Understanding Touch ID on iOS

Touch ID is one the more innovative things to come to iOS. It’s not just for unlocking your device. It also lets you make payments, authenticate a purchase in the App Store, and as of iOS 11 grant trusted access to a computer you connect your device to. Where Touch ID is incredibly powerful and convenient to use, it can be a security risk too. Touch ID is much easier to use to unlock a phone then say entering the passcode. If we’re talking about legal rights, you can’t be made to give up your passcode but you might coerced to use your Touch ID. Fortunately you can disable Touch ID from the lock screen in iOS.

Open the Settings app and go to Emergency SOS. Turn off the ‘Autocall’ option. That’s all. Now, whenever you need to disable Touch ID from the lock screen, simply press the power button five times in quick succession.

You will see the following screen. You can tap ‘Cancel’ if you have the time or you can do nothing and the screen will dismiss itself. After that, if you try to use Touch ID to unlock your phone, it won’t work. You will need to enter your passcode to get to your phone. Once you enter the passcode though, Touch ID can be used to unlock your phone again.

If you have the ‘Autocall’ feature enabled and don’t want to turn it off you can still use this feature but with extreme caution. Clicking the power button five times will automatically initiate the emergency call. If you aren’t experiencing an emergency then you have to cancel the call before the timer runs out. If you think you won’t be able to cancel it then it’s best to turn off your phone.

When you turn off your phone, and turn it on again, Touch ID is disabled by default. You will have to enter your passcode to unlock it. This might be a slightly inconvenient way to disable Touch ID but if you’re in a hurry, it works. Yet another alternative way is to use the wrong finger to unlock your phone. After five consecutive failed attempts to unlock the phone, Touch ID will be disabled.

Share This:

Mastering Password Managers

It goes without saying that everyone needs to use stronger passwords, and the best way to do that is with a password manager. The truth is, passwords that are hard to hack are very hard to remember, however you really do need long and complex passwords.

Top 3 Password Manager Apps for Android

That’s where password managers come in handy. There are all kinds of password managers out there, including some as basic as your browser’s rudimentary list of saved passwords list and some as elaborate as entire cloud systems that work across multiple devices and platforms.

All of these models have some basics in common: they store your passwords, they auto-fill details on login forms, and they keep your passwords encrypted in databases. The differences are where those databases are kept, the types of encryption and recovery options available.

Weaponized Math: Encrypted Passwords

Your browser can save passwords, but that often isn’t very secure. One of the main appeals of a password manager is that it saves all of your passwords behind one password in a single database.

Of course putting all your plain text passwords in one place isn’t much of a security measure in and of itself. Instead, your passwords must be encrypted, which secures your passwords. But since the amount of control over password databases can vary, you’ll want to figure out which model works best for you.

When boiled down, encryption is the use of math to disguise your data. The key used to transform the plaintext is randomly generated, the strength of the encryption is based on this key size in bits. In layman’s terms: the more bits, the more security. This is because the more compelx the key, the more complex the resulting output is.

Depending on the algorithm, that substitution is repeated. In certain cases, they key is transformed to further obscure the output. This process is creates what’s called a hash, which often has added salt—additional randomization added to the hashing process. This ensures the original value is completely obscured without the correct starting input, key, and salt.

There are additional factors like block size, initialization vectors, and other more advanced concepts. If you’re interested in the gory details, check out our detailed breakdown of encryption

Local Safes: Keeping Control

The best way to keep a secret is to never tell anyone. If you don’t want your passwords anywhere other than on your hard drive, a local password manager is your best option. This keeps your data on a device that you physically control, leaving your security directly in your own hands.

One of the more popular password managers is KeePass, an open source Windows solution with ports on Mac and Linux. It offers a lot of flexibility and control, including the ability to select between multiple encryption algorithms.

best password managers 2016 keepass

And if you’re looking for a complete escape from passwords, you can even use key files to unlock your passwords. (You put key files on a USB drive or other portable storage, then use the physical device as a key to authenticate with the machine.)

The downside to KeePass is the same as its strengths: you control the keys to the kingdom, so if you lose your key files or master password, you’re out of luck. In such a case, your only option would be to start over from scratch and set up every password again.

Your file is also limited to where you save it, so you’re responsible for any backups you want to maintain. If you want mobile sync, you’re going to need to do it manually (or with a separate syncing service like Dropbox) and a compatible reader on your tablet/phone. And if something goes wrong, you’re on your own.

