Weekly Compile Of Cyber Security Threats and Exploits – 24-Sept-2016

Hacker Makes 4BTC With Mamba Ransomware



Being Ransomware developer is a real thing now. Instead of encrypting files now, a new Ransomeware dubbed as Mamba Ransomware encrypts whole hard drive partitions. “Mamba encrypts the whole partitions of the disk,” Marinho said. “It uses a disk-level cryptography and not a traditional strategy of other ransomware that encrypts individual files.”. The Ransomware edits Master Boot Record and prompts the user to enter decryption key during boot up.

“You are Hacked ! H.D.D Encrypted, Contact Us For Decryption Key (w889901665@yandex.com) YOURID: 123152”. This message is all that remains for the victims of this new Ransomware. To get the decryption key, it’s necessary to contact somebody through the informed e-mail address, give the ID and pay 1 BTC per infected host. Without that, the system does not even starts”

According to security researchers, this is what they received from the hacker:

andy saolis<w889901665@yandex.com>

Your HDD Encrypted By AES 2048Bit

send 1BTC Per HOST to My Bitcoin Wallet , then we give you Decryption key For Your Server HDD!!

My Bitcoin Wallet Address : 1NLnMNMPbxWeMJVtGuobnzWU3WozYz86Bf

We Only Accept Bitcoin , it’s So easy!

you can use Brokers to exchange your money to BTC ASAP

it’s Fast way!



if You Don’t Have a Account in Bitcoin , Read it First :


bitcoin Market :






iPhone passcode bypassed by Nand Mirroring

This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts. This is the first public demonstration of the working prototype and the real hardware mirroring process for iPhone 5c. Although the process can be improved, it is still a successful proof-ofconcept project. Knowledge of the possibility of mirroring will definitely help in designing systems with better
protection. Also some reliability issues related to the NAND memory allocation in iPhone 5c are revealed. Some future research directions are outlined in this paper and several possible countermeasures are suggested. We show that claims that iPhone 5c NAND mirroring was infeasible were ill-advised.”

Hackers Make 88k By Infecting FTP Servers

More than 3,000 FTP servers were breached by hackers and were used to mine Monero coins. Servers powered by Seagate Central were more prone to this attack. “This threat is interesting not only for the technique it uses to spread and get new nodes to help calculate hashes for the cryptocurrency, but it also attempts to copy itself to open (or weak) FTP folders in the hope of being executed on other machines.

“More than 70% of the servers where write access was enabled had already been found, visited and “borrowed” by crooks looking for innocent-sounding repositories for their malware. If you’ve ever assumed that you’re too small and insignificant to be of interest to cybercriminals, and thus that getting security settings right is only really for bigger organizations, this should convince you otherwise. Very bluntly put, if you’re not part of the solution, you’re very likely to become part of the problem.”

Yahoo Confirms State-Sponsored Hack

Yahoo earlier announced that it’s services were hacked back in late 2014, where most of their customers information were stolen. Including passwords, which Yahoo assures that it’s password are partially obscure. Encrypted and decrypted security questions were also part of the breach, which attackers can use to reset account passwords.

Yahoo has assured it’s users that no financial details were breached, but it is recommended that you change all your security questions and passwords in order to be safe.

Yahoo encourages users to review their online accounts for suspicious activity and to change their password and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account. The company further recommends that users avoid clicking on links or downloading attachments from suspicious emails and that they be cautious of unsolicited communications that ask for personal information.

“A recent investigation by Yahoo! Inc. has confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor.”

Author: Shivniel Gounder

TheGeek : Writes about information security, privacy, cybersecurity and latest tech gadgets and more.

Share This Post On
Try Wrike: fast, easy, and efficient project collaboration software

Submit a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: