Motorized skateboards are a simple and affordable form of personal transportation while advanced battery technology considerably extended their range. Now a startup company in Germany offers a skateboard that is almost entirely printed in plastic and has wireless speed control. VOA’s George Putic reports.
…
Author Archives: Futsil
Hackers Mint Crypto-currency with Technique in Global ‘Ransomware’ Attack
A computer virus that exploits the same vulnerability as the global “ransomware” attack has latched on to more than 200,000 computers and begun manufacturing digital currency, experts said Tuesday.
The development adds to the dangers exposed by the WannaCry ransomware and provides another piece of evidence that a North Korea-linked hacking group may be behind the attacks.
WannaCry, developed in part with hacking techniques that were either stolen or leaked from the U.S. National Security Agency, has infected more than 300,000 computers since Friday, locking up their data and demanding a ransom payment to release it.
Researchers at security firm Proofpoint said the related attack, which installs a currency “miner” that generates digital cash, began infecting machines in late April or early May but had not been previously discovered because it allows computers to operate while creating the digital cash in the background.
Proofpoint executive Ryan Kalember said the authors may have earned more than $1 million, far more than has been generated by the WannaCry attack.
Like WannaCry, the program attacks via a flaw in Microsoft Corp’s Windows software. That hole has been patched in newer versions of Windows, though not all companies and individuals have installed the patches.
Suspected links to North Korea
Digital currencies based on a technology known as blockchain operate by enabling the creation of new currency in exchange for solving complex math problems. Digital “miners” run specially configured computers to solve the problems and generate currency, whose value fluctuates according to market demand.
Bitcoin is by far the largest such currency, but the new mining program is not aimed at Bitcoin. Rather it targeted a newer digital currency, called Monero, that experts say has been pursued recently by North Korean-linked hackers.
North Korea has attracted attention in the WannaCry case for a number of reasons, including the fact that early versions of the WannaCry code used some programming lines that had previously been spotted in attacks by Lazarus Group, a hacking group associated with North Korea.
Security researchers and U.S. intelligence officials have cautioned that such evidence is not conclusive, and the investigation is in its early stages.
In early April, security firm Kaspersky Lab said that a wing of Lazarus devoted to financial gain had installed software to mine Moreno on a server in Europe.
A new campaign to mine the same currency, using the same Windows weakness as WannaCry, could be coincidence, or it could suggest that North Korea was responsible for both the ransomware and the currency mining.
Kalember said he believes the similarities in the European case, WannaCry and the miner were “more than coincidence.”
“It’s a really strong overlap,” he said. “It’s not like you see Moreno miners all over the world.”
The North Korean mission to the United Nations could not be reached for comment, while the FBI declined to comment.
…
Thailand Backs Off Threat to Block Facebook Over Content
Thailand backed off a threat to block Facebook on Tuesday, instead providing the social media site with court orders to remove content that the government deems illegal.
Thailand made the threat last week as it wanted Facebook to block more than 130 posts it considers a threat to national security or in violation of the country’s lese majeste law, which makes insults to the monarchy punishable by up to 15 years in prison. Thailand’s military government has made prosecuting royal insults a priority since seizing power in a coup three years ago.
Takorn Tantasith, secretary-general of Thailand’s broadcast regulator, said Facebook had requested the court orders before it would take action but he expected the social media giant would comply with the government’s demands.
“Facebook have shown good cooperation with us,” Takorn told reporters.
Emails and calls seeking confirmation from Facebook were not immediately returned.
The regulator last week demanded that Facebook remove more than 130 illegal posts by Tuesday or face legal action that could shut down the site. In a change of tactic, Takorn said that Thailand had forwarded 34 court orders to Facebook so far.
“The websites that need to be taken down are not only for those that are a threat to stability but they also include other illegal websites such as porn and websites that support human-trafficking which take time to legally determine,” Takorn said.
Thai authorities try to take pre-emptive actions against material they consider illegal, having local internet service providers block access or reaching agreements with some online services such as YouTube to bar access to certain material in Thailand.