Local managers give you a lot of security and control, but you lose a rescue plan and out-of-the-box portability.

Syncing Systems: Multiple Devices

If you’re juggling multiple devices with many passwords, keeping a master file locked on a PC somewhere is not the best solution — especially if you’re trying to log into Amazon on your phone or check your bank balance on your tablet. Don’t weaken the password just to make it more memorable!

That’s where hybrid approaches like 1Password come in, which uses Dropbox or your local network to automatically sync your password between devices. This gives you the ability to keep everything working across devices, but you are still the only one with the key to your data.

Image result for 1password logo

But you lose some of the crunchier options, such as multiple encryption algorithms and key file logins.

This fixes a lot of the downsides of the local-only option, as you can keep your phone, tablet, and computer all in sync. You’ll also need to trust Dropbox as a cloud host, though 1Password does add an extra layer of security on top with its own strong encryption, so you can rest assured of any security worries.

If you’re really worried about interceptors and other vectors of attack, you can just use your local network to synchronize your passwords across devices. You won’t have any hope of recovering a lost master password if you choose this route, but it does ensure that 1Password won’t have access either.

Cloud Services: Any Device, Anywhere

Keeping all of your passwords in the cloud requires a certain amount of trust in a company to do things the right way. My favorite choice here is LastPass.

LastPass keeps an encrypted copy of your password database in the cloud, making it available on almost every platform and browser imaginable. You will need a premium membership for several of their features, but the basics are there for free.

Image result for lastpass logo

Your devices do all of the encryption and decryption, ensuring that your master password is not on LastPass’s servers. If you don’t have access to the Web, a copy is cached locally so you can still unlock. There is an additional layer of protection in two-step verification as well.

You have to trust their security is as robust as promised, as LastPass makes for an obvious target for hackers. However, with a good master password and two-step verification enabled, you should be confident about the security of your password safe. And if you ever forget your password, you can recover your safe.

Literally the Least You Can Do

If you’re a Mac and/or iOS user, you already have access to a password manager built into your operating system: iCloud Keychain. This is an extension of the OS X keychain that uses iCloud to keep all of your passwords synced across devices.

Windows has a similar feature called Credential Manager, but it does not have the same cross-device syncing.

This is pretty comparable in terms of security to LastPass, but it’s limited to Apple devices. Unless you’re only running exclusively on Apple products, you’re going to be missing your passwords on some of your other devices, which can be a huge nuisance.

Yet even if you’re a big Apple fan, you still may not want to lock yourself into the platform because you never know what kind of other devices you may get in the future.

You Really Need a Password Manager

Unless you have an iron-clad memory, using different passwords across all of your accounts is going to prove difficult. Doing so with hard-to-crack passwords? Near impossible. Getting a password manager ensures that you can keep all of your accounts safe and secure using a single master password.

Find the model that works best with you and find the product that works best for your devices. Almost every manager has a free trial or free tier that you can try out. Once you’ve made your choice, go through all of your online accounts and update the passwords to be more complex.

That’s really all there is to it.

Share This:

Has Your Password Been Exposed ?

You know by now that you should be changing your passwords regularly. I have have been strongly recommending password managers for several years now. This is because every day there seems to be another cyber security crisis. If you haven’t changed your passwords recently, it’s now officially time: a massive database containing login credentials is floating around the internet.

Image result for password hack

We don’t know who’s behind the breach, but over 560 million leaked emails and passwords — 243.6 million unique email addresses — are compromised. First uncovered by the Kromtech Security Research Center, the leak has been confirmed by security researcher Troy Hunt, who created the “Have I Been Pwned” website.

What kind of information does it have?

The good news is, there hasn’t been a new hack: the trove of credentials is a collection of data from previous breaches at LinkedIn, DropBox, LastFM, MySpace, Adobe, Neopets, Tumblr and others. Some of these breaches are years old.

What makes this database troublesome from a security standpoint is how accessible it makes sensitive information. It basically compiled private data from various prior hacks to create one convenient database for hackers to illegally access.

Who is at risk?

Essentially, anyone who never updated their credentials at the time of the original breach. If you haven’t stayed on top of every hack and checked your status each and every time, then you could be at risk.

How to check if your credentials are compromised

The easiest way to see if your credentials are vulnerable is to go to Hunt’s site — Have I Been Pwned. Here, you can type in your email and find out if your email and password are safe or not.

