TechSpot: Malware-packed pirated games infected millions of PCs, stealing data and hijacking webcams to photograph users

TechSpot: Malware-packed pirated games infected millions of PCs, stealing data and hijacking webcams to photograph users. “If you’re ever tempted to download a pirated game or app, remember that in addition to being illegal, there’s the risk of it containing some nasty malware. Millions of PCs were infected with a trojan virus using this method, leading to the theft of over 1TB of data, including email addresses, login credentials, and documents. It was even able to hijack a webcam and photograph users.”

The New Yorker: How to Negotiate with Ransomware Hackers

The New Yorker: How to Negotiate with Ransomware Hackers. “The F.B.I. advises victims to avoid negotiating with hackers, arguing that paying ransoms incentivizes criminal behavior. This puts victims in a tricky position. ‘To just tell a hospital that they can’t pay—I’m just incredulous at the notion,’ Philip Reiner, the C.E.O. of the nonprofit Institute for Security and Technology, told me. ‘What do you expect them to do, just shut down and let people die?’ Organizations that don’t pay ransoms can spend months rebuilding their systems; if customer data are stolen and leaked as part of an attack, they may be fined by regulators.”

Ransomware: Should paying hacker ransoms be illegal? (BBC)

BBC: Ransomware: Should paying hacker ransoms be illegal?. “Ransomware attacks prevent victims accessing computer systems or data until a ransom is paid. Law-enforcement agencies around the world are increasingly urging victims not to pay. But paying ransoms is not illegal. And many organisations pay in secret. Now, the Ransomware Task Force (RTF) global coalition of cyber-experts is lobbying governments to take action.”

Computerworld: Here’s what you can do about ransomware

Computerworld: Here’s what you can do about ransomware. “Last week, people in my neck of the woods, North Carolina, went into a panic. You couldn’t get gasoline for love or money. The root cause? Colonial Pipeline, a major oil and gas pipeline company, had been hit by a major ransomware attack. With four main fuel pipelines shut down, people throughout the southeast U.S. lined up at gas stations for every drop of gas they could get. You may not believe that ransomware is a serious threat. But I and most everyone else in the southeast? We believe.”

CNN: The bizarre story of the inventor of ransomware

CNN: The bizarre story of the inventor of ransomware. “Eddy Willems was working for an insurance company in Belgium back in December 1989 when he popped the floppy disc into his computer. The disc was one of 20,000 sent in the mail to attendees of the World Health Organization’s AIDS conference in Stockholm, and Willems’ boss had asked him to check what was on it. Willems was expecting to see medical research when the disc’s contents loaded. Instead he became a victim of the first act of ransomware — more than 30 years before the ransomware attack on the US Colonial Pipeline ignited a gas shortage in parts of the US last week.”

WUSA: Hackers demand $4 million ransom from DC police, as more officers’ confidential info posted to the dark web

WUSA: Hackers demand $4 million ransom from DC police, as more officers’ confidential info posted to the dark web. “In the latest escalation of an unprecedented cyber-attack against U.S. law enforcement, hackers belonging to the Russian-speaking Babuk syndicate posted a $4 million ransom demand against the Metropolitan Police Department on the dark web. The demand came as more D.C. police officers received notice their confidential information was included within the scope of the April hack.”

Gizmodo: New Google Play Store Rules Aim to Weed Out Spammy Apps

Gizmodo: New Google Play Store Rules Aim to Weed Out Spammy Apps. “In an attempt to boost confidence in its Play Store offerings, Google has announced new rules that will look to weed out misleading, low-quality apps from its marketplace. In an update published Thursday, the company announced new metadata policies designed to moderate how developers present their apps. The rules, meant to drive more ‘meaningful downloads’ for consumers, will take effect later this year.”

Miami Herald: Hackers post online thousands of Broward schools files, including student, teacher info

Miami Herald: Hackers post online thousands of Broward schools files, including student, teacher info . “Hackers who broke into Broward County Public Schools’ computer system last month made good on their threat this week to release thousands of files that they stole from the district. The group, known as Conti, published almost 26,000 files on its website, which threatens other businesses and organizations they target that unless they pay ransoms, their files, which may contain personal information, will be released as well.”

WUSA: MPD officer files obtained in server cyberattack, Chief Contee says

WUSA: MPD officer files obtained in server cyberattack, Chief Contee says. “Police files containing personal information on some MPD officers were compromised following a cyberattack on one of the DC Police Department’s internal servers, according to acting Chief Robert Contee. Hackers had previously claimed they’d posted confidential officer dossiers online. In an email sent to DC Police, Contee said files containing personal information had been obtained during a Babuk ransomware attack.”

TechCrunch: Facebook ran ads for a fake ‘Clubhouse for PC’ app planted with malware

TechCrunch: Facebook ran ads for a fake ‘Clubhouse for PC’ app planted with malware. “Cybercriminals have taken out a number of Facebook ads masquerading as a Clubhouse app for PC users in order to target unsuspecting victims with malware, TechCrunch has learned. TechCrunch was alerted … to Facebook ads tied to several Facebook pages impersonating Clubhouse, the drop-in audio chat app only available on iPhones. Clicking on the ad would open a fake Clubhouse website, including a mocked-up screenshot of what the non-existent PC app looks like, with a download link to the malicious app.”

BBC: Cyber-attack hackers threaten to share US police informant data

BBC: Cyber-attack hackers threaten to share US police informant data. “Washington DC’s Metropolitan Police Department has said its computer network has been breached in a targeted cyber-attack, US media report. A ransomware group called Babuk is reportedly threatening to release sensitive data on police informants if it is not contacted within three days. The FBI is investigating the extent of the breach, US media reported, citing the Washington DC police department.”