NotPetya – infection by legitimate auto-update

It seems the malware NotPetya, which infected mainly computer in Ukraine recently, was spread by a regular software update. As reported previously, the option to decrypt data is only “simulated” – a real decryption is not possible. Backdoor in .NET According to an analysis by ESET the tax software M.E.Doc – a popular tax software in Ukraine – Read More …

Petya master key published

The author of the ransomware Petya, who attacked many PC in 2016 posted a link to an encrypted file on mega.nz via Twitter on Wednesday. Meanwhile the encrypted file was cracked by Malwarebytes, and they shared the content: Congratulations! Here is our secp192k1 privkey: 38dd46801ce61883433048d6d8c6ab8be18654a2695b4723 We used ECIES (with AES-256-ECB) Scheme to encrypt the decryption Read More …

WannaCry: Now speed cameras hit (not?)

Next attack in the never-ending WannaCry-Story. This time 55 speed and red-light cameras in Australia are affected according to news reports – approx 600 tickets have already been withdrawn. Up to 8.000 penalties withdrawn ? Calculations come up to an ammount of 8.000 penalties that might be withdrawn in total the next days. According to Australian Police, the Read More …

WannaCry: more details about the ransomware attack

Meanwhile, the major attack of WannaCry aka WanaDecrypt0r 2.0 has been stopped. As I noted in my previous post, some  stop switch was found by accident when an expert noticed that a special domain gets addressed from WannaCry. As the domain was available, he registered it hoping to collect more information and data sent out from the ransomware. Read More …

Massive Cyberattack hits UK Health System, Deutsche Bahn

A massive Cyberattack that seems to have source in Russia currently spreads the world. After first analysis by Kaspersky and Avast they think it’s a new version of the crypt locker WannaCry. The software requires a payment of 300$ in bitcoins to release the encryption key, and blackmails the owners that the key would be deleted in Read More …