Image result for pwned

You may have changed your password at the time of a given breach, but let’s be real: you may not remember. If you scroll below the results, the site shows you which breaches you were impacted by. To view information on sensitive breaches, subscription is required. If this is your first time on the site and you get the dreaded “Oh no—pwned!” message, then it’s best take a screenshot of the result and change your password immediately.

Why a screenshot? The site tells you how many “breached sites” it’s on (in other words, how many unique incidents took your credentials) and if there are any “pastes” — a paste is when the information is shared on a public website. Saving this information (you can also jot it down somewhere safely) can let you know in the future if you’ve been breached again if the information in the results change.

Don’t understand what’s going on? It’s okay. Just go change your email password to be safe. And be sure to create a strong password.

Share This:

Kaspersky Offers Free Antivirus Version

Image result for kaspersky png logoMy favorite antivirus solution is about to offer a free version.

Kaspersky is launching a free version of its award-winning antivirus software worldwide. Kaspersky Free offers the most basic protection for free for everyone who wants it. And all without bombarding you with ads.

Some of you may have noticed a downturn in the number of security issues you personally have encountered in recent years. This is mainly because hackers and cybercriminals have moved onto newer, more targeted means of making money. Such as ransomware and identity theft.

However, despite this change in strategy, you still need good security software and a modicum of common sense to stay safe online. Kaspersky cannot help you with the common sense part, but the Russian security company is offering to cover the other part of the equation. And all for free.

Kaspersky Now Offers a Free Antivirus

Kaspersky Free, which has been in development for 18 months, is now available in selected countries. In the words of Eugene Kaspersky himself it offers “the bare essentials: file, email and web antivirus; automatic updates, self-defense; quarantine; and so on.” Which are essentially “the indispensable basics that no one on the planet should do without.”

This free offering will exist alongside Kaspersky’s premium offerings. The latter offering extra features such as parental control, online payment protection, and a VPN. However, Kaspersky reasons that offering everyone basic protection will help it hone its machine-learning, therefore keeping everybody safer in the longterm.

Kaspersky Free is being rolled out around the world in stages, starting with the U.S., Canada, and several Asia Pacific countries. When it becomes available in your region you can download it directly from the Kaspersky website. All you need is a Windows-based system running anything from Windows XP up to Windows 10.

Offering a Basic Level of Protection

Kaspersky Free looks to be a really solid security option for anyone who just wants the basic level of protection. Kaspersky’s antivirus protection has always performed well in independent testing, so Kaspersky Free should keep you safe.

Share This:

Protecting Your Passwords with Ice Cream

As a reader of this fine technology blog you no doubt are taking your security seriously. One of the most important things you can do to protect your personal data is adopting a strong password plan. I have recommended LastPass many times in the past – and it remains my password manager of choice.

The problem has remained the same since the dawn of the internet. People generally do not always use effective passwords. They’ll often use things like their birthday or the name of their pet in their login information. To make matters worse, people have a tendency to use the same password for multiple accounts. This happens because birthdays and pets are easy to remember. The same goes for recycling the same password for multiple accounts. In an attempt to get users to create better passwords, some companies like Apple force them to include special characters, numbers, and an uppercase letter in the password. Browsers offer to remember your password for you and all you have to do is set a good one. Another solution is to use a password vault. A password vault is an app that stores your logins. It allows you to set complicated passwords and remember them.

If you have a shared computer, multiple vaults can be used to separately store information for everyone that uses it. The vault locks itself automatically after a set period of time. If you walk away form your computer and forget to lock it, the vault and the information in it will still be safe.

Storing Information

Ice Cream Password Manager lets you store more than just your login information and it’s duly sorted by the type of information it is. You can mark information that you frequently use as a ‘Favorite’ but it is otherwise sorted into categories like Login, Credit cards, bank accounts, identities, passports, etc.

These categories don’t just sort information. Each one has fields that make it easy to enter information. For example, the passport category has essential fields like issuing authority, the date it’s been issued and when it will expire, your date of birth, etc.

Similarly, the Bank accounts category has fields for entering your bank’s Swift code and your account’s IBAN number. What this essentially ensures is that you enter all relevant information that’s related to an entry. You might have to take the time out to fill it all in but once that’s done, you’re never going to have to search online or through physical papers to locate the information you need.

Desktop App And Chrome Extension

The desktop app and Chrome extension don’t need one another to function but, if you have both of them installed your information is synced. The extension makes it easier for you to add login information. Every time you log in to a new domain, the extension offers to save it.

One advantage that comes with the Chrome extension is that it has a password generator. The password generator doesn’t just give you a random password. You can specify the length and how many special characters you need in your password.

