends to give cyber criminals access to passwords, details of bank account together with other personal information. Stefan warns that it also enables the hackers to remotely take control of a breached Mac.

The detection of this unusual OS X malware came up a week after Apple had been forced to release two major security updates for iOS as well as OS X operating systems. Updates had been released after security analysts found out that the hackers could control a device with only a click of a malevolent link.

 Though the devices of Apple are said to be less vulnerable to malware and the viruses than PCs, this is not the first effort that hackers have attempted to target the Mac computers. Mac users had been targeted, earlier in the year in a ransomware attack which could lock their machine till they had handed over payment to the hackers.

Mokes.A Virus – Infect Macs

iPhone users most recently had been continually under attack in an extensive range of phishing attacks. It was unknown how precisely the Mokes.A virus tends to infect Macs; it seems a complex thing for user to know how to defend themselves from it.

Often users are reminded to utilise the anti-virus software and refrain from downloading software, email attachments or any other files from any unreliable source. Users are recommended to always ensure that their operating system is kept up to date. Since several people refrain from using antivirus software on Macs, it tends to get difficult in handling the size of the risk.

Bogdan clarifies that the absence of adoption of antivirus solutions on Mac OS X is evading the truth since malware is not going to get reported. All are aware of the happenings in the Windows eco-system due to this visibility and threat intelligence, but with Mac OS X there is often no antivirus to report back to base’.

Chinese iPhone Users Hit by 'KeyRaider' Malware

iPhone had commanded a safe and sound to be true a secure history in its eight years of history. It happens to be the most secure smartphone till now. Most of the people resort to jailbreak the iPhone in order to download mobile apps from other online play stores. This seriously limits the security level by removing the system security features, which are made available on the iPhone by Apple. A malicious software had been successful in stealing a wide number of login names and passwords from more than 225,000 Apple accounts in China.

A security firm finds a rogue malware in iPhone devices

A security firm named Palto Alto Networks was investigating the suspicious activity found a wide number of Apple devices. During the investigation, it came across a malicious software family, which was specifically targeting the Jailbroken Apple iPhones devices for some time.

This malicious software is being KeyRaider and it has affected a large number of iPhone users in China along with 17 other nations.

How KeyRaider affected the iPhone users?

Once an iPhone user downloads and install the malware which remains hidden in the packages of codes and it offers a number of tweaks to the iPhone’s operating system. The Keyraider is designed in s such a way wherein it can easily intercept the user’s iTune’s login details and then store the same data on a remote server.

After stealing the user’s iTunes payment information and other details, attackers use it to install paid apps on other iOS devices. Palo Alto Networks had even found a separate app, which allows the users to install paid apps from the Apple app store of cost and till now this app has been downloaded more than 20,000 times. The payment from this free app is being done by the KeyRaider’s victims.

How serious is this attack?

For most of the iPhone users KeyRaider is not a big issue as long as they install only those apps, which are approved by the Apple’s app store. It should be noted that most of the iPhones are not Jailbroken but users who had already jailbroken their devices should certainly worry about the KeyRaider as it can easily steal their lognames and passwords and other things.

People who had already suffered from the damage of KeyRaider will find themselves being charged for someone else’s stolen iPhones apps. The security firm had even stated that in some cases it found evidence wherein malware was used in locking up the phone and asking for ransom.

Beware of third-party app stores

Apple devices are third most popular brand in China after the Huawei and Xiamoi as per the reports by IDC. Apple app store has a wide number security checks in place, which helps in thwarting the malicious apps from listing in the store and helps in safeguarding the iPhone users. But the third party app store doesn’t offer similar kind of security checks and controls in place which results in the distribution of malicious software.

Apple Laptops Vulnerable To Virus That 'Can’t Be Removed

Thunderstrike – Malicious Code in Boot ROM 

Security researcher has discovered a way to install malicious code on a small chip built in Apple laptop which would resist any attempt in removal of it and even replacing the entire hard disk will not be capable of deleting it.

 The attack named, `Thunderstrike’ installs the malicious code in the Boot ROM of the system through the Thunderbolt port. Thunderstrike is undetectable and would need an attacker to get access to a machine for a few moments and since it is new, no security software would be on the lookout for it. Trammel Hudson working for New York hedge fund Two Sigma Investments noted the discovery when his employer asked him to check into the security regarding Apple laptops.

He wrote a comment in an annotated version of a talk given at the 31C3 conference stating that they were considering deploying MacBook and was asked to use his reverse engineering experience to look into the reports of rootkits on the Mac. The first step he took was in dismantling one of the laptops in order to gain access to the boot ROM which is a small chip containing the code that enables the computer to operate when switched on, before the main operating system is loaded.

Bootkit – Difficult to Delete

The malicious code could be hidden in this ROM and unlike other normal virus residing on the hard disk, this particular one cannot be deleted which is known as bootkit. The code could be used to do anything, an attacker would desire, from covertly probing the user to leaking sensitive data that is available on the machine.

 Researchers, though earlier have observed that modifying the contents of the ROM in Apple laptops causes the computer being completely unusable and as security measures, one should look for any changes and shut down if they come across anything. Hudson was of the opinion that these security measures could always seem to be `doomed to fail’ or `futile’ since anyone getting access to the contents of the ROM could also get access to the code which checks the ROM for changes.

