Shamoon—the mysterious disk wiper that popped up out nowhere in 2012 and took out more than 35,000 computers in a Saudi Arabian-owned gas company before disappearing—is back. Its new, meaner design has been unleashed three time since November. What's more, a new wiper developed in the same style as Shamoon has been discovered targeting a petroleum company in Europe, where wipers used in the Middle East have not previously been seen.
Researchers from Moscow-based antivirus provider Kaspersky Lab have dubbed the new wiper "StoneDrill." They found it while they were researching the trio of Shamoon attacks, which occurred on two dates in November and one date in late January. The refurbished Shamoon 2.0 added new tools and techniques, including less reliance on outside command-and-control servers, a fully functional ransomware module, and new 32-bit and 64-bit components.
This is the story of how River City Media (RCM), Alvin Slocombe, and Matt Ferris, accidentally exposed their entire operation to the public after failing to properly configure their Rsync backups.
The data from this well-known, but slippery spamming operation, was discovered by Chris Vickery, a security researcher for MacKeeper and shared with Salted Hash, Spamhaus, as well as relevant law enforcement agencies.
While security practitioners are familiar with spammers and their methods, this story afforded Salted Hash with a rare opportunity to look behind the curtain and view their day-to-day operations.
A theoretical scenario that leverages the SHA1 collision attack disclosed recently by Google can serve backdoored BitTorrent files that execute code on the victim's machine, deliver malware, or alert copyright owners when their software has been pirated.
The theoretical attack, nicknamed BitErrant, is the work of Tamas Jos, a Hungarian security expert working for SWIFT, the company behind the SWIFT protocol used for international inter-banking transactions.
To understand the attack, users first need to understand how BitTorrent works. When someone creates a torrent file, they actually break up the original file into smaller chunks and save information about these chunks inside the torrent file.