The Chrome extension syncs all the vaults you’ve created, password and all. Like the desktop app, the Chrome extension locks itself after a period of inactivity and you need to enter your vault password to access your information.

Backup

Ice Cream Password Manager lets you schedule regular backups. In fact, you can keep multiple, incremental copies of your data.

Additionally, you can sync your information with Dropbox.

Security

I mentioned early on that the Ice Cream Password Manager automatically locks itself after a period of inactivity. The app lets you choose what that period of inactivity is. You can also set it to automatically clear the clipboard one minute after you’ve copied any information from your vault.

Shortcomings

Ice Cream Password Manager is an overall well developed app. It has a couple shortcomings. (1) it doesn’t lock down characters for known fields. For example, passport numbers are only 9 characters long. Similarly, IBAN codes are 14 characters long. In both these fields, you can enter as many characters as you like. This is problematic because you might accidentally repeat a character when entering your information and never know it happened until you try and use it.

(2) Another problem is that there is NO mobile app. We often need our passwords while on the run and this is a serious flaw. However if you want a free password manager this looks like a fairly good option and hopefully a mobile app is on the way.

Ice Cream Password Manager is pretty well made. It’s stable and the information is quick to sync between desktop and browser. There’s a Firefox add-on in the works so there isn’t much left wanting. If you struggle with remembering your password, or your purposefully keep simple ones, give this app a try. It will help you set complicated passwords and remember them. It will also make sure you always have all your important information in digital form on your computer at all times.

You can learn more about Ice Cream Password Manager here.

Share This:

Verizon – Customer Records Exposed

As many as 14 million records of subscribers who called Verizon’s customer service in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems.

Image result for verizon wireless hacked

The data was found to be downloadable by anyone with the easy-to-guess web address.

It took Nice over a week before the data was eventually secured.

The customer records were contained in log files that were generated when Verizon customers in the last six months called customer service. These interactions are recorded, obtained, and analyzed by Nice, which says it can “realize intent, and extract and leverage insights to deliver impact in real time.” Verizon uses that data to verify account holders and to improve customer service.

Each record included a customer’s name, cell phone number, and their account PIN — which if obtained would grant anyone access to a subscriber’s account, according to a Verizon call center representative, who spoke on the condition of anonymity as they were not authorized to speak to the press.

Verizon has over 108 million post-paid wireless customers.

Six folders for each month from January through to June contained several daily log files, apparently recording customer calls from different US regions, based on the location of the company’s datacenters. Each record also contained hundreds of fields of additional data, including a customer’s home address, email addresses, what kind of additional Verizon services a subscriber has, the current balance of their account, and if a subscriber has a Verizon federal government account, to name a few. One field also appeared to record a customer’s “frustration score,” by detecting if certain keywords are spoken by a customer during a call.

Although the logs referenced customer voice recordings, there were no audio files found on the server.

Some of the records were “masked” in what appears to be a redaction effort to prevent an unauthorized disclosure of private information. But most of the customer records are in part or entirely visible.

Verizon said it was investigating how its customer data was improperly stored on the Amazon Web Services (AWS) server as “part of an authorized and ongoing project” to improve its customer service.

Verizon also would not say how it “masked” data, citing security concerns.

Share This:

Protecting Your USB Drives Made Easy

USB thumb drives are small, portable, and universally readable. These features make them perfect vehicles for transporting data between computers. Due to their portability, however, they are also easily lost. Hence, you should always protect sensitive files carried on a USB stick.

Image result for usb drives png security

Unfortunately, you cannot simply password protect your entire USB stick, like you can password protect your PC or phone. Tools that will seriously protect your data all work with encryption. Unless you want to invest in a secure flash drive with hardware encryption, you can use freeware applications to achieve a similar level of protection.

This article summarizes some of the easiest ways to password protect files and folders on your USB flash drive.

1. Save Individual Files With a Password

As mentioned above, you can’t safely password protect your entire USB stick without using encryption. However, if you shy away from the time-consuming encryption process of entire folders and need a really quick way to only protect a few selected files, you can simply save those with a USB password.

Many programs, including Word and Excel, allow you to save files with a password.

For example, in Word, while the document is open, go to File > Info, expand the Protect Document menu, and select Encrypt with Password.

Now enter your password and confirm it to protect your document.

Finally, save your document and don’t forget the password.

To password protect PDF files on your USB flash drive, you can use PDFTK Builder, which also comes as a portable app.

