No Platform Immune from Ransomware, According to SophosLabs 2018 Malware Forecast

Ransomware ravaged Windows, but attacks on Android, Linux and MacOS systems also increased in 2017 Just two strains of ransomware were responsible for 89.5 percent of all attacks intercepted on Sophos customer computers worldwide OXFORD, U.K. – Nov. 2, 2017 – Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced its SophosLabs 2018 Malware Forecast, a report that recaps ransomware and other cybersecurity trends based on data collected from Sophos customer computers worldwide during April 1 to Oct. 3, 2017. One key finding shows that while ransomware predominately attacked Windows systems in the last six months, Android, Linux and MacOS platforms were not immune. “Ransomware has become platform-agnostic....

Read more »

Shadow Brokers Release Windows Malware that can Steal Keystrokes and Record Audio to its Paid Subscriber

Paid subscribers of Shadow Brokers’ monthly subscription can now gain complete access to your PC/laptop and steal your passwords and chats The hacking group named SHADOW BROKERS, which was responsible for the NSA leaks earlier. is back with another NSA hacker kit. This time however, the leak is only available for the users with its “monthly subscription”.In their latest release, SHADOW BROKERS have released a malware dubbed UNITEDRAKE. It is a remote access and control tool with “plug-ins” that can target WINDOWS based systems enabling the hacker with full control over their victim's system.UNITEDRAKE is compatible with systems running on Microsoft Windows XP, Vista, 7, 8 up to Windows Server 2012. It first came to light in 2014 as a part...

Read more »

Ransomware Attacks Hit LG Electronics’ Service Centers

South Korean electronics giant LG Electronics has been the latest company to fall prey to ransomware attacks after some of its self-service centers have been hit with malicious code that locks up computer files in exchange for ransom money. According to a new report by The Korea Herald, LG Electronics initially detected an issue with gaining access to the self-service kiosks earlier this week and alerted the Korea Internet & Security Agency that the problem occurred. Kiosk operations were quickly put on hold following the incident, and LG Electronics said it had managed to successfully protect files from being encrypted, which is a typical method of ransomware attackers in order to force their victims to pay for the key to unlock targeted...

Read more »

PayThink 'Self-protection' can shield banks from new Android BankBot card malware

Recently, the Dutch company Securify came across a new sample of the BankBot Android mobile banking malware. While older samples of BankBot mainly targeted Russian financial institutions, the latest sample shows that BankBot now targets European and American institutions as well. More specifically BankBot now targets over 420 leading institutions in countries such as Germany, France, Austria, the Netherlands, Turkey and the United States. BankBot is a banking Trojan horse that poses as an apparently benign consumer banking application. When the application is installed and run, it asks for administrative privileges. Once these privileges are granted, the icon disappears from the home screen. From that moment, the device is compromised...

Read more »

Petya: Wiper or Ransomware & How to Protect Yourself

Learn the facts about the recent Petya attack that crippled many organizations worldwide.  - Is it your regular run-of-the-mill ransomware or a wiper? - Who is a target? Why did it spread so quickly?- How can organizations better protect themselves against similar attac...

Read more »

Sophos continues to work at protecting customers from the WannaCry ransomware attack – here’s what you need to know.

Sophos continues working to protect customers from the WannaCry ransomware attack. That effort has been successful, but we continue to receive many questions about how this attack happened, what we must do to defend our organizations, and, of course, what’s next? This article is designed to answer those questions. What happened? A fast-spreading piece of ransomware called Wanna (also known as WannaCry, WCry, WanaCrypt, WanaCrypt0r and Wana DeCrypt0r) held computer systems hostage around the globe Friday. National Health Service hospitals (NHS) in the UK was hit hard, with its phone lines and IT systems being held hostage. From there, the attack spilled across the globe. It encrypted victim’s files and changed the extensions...

Read more »