Information Security & Occasional Forays Into Adjacent Realms
via TrendMicros' TrendLabs Threat Response Engineer Anthony Joe Melgarejo, cryptographic extortion enabled ransomware appears to be enlarging it's genre attack footprint based on first quarter 2015 statistics. Read the bad news here.
In a typically fascinating post, over at TrendLabs, written by Lambert Sun, Brooks Hong (Mobile Threat Analysts) and Feike Hacquebord (Senior Threat Researcher), we learn of a recently discovered iOS espionage tool. Ladies and Gentlemen, Girls and Boys, behold, the money quote:
"We found two malicious iOS applications in Operation Pawn Storm. One is called XAgent (detected as IOS_XAGENT.A) and the other one uses the name of a legitimate iOS game, MadCap (detected as IOS_ XAGENT.B). After analysis, we concluded that both are applications related to SEDNIT. The obvious goal of the SEDNIT-related spyware is to steal personal data, record audio, make screenshots, and send them to a remote command-and-control (C&C) server. As of this publishing, the C&C server contacted by the iOS malware is live." - via TrendMicro's TrendLabs blog authors Lambert Sun, Brooks Hong and Feike Hacquebord.
Ah, news outlets are reporting evidence release by the United States Department of Justice's Federal Bureau of Investigation; in this case detailing DPRK complicit activity in the now infamous SONY hack...
Word, of the resurrection of the Gameover Zeus Botnet has made the news... Yes, notwithstanding the original take-down, the botnet under the bot herders' command and control facility has arisen, as plagues always do.
Evidence of extortion racketeering bubbles up through the flotsam of crime targeting tech sector entities , worldwide. Bad tidings, yet hardly surprising.