Archives

New WannaCry XXL Attacks Transpired, Cyber Experts Revealed

Right after the previous cyber attack caused by Ransomware just a couple of weeks ago, there are now speculations that a second attack might transpire and bigger than the previous one.

Cyber crime experts are now looking at the WannaCry XXL and this is a bigger Ransomware attack if it transpires.

Based on the shared information online through rt.com, cyber experts are still monitoring the situation of the WannaCry Ransomware attack and yet a new possible larger attack might happen anytime. This is the second biggest cyber attack of unknown and experienced online hackers who are capable of using more inventive tools that can penetrate millions of sensitive data to their targeted victims.

These hackers are now preparing to launch the DoublePulsar and EternalBlue platforms, which the National Security Agency (NSA) created and utilized. Unfortunately, the ShadowBrokers cyber attackers were able to exploit them last month without any permission from the NSA.

In line with this issue, a security research expert from Proofpoint revealed his statement about the possible upcoming cyber attack.

“Initial statistics suggest that this attack may be larger in scale than WannaCry, affecting hundreds of thousands of PCs and servers worldwide: because this attack shuts down SMB networking to prevent further infections with other malware (including the WannaCry worm) via that same vulnerability, it may have in fact limited the spread of last week’s WannaCry infection,” Kafeine stated who is just using an alias.

According to the shared information online also, the objective of the newest attack is to utilize the two exploited platforms in installing Adylkuzz (a type of cryptocurrency miner) through wireless and local area networks. On the other hand, the process might possible slow down the spreading of the cyber attack.

Compared to WannaCry, the Adylkuzz somehow affected the performance of the computer and server because of extracting the cryptocurrency. However, it does not prevent the user from accessing the computer and information, the report added.

Experts recognized the process as “picking your poison.”

Based on the investigation of the researchers from Proofpoint, the attack using Adylkuzz might already transpire on April 24. Due to the issue about the WannaCry attacks, they did not give much interest on it.

The multiple cyber private servers attack made the internet prone to installing the Adylkuzz miner.

According from the report of Proofpoint, there are at least 3 addresses that generated huge amount of money before shutting them off. The total amount includes $7,000, $14,000 as well as $22,000.

The person responsible of the attack is knowledgeable about the vulnerability and so he/she replaces the payment address online on a regular basis.

In line with this, there are also reports about the latest revealed cyber weapon in Maryland last week. From the report of CBS Baltimore, some cyber bandits had stolen as well as illegally converted the tool for possible worldwide attack online.

This is actually the potential massive hacking software by the NSA. 

Some experts believe that NSA ought to be aware of the consequences and must protect all its tools use for surveillance purposes.

It is also alarming that a powerful spying device like EternalBlue from the headquarters of NSA in Maryland became a tool by the cyber criminals due to software flaw.

 

With the newest revealed massive attack, it might be possible that the world can expect more in the coming years.

Shadow Brokers Hacked Information through NSA, Makes the Agency Vulnerable

A professional hacking group released an information dump, which they allegedly stole from NSA detailing proved the capacity of the group to hack international banking institutions through Windows personal computers and servers utilized for financial transfers worldwide.

They recognized the group as the Shadow Brokers.

From the latest shared news information online, the group Shadow Brokers with the capability to hack international banks revealed information dump of which they allegedly stole from National Security Agency (NSA) financial detailing. According to the report, they released the data known as “Lost in Translation” wherein the listing includes Dubai Gold and Commodities Exchange, Qatar First Investment Bank as well as Tadhamon International Islamic Bank. All of these banking institutions were allegedly compromised by the hacking group.

Because of this kind of unlawful activity by professional hackers like the Shadow Brokers, the authorities are fearing that even the most secured methods in the world when we pay orders is becoming unsafe. Proved to this is the latest issue where hackers can compromise personal data such as penetrating the NSA.

Last month, there had been reports about the Central Intelligence Agency (CIA) unknown activities wherein they hack personal information from mobile phone users, especially from those who use iPhone devices. The reports added that the CIA utilizes its own strategies to monitor cyber activities, which many believe is illegal.

This particular revelation came from the WikiLeaks on March this year.

 

The Shadow Brokers were able to penetrate even the SWIFT Network, which they considered the safest way for financial transaction. This is the reason why many experts think that financial transactions worldwide is now possible vulnerable to hacking issues.

Based on the reported information, banks use SWIFT Network to transact trillions of dollars daily with almost 11,000 registered banks and securities organizations all over the world.

From the reports coming from Wired, the listed banks on the documents include a note “box has been implanted and we are collecting.” This is what the NSA utilizes to indicate spyware in determining it implanted on the computer successfully.

 Based on the investigation of Matt Suiche, the listed Internet Protocol (IP) addresses of the banks do not match the machine of the banks. Rather, they are listed to the machines through EastNets, which is the biggest Middle East’s SWIFT agency.

“This is the equivalent of hacking all the banks in the region without having to hack them individually,” said Suiche who is a security researcher.

In line with this, EastNets tweeted that hackers did not compromise their machines and the claims are not credible to involve them. On the other hand, Edward Snowden believed that the statement of EastNets is not real and that hackers attacked their systems. He added that almost all financial networking systems operating through Windows might be susceptible to hackers because the hacking arsenal of NSA is widely visible and easier for any hacking group.

Snowden is a former CIA contractor and left America few years ago after revealing leaks about phone surveillance and personal information online intercepted by American intelligence.

As for Microsoft, the company stated through Wired that it reviews the submitted report and assures to take the right actions to secure their valued clients.