2. Create an Encrypted & Password Protected Partition

Many tools can encrypt and password protect your data. Most, however, require Administrator rights to run on any given computer. Tools like these are not a viable solution if you need to securely transfer data to a computer where you do not have Administrator rights.

Rohos Mini Drive, on the other hand, is a tool that will work whether or not you possess Administrator rights. The free edition can create a hidden, encrypted, and password-protected partition of up to 2 GB on your USB flash drive. The tool uses automatic on-the-fly encryption with AES 256 bit key length. Thanks to the portable Rohos Disk Browser, which you install directly to your flash drive, you won’t need encryption drivers on the local system. Subsequently, you can access the protected data anywhere.

Click Encrypt USB drive from the Rohos Mini Drive start screen, select the drive, specify a new password, and click Create disk. This will create a password-protected and encrypted container on your external drive.

You can open the protected container by clicking the Rohos Mini.exe icon from the root folder of your USB thumb drive. After entering the password, the Rohos disk will mount as a separate drive and you can access it via File Explorer. To close your Rohos partition, right-click the Rohos icon in the Windows Taskbar notification area and select Disconnect.

Find a more detailed description of Rohos Mini Drive in my PDF guide The Office Worker’s 101 Guide to a USB Thumb Drive.

3. Encrypt Your Entire Flash Drive

VeraCrypt is the successor of TrueCrypt. It comes as a portable app that runs directly from your flash drive. Unfotunately, it still requires Administrator rights to operate.It uses on-the-fly AES 256 bit encryption. The free version is limited to drive size of 2GB.

VeraCrypt features on-the-fly encryption using multiple different algorithms, including 256-bit AES, Serpent, and TwoFish, as well as combinations of these. Like Rohos Mini Drive, it can create a virtual encrypted disk that mounts like a real disk, but you can also encrypt entire partitions or storage devices.

Download VeryCrypt Portable and install it on your USB drive. When you launch the portable app, it will show you all available drive letters. Choose one and click Create Volume. This will launch the VeraCrypt Volume Creation Wizard.

To encrypt your entire USB flash drive, select Encrypt a non-system partition/drive and click Next.

In the next step, you can choose from a Standard or a Hidden VeraCrypt volume. Using a hidden volume reduces the risk that someone forces you to reveal your password. Note that you’ll have to format the entire USB drive if you want to create a Hidden VeraCrypt volume.

We’ll proceed with the Standard VeraCrypt volume. In the next window, click Select Device…, choose your removable disk, confirm with OK, and click Next.

To encrypt the entire USB drive, select Encrypt partition in place and click Next. VeryCrypt will warn you that you should have a backup of the data, in case something goes wrong during encryption. Now select the Encryption and Hash Algorithm; you can go with the default settings. Now you get to set your Volume Password. In the next step, your random mouse movements will determine the cryptographic strength of the encryption.

Now choose your Wipe Mode, the more wipes, the safer. In the final window, click Encrypt to start the encryption.

Download: VeraCrypt Portable

An alternative to VeraCrypt Portable is Toucan, a portable app that lets you sync, backup, and secure your files.

Bonus: Create a Password-Protected Archive

Archive tools like 7-Zip can also encrypt and password protect your files with AES-256.

Install and run 7-Zip, right-click the file or folder on your USB drive, and select 7-Zip > Add to Archive. In the Add to Archive window, choose the Archive format and add a password. Click OK to start the archiving and encryption process.

Download: 7-Zip

Your Files Protected

Now you know how to password protect and encrypt your USB drive.

Share This:

Fake Facebook Message Spreads – Do Not Be Fooled!

Do not panic Facebook friends! Your account has NOT been “hacked”.

A fake Facebook warning is urging users to avoid accepting a friend request from a user named Jayden K Smith because he is a hacker. Longer versions of this hoax claim accepting the user will result in your account getting hacked.

Image result for Fake Facebook message warns users not to accept Jayden K Smith hacker

This appears to be the latest in a string of fake hacker warnings, none of which have any validity. Such warnings are popular on social media – those that warn of a nefarious hacker who will compromise your security should you accept them into your digital life.

These types of warnings make little sense. You cannot be “hacked” just for accepting a friend requests, and if such warnings were true, why wouldn’t Facebook remove such offending accounts before such warnings had a chance to go viral?

It should also be noted that there are genuine accounts with the name Jayden K Smith but we’ve also seen a surge of fake accounts using this name claiming to be “hackers” pop up as a result of this viral rumour. These accounts belong to pranksters looking to exploit this rumour, not “hackers” or cyber-crooks.