On the contrary, he states that there should be some unchangeable hardware chip which could perform these checks. It was also observed that the attack could be done without the need of physically taking the machine apart in order to get the chip, which can be done by using the Thunderbolt port and theoretically any device, a monitor, printer or hard disk could be utilised in stalling malicious code by plugging it in some simple steps.

Partial Fix - By Apple

Hudson informed that Apple is planning a `partial fix’, as a firmware update would stop the ROM from being overwritten with malicious code in certain situations, though not all, like when a machine is being rebooted with a malicious Thunderbolt device plugged in. He had approached the company regarding the flaw in 2013.

His suggestion to prevent the attack is to overwrite the ROM with their own code which would disable any remote attacks through the Thunderbolt port and then paint over the screws on the laptop with nail varnish to detect any unauthorised physical access to the ROM. This measure however is time consuming since it is out of reach to all but only to the most advanced security experts.

5 ways to increase security and privacy of your iPhone, iPad and Mac

Apple products are known for not just their simple yet awe inspiring designs but also the hardware mechanism that makes them such useful devices. The Apple product owners have from little to no reasons to complain and have been fully satisfied as far as the product performance is concerned. However, with the number of users increasing exponentially, it is only a matter of time when someone will be able to hack into the Fort Knox of devices. This is the reason why you as an end user should pay greater attention to the security of your iPhone, iPad and Mac.

Even though Apple makes its products more and more convenient with each upgrade, it is the responsibility of the end user to ensure its complete safety and maintain its privacy. Depending upon the sensitivity of the data on your device, you can toggle the settings on your phone and monitor the security arrangements. The idea is not make the phone so impenetrable that even the user gets nightmares while trying to get inside their device. However, the security and privacy tips will only make sure that breaking into your phone or device is extremely unattractive to the thieves or pranksters who can be dissuaded from their antics by just looking at the layered security.

Use a reasonably strong Pass Code 

The latest iPhone 5S has a biometric system which is unbeatable when it comes to identifying its true owner. However, for any other devices, the owners can use reasonably tough pass codes to unlock their phones. They should be hard to guess but not something you can’t easily memorize. iPhone 5S users can also use stronger pass codes rather than using the biometric unlocking system for added security.

Turn off Personal Notifications on the locked screen

While it is very simple to quickly gaze at notifications on the home screen, it can also be very unsafe if your phone is in the hands of anyone other than you. Your pass code lock will defeat the whole purpose if people can read your personal notifications even when the phone or the device is locked. It is better to turn off the notifications on your home screen when the screen is locked so that no one but you can read your private messages.

Go for 2-tiered security layer

This might seem a little over the top to add to layers of security on your Apple device. However, considering the sensitivity of the data we have on our phones these days, it seems like a very small level of security. All it takes is add another layer of password on the apps to get the added security. You can make your device twice as strong by just introducing another level of pass code.

Keep your web browsing private

If you do not wish your web browsing history to be tracked or recorded, you can use the private browsing feature of safari. You can also enable the private browsing from the bookmarks, tabs etc which makes it easier and more convenient. Also, if you are on the network that you do not trust and are using the browsing for personal and sensitive information then you can also gain access to the VPN service that will keep your data private. Needless to mention that with all the browsing that happens on internet enabled devices, you must also secure your devices with a reliable piece of antivirus software like Bitdefender Antivirus for Mac that will deter any hacker from trying to hack into your device.

Delete the Web History Data

If you have not used private browsing by Safari and now want to remove the data from your device, you also have the option of wiping your device clean and start afresh.

Cyber Security and Huawei

Despite optimistic growth forecasts, Huawei fight again and again against Western countries who continue to assert that the company infringes on cyber security.  At the root of these problems, the chain charges of dumping by Western governments but also and especially cyber espionage. According to the Intelligence Committee of the U.S. Congress, Huawei have strong collusion with the Chinese Communist Party, who would be capable of transmitting confidential information. Suspicions fueled by the fact that Ren Zhengfei, founder of the group is a former engineer PLA.

However, there is as yet no concrete evidence to suggest that Huawei has actually worked with the Chinese government for cyber espionage. According to Stewart Baker, a former assistant of the Department of Federal Security, the U.S. government does not even know clearly identify which suppliers and assemblers are influenced or subsidized by the Chinese government. The reason for the knee-jerk reaction of Western governments is she really a precautionary or rather a form of economic protectionism? Telecom contracts group, which is currently second-largest supplier of telecommunications equipment behind Ericsson continue in effect multiplying.


Guo Ping, CEO of the firm, was quick to respond to the escalation of radical measures to prevent the company to expand in the West assured that there had never been any incidents their products threatening computer network security. And he quoted, since they are the key suppliers of US networks there is no possibility of threat in terms of security for the US and he confidently assured that they will overcome the challenges and problems in a spirit of fairness and transparency  In December 2010, Huawei had already opened an assessment centre for cyber security, to publish tests to ensure the good faith of the company and providing concrete evidence to Western giants resistance of the material to cyber attacks.


It is true that Huawei is a company known for being at the forefront of technology. Therefore, the U.S. edition of Huffington Post questioned the character of the productive measures against blocking access to the U.S. market from Huawei. Paradoxically, wanting to protect themselves from cyber attacks, the U.S. government could make it more vulnerable to such attacks.A dozen technology companies have recently sent a letter to Congress stating that the bill is to restrict purchases of Chinese equipment actually preventing the United States from acquiring technology, placing the country "in below the curve of innovation in the field of security. "