Cyber News Rundown: April 2020

  • 30 April 2020
  • 0 replies
Cyber News Rundown: April 2020
Userlevel 7
Badge +7

Zoom Video Software Targeted by Hackers

With much of the world working from home, the need for teleconferencing has peaked. Hackers have taken notice, finding vulnerabilities within Zoom’s videoconferencing software to hijack online meetings. Over 400 new domains were registered through Zoom in just the last month, of which another decent percentage have been found to contain suspicious content or activity. Some other adware variants have been discovered spoofing Microsoft’s Teams while performing malicious activities in the background.

Malicious COVID-19 Websites Surge

More than 136,000 new domains have been registered referencing the COVID-19 pandemic in recent months, many of which have yet to be flagged. A large portion of these sites have been distributing phishing campaigns, with some creating fake bank login sites, using obviously inaccurate URLs, and packing them with pandemic buzz words. Hopefully, some domain registrars will implement better detection for these types of scam sites to stop people from becoming victims during an uncertain time.

Florida City Sees Lasting Effects of Ransomware Attack

Nearly three weeks after the city of Jupiter, Florida suffered a ransomware attack taking many of its internal systems offline, the city has yet to return to normal. City officials announced they would be working to rebuild their systems from backups, rather than paying a ransom. They have so far been able to restore a main website along with many essential services. The timing of the attack was problematic since most city staff was in lockdown and unable to access some compromised machines safely.

Los Angeles Suburb Hit with Ransomware

Last month, the city of Torrance, California fell victim to a ransomware attack that shut down many of its internal systems. Cybercriminals have demanded 100 Bitcoins in exchange for not releasing the stolen data. Along with stealing roughly 200GB of data from the city, the DoppelPaymer ransomware also encrypted hundreds of workstations after deleting all local backups. At this time, it is still uncertain if the city has chosen to pay the ransom or not, but the malware authors seem to have been diligent in removing any means for it to recuperate on its own.

Decryption Keys for Shade Ransomware Made Available

After nearly five years of operation, the creators of Shade ransomware have decided to close shop and release nearly 750,000 decryption keys along with an apology for any harm done. While most ransomware variants tend to purposely avoid Russia and Ukraine, Shade focused specifically on these countries during its run. Though the decryption and master keys have been made public, the instructions for recovering the actual files are not especially user-friendly and a complete decryption tool has yet to be developed.

0 replies

Be the first to reply!