Samples of these warnings include:

 Please tell all the contacts in your Messenger list, not to accept Jayden K. Smith friendship request. He is a hacker and has the system connected to your Facebook account. If one of your contacts accepts it, you will also be hacked, so make sure that all your friends know it. Thanks. Forwarded as received

 Don’t accept Jayden K. Smith , she is a hacker and will get into all your friends accounts on your friends list and hack them also so if you get a friend request from her name delete!!!

 To all!
Do not accept friends request from Jayden K. Smith! He is a hacker and if you accept, you and all your friends will be hacked!!!!!

These types of warnings have been around long before Facebook, affecting users of now defunct services such as MSN Messenger, where users would pass on warnings of phantom Messenger hackers trying to add themselves into your contact list. Such warnings were equally as spurious as their more recent Facebook counterparts.

Only last week of the date of this article another fake hacker warning was being spread warning of a hacker called Anwar Jitou, and much of these current warnings are penned exactly the same only with the name of the alleged perpetrator changed. It is likely that many of these warnings start as jokes but take a life of their own when users take them too seriously.

With that said, adding strangers on Facebook isn’t a good idea, and can potentially lead to compromising your privacy and your security, albeit not in the manner described in this warning. Accepting strangers gives them access to more of your personal information which can lead to issues such as identity theft.

Share This:

SpyDealer Invades Private Data on Android

A recently discovered Android Trojan can apparently steal private data from more than 40 applications.

Image result for spydealer

The newly discovered trojan, SpyDealer is capable of stealing sensitive messages from communication apps using the Android accessibility service feature, and gains rooting privileges with the help of exploits from a commercial rooting app called Baidu Easy Root. It uses root privileges to maintain persistence on the compromised device.

According to Palo Alto Networks, the Trojan can remotely control the device via UDP, TCP and SMS channels. It can steal information from popular applications such as WeChat, Facebook, WhatsApp, Skype, Line, Viber, QQ, Tango, Telegram, Sina Weibo, Tencent Weibo, Android Native Browser, Firefox Browser, Oupeng Brower, QQ Mail, NetEase Mail, Taobao, and Baidu Net Disk.

Once the malware has compromised a device, it can harvest an exhaustive list of personal information, including phone number, IMEI, IMSI, SMS, MMS, contacts, accounts, phone call history, location, and connected Wi-Fi information. It can also answer incoming phone calls from a specific number, can record phone calls and the surrounding audio and video, can take photos with the device’s cameras, monitor location, and take screenshots.

Palo Alto Networks researchers couldn’t determine exactly how SpyDealer infects devices, but say that it isn’t distributed through the official Google Play store and that some users might have been infected via compromised wireless networks. The Trojan is only effective against Android 2.2 to 4.4 releases, given that these are the only versions the rooting tool it uses supports, meaning that it could potentially infect around 25% of all Android devices.

Share This:

Petya Hackers Now Demanding $250,000

Friends, we do indeed live in a digital world. The battleground is more and more taking it to our digital data and less to traditional battlefronts as you can see with the growing Petya threat.

The authors behind the recent Petya ransomware attack, which rocked computers around the globe last week, have spoken out for the first time. In a message initially spotted by Motherboard on a Tor site known as DeepPaste, the Petya hackers have demanded 100 Bitcoins, currently worth more than $250,000, in exchange for a private key to decrypt disks affected by the attack.

Hackers behind Petya attack demand ransom of more than $250,000

Along with the message, the hackers have also made their first moves to recover ransom funds that were paid as part of the initial attack. From Motherboard:

At 10:10 PM UTC, the hackers emptied the bitcoin wallet they were using to receive ransom payments, moving more than $10,000 to a different wallet. A few minutes earlier, the hackers also sent two small payments to the bitcoin wallets of Pastebin and DeepPaste, two websites that let people post text online and are sometimes used by hackers to make announcements.

According to Forbes, the hackers also provided proof that they were indeed behind the attack by providing a signature for Petya’s private key. Two security researchers confirmed to Forbes that it was real.

Following the attack last week, Microsoft noted in a post on TechNet that the Petya attack actually had far less reach than was originally expected. More than 70 percent of affected machines were based in Ukraine, where the attack started. That has led some to speculate that Petya was a state-sponsored attack intended to do damage to Ukrainian digital infrastructure.

Share This:

1 2 3 38