Ransomware, 15.5.17 Dark Web and Cybercrime Roundup

Ransomware, 15.5.17 Dark Web and Cybercrime Roundup

Ransomware Hackers Launch Global Assault

An unknown actor exploited a known security vulnerability (thanks to the Shadow Brokers) in unpatched versions of Windows. Using the exploit, an entity spread ransomware called WannaCry at a rate Europol called “unprecedented.” The ransomware practically shut down hospitals across the world, even though healthcare was not specifically targeted. WannaCry (“Wana”) and variants (without the kill switch) infected close to 100 countries and critical infrastructure, this time, has proven to be the most vulnerable. DeepDotWeb

  • Global ‘Wana’ Ransomware Outbreak Earned Perpetrators $26,000 So Far – KrebsonSecurity
  • “Pay extra money to us [Microsoft] or we will withhold critical security updates.” – NY Times
  • WannaCry ransomware used in widespread attacks all over the world – Securelist

Italy Watched the Italian Darknet Community Since 2016

On April 28, Lecco Police conducted a live press conference where officials announced an ongoing investigation into the Italian Darknet Community. Specifically into the three caught the day of the press release: Kriminale, a former Silk Road vendor; Skytec, an IDC vendor known for creative stealth measures; and, most importantly, an unnamed money launderer who laundered money for the bigger players on IDC. They conducted over 50 raids. DeepDotWeb

US Charges Teenager for 100s of Fake Bomb Threats

An 18-year-old, living in Israel, tormented Jewish Community Centers with fake bomb threats. The police would respond, prepared for action, but the threats never culminated into something real. He called the police over a fake active shooter situation and later called Athens, GA. police about a phony ongoing home invasion. After a lengthy investigation where investigators crawled through the safety nets implemented by the nuisance, the law found that the suspect sold drugs on the darknet. The state of Florida (and GA) had their fill and filed a formal complaint against the young man. DeepDotWeb

  • United States v. Michael Ron David Kadar Complaint in Georgia – GA District Court (Scribd)
  • U.S./Israeli Man Charged in Connection with Threats to Jewish Community Centers, Conveying False Information, and Cyberstalking – DoJ

US spymasters trash Kaspersky: AV tools can’t be trusted, we’ve stuck a probe in them

Directors of five United States intel agencies voiced unanimously strong opinions that Russia involved itself in the US elections. They alleged that Russia, in general, proved a threat to the United States. Including Kaspersky Lab antivirus. Incidentally, Eugene Kaspersky held a Reddit “Ask Me Anything” Q&A session as the intelligence meeting unfolded. Kaspersky said that he would be glad to testify in front of the Senate. “We don’t share any user data with any government including Russia. We don’t have ties to any government other than paying taxes (we pay taxes in many countries as we are a very international company),” he wrote in a response on Reddit. The Register

  • I’m Eugene Kaspersky, cybersecurity guy and CEO of Kaspersky Lab! Ask me Anything! – Reddit
  • Statement Regarding Recent False Allegations about Kaspersky Lab – Kaspersky

“Putin signed a decree against anonymity online”

While the keywords are proposed, the Russian .onion forums, Runion especially, just became increasingly concerned with internet privacy and security. According to the Digital Economy (Цифровая экономика) compilers, the majority of traffic within Russia goes from one user (of runet services) to an endpoint in Russia. Problematically, it does so by traveling outside the country and returning to the intended recipient within Russia. “Some Russian traffic is inevitably poisoned by servers in other countries,” Internet Ombudsman Dmitry Marinichev said. Runion (Russian .onion)

  • Communications Ministry proposes not to let Russian traffic outside the country in order to prevent wiretapping – Geektimes.ru

ICYMI: Authorities Bust Bloomsfield Market Owner in Slovakia

Thanks comments right here on DeepDotWeb, we identified a Slovakian “vendor” who also ran a darknet marketplace and a vendor shop. The darknet market, Bloomsfield, did not end up a successful market. However, law enforcement busted the vendor with more than $200,000 in Bitcoin. TheRealDeal identified an anonymous DeepDotWeb commenter as the Bloomsfield marketplace owner, amongst numerous other online identities. TRD did so almost 15 months before Europol. Slovakian law enforcement published a video alongside the release and it outlined everything, including the actual arrest. He, along with several conspirators will be making a news appearance again, soon. DeepDotWeb

  • Darknet Dealer of Drugs and Arms Arrested by Slovakian Authorities – Europol

The post 15.5.17 Dark Web and Cybercrime Roundup appeared first on Deep Dot Web.