Security Alerts & News
by Tymoteusz A. Góral

#723 On the monetization of crypto-ransomware
Over the last few years, technologies and infrastructure, in the form of crypto-currencies, the dark web and well-organized criminal affiliate programs have aligned to create the perfect storm. And from that storm, the crypto-ransomware beast has arisen.

There’s a reason why crypto-ransomware is making the news almost daily – it’s unique compared to every other threat we’ve seen in the last few years in that it offers a tangible service to the victim – pay the ransom and you get your files back. And, as we’ve seen in an increasing number of high-profile cases, this is exactly what people are doing. There’s no need to remind you of a recent case where a hospital shelled out a considerable sum of Bitcoin to recover their infrastructure. It has been estimated that the crypto-ransomware industry makes as much as 100,000,000 EUR per year.

Crypto-ransomware continues be a lucrative money-making vehicle for criminals, and it’s possible it will continue displace alternative malware models such as banking trojans as time goes on. As with all business, focus must invariably shift into models that optimize and improve return on investment. We liken the business models of today’s ransomware campaigns to those of the early Internet era – still very simple in nature and largely unfocused. The bottom line is there’s still a great deal of room for creativity and innovation. The business models behind crypto-ransomware are slowly maturing and recently we’ve started to notice some attempts at innovation.
Read more
#730 Opera launches 'free and unlimited' VPN app for iOS
#729 GoDaddy addresses blind XSS vulnerability affecting online support
#728 Police allege SWIFT technicians left Bangladesh bank vulnerable
#727 Researcher arrested after reporting pwnage hole in elections site
#726 Bucbi ransomware gets a big makeover
#725 How was this Windows Store app able to download adware to a Windows 10 PC?
#724 ImageMagick vulnerability allows for remote code execution, now patched
#723 On the monetization of crypto-ransomware
#722 Lego-driven robot programmed to hack gesture-based security
#721 Qatar National Bank suffers massive breach
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12