Much of that is content deemed in violation of the country’s lese majeste law, the harshest in the world. The military government has charged more than 100 people with such offenses since the coup and handed down record sentences. Many of those cases have been based on internet postings or even private messages exchanged on Facebook.
Last month, Thai authorities declared it illegal to exchange information on the internet with three prominent government critics who often write about the country’s monarchy.
Facebook, which is blocked in a number of authoritarian countries such as North Korea, has said it relies on local governments to notify the site of information it deems illegal.
“If, after careful legal review, we find that the content is illegal under local law we restrict it as appropriate and report the restriction in our Government Request Report,” Facebook has said in past statements outlining its policy.
…
Instagram Launches Snapchat-like Filters
Get ready for more rabbit ears, dog noses and funny hats to show up in your Facebook feed.
Facebook’s Instagram service is launching face filters in an effort to keep up with rival, Snap Inc.’s Snapchat.
“From math equations swirling around your head to furry koala ears that move and twitch, you can transform into a variety of characters that make you smile or laugh,” the company wrote on its blog.
The new features will also include the ability to manipulate video, allowing users to play them in reverse.
“Capture a fountain in motion and share a rewind of the water floating back up,” according to the blog post. “Experiment with some magic tricks of your own and defy the laws of physics wherever you are.”
Facebook, the largest social media platform, has been accused of copying features from Snapchat such as “Stories” which allows users to post pictures and videos that are erased after 24 hours.
According to Instagram, 200 million people use Stories daily.
Facebook’s stock price has been hovering around $150 this month, which is near the stock’s all-time high of $153.60.
Last week, Snap stocks cratered by 23 percent after the company posted poorer than expected quarterly results. The company says it has 166 million daily active users as of March 31.
Snap was trading at $20.42 Tuesday, down from an all-time high of $29.44.
…
US Military Taps into Innovations in Startup Tech World
Recently, one of the largest computer hacks of its kind hit companies and governments around the world. It is an example of the challenges in digital security and keeping ahead of technology. The U.S. military has developed a way to tap into the innovation and speed unique to Silicon Valley and tech startups. VOA’s Elizabeth Lee has more details on this initiative.
…
Man Thanks iPhone’s Siri for Saving His Life in Explosion
A New Hampshire man who was injured in a house explosion is thanking Siri for saving his life.
Christopher Beaucher says he was checking on his mother’s vacant cottage in Wilmot on May 1 when he saw something suspicious and went inside.
He tells WMUR-TV that when he switched on a light, the house exploded.
“The whole place caught fire,” Beaucher said. “Part of it collapsed while I was in it during the initial explosion, so I couldn’t really tell where I was.”
Beaucher’s face and hands were badly burned. He grabbed his cellphone but was unable to dial because of his injuries. He says he somehow asked his iPhone’s voice-controlled virtual assistant Siri to call 911, believing he was going into shock.
A spokeswoman for Apple said Monday that statistics on Siri being used for emergencies weren’t available, but noted some recent emergencies in which it was used. Those include three boaters off the Florida coast in April who used the water-resistant phone when their craft capsized; a 4-year-old boy from London who used his mother’s thumb to unlock her iPhone and called Siri after she collapsed at home in March; and a man in Vancouver who collapsed, became paralyzed, and was able to use his tongue to use Siri.
Beaucher is undergoing treatment for his injuries and says he hopes to return to his job as a cook and tend to his farm.
“I’m very, very, extremely lucky to be alive,” he said.
The New Hampshire state fire marshal’s office is investigating the explosion.
…
5 Ways to Become a Smaller Target for Ransomware Hackers
This weekend’s global online extortion attack reinforces the need for businesses and other large organizations to update their computer operating systems and security software, cybersecurity experts said.
The attack largely infected networks that used out-of-date software, such as Windows XP, which Microsoft no longer offers technical support for.
“There’s some truth to the idea that people are always going to hack themselves,” said Dan Wire, a spokesman for security firm FireEye. “You’ve got to keep your systems updated.”
The attack that authorities say swept 150 countries this weekend is part of a growing problem of “ransomware” scams, in which people find themselves locked out of their files and presented with a demand to pay hackers to restore their access.
Hackers bait users to click on infected email links, open infected attachments or take advantage of outdated and vulnerable systems. This weekend’s virus was particularly virulent, because it could spread to all other computers on a network even if just one user clicked a bad link or attachment.
Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don’t install security upgrades because they’re worried about triggering bugs, or they can’t afford the downtime.
Here are five tips to make yourself a less-likely victim:
Make safe and secure backups
Once your files are encrypted, your options are limited. Recovery from backups is one of them. “Unfortunately, most people don’t have them,” Abrams says. Backups often are also out of date and missing critical information. With this attack, Abrams recommends trying to recover the “shadow volume” copies some versions of Windows have.
Some ransomware does also sometimes targets backup files, though.
You should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals. It’s a good idea to back up files to a drive that remains entirely disconnected from your network.
Update and patch your systems
The latest ransomware was successful because of a confluence of factors. Those include a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and malware designed to spread quickly once inside university, business and government networks. Updating software will take care of some vulnerability.
“Hopefully people are learning how important it is to apply these patches,” said Darien Huss, a senior security research engineer for cybersecurity firm Proofpoint, who helped stem the reach of the weekend attack. “I hope that if another attack occurs, the damage will be a lot less.”
The virus targeted computers using Windows XP, as well as Windows 7 and 8, all of which Microsoft stopped servicing years ago. Yet in an unusual step, they released a patch for those older systems because of the magnitude of the outbreak.
“There’s a lot of older Windows products out there that are `end of life’ and nobody’s bothered to take them out of service,” said Cynthia Larose, a cybersecurity expert at the law firm of Mintz Levin.
Use antivirus software
Using antivirus software will at least protect you from the most basic, well-known viruses by scanning your system against the known fingerprints of these pests. Low-end criminals take advantage of less-savvy users with such known viruses, even though malware is constantly changing and antivirus is frequently days behind detecting it.
Educate your workforce
Basic protocol such as stressing that workers shouldn’t click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don’t have unnecessary access to parts of the network that aren’t critical to their work. This helps limit the spread of ransomware if hackers do get into your system.
If hit, don’t wait and see
Some organizations disconnect computers as a precautionary measure. Shutting down a network can prevent the continued encryption — and possible loss — of more files. Hackers will sometimes encourage you to keep your computer on and linked to the network, but don’t be fooled.
If you’re facing a ransom demand and locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it gives incentives to hackers and pays for their future attacks. There’s also no guarantee all files will be restored. Many organizations without updated backups may decide that regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.
Ryan O’Leary, vice president of WhiteHat Security’s threat research center, points out that this weekend’s hackers weren’t asking for much, usually about $300.
“If there is a silver lining to it, you’re not out a million dollars,” he said.
Still, “My answer is, never pay the ransom,” Abrams said. “But at the same time, I also know that if you’re someone who’s been affected and you’ve lost all your children’s photographs or you’ve lost all your data or you lost your thesis, sometimes $300 is worth it, you know?”
…
New Rover to Make Moon Landing Next Year
Science fiction movies often contain imaginary technology. But now a real life moon rover has made it onto the big screen. Not only is it a star in a new film, but it will also play a starring role on a private mission to the moon next year. VOA’s Deborah Block has the story.
…
Global Cyberattack in Brief: Ransomware, a Vision of Future?, Seeking Culprits
In what is believed to be the largest attack of its kind ever recorded, a cyberextortion attack continued causing problems Saturday, locking up computers and holding users’ files for ransom at dozens of hospitals, companies and government agencies. Businesses and computer security organizations await problems in the new workweek.
Ransomware Attack Could Herald Future Problems — Tech staffs around the world worked around the clock this weekend to protect computers and patch networks to block the computer hack whose name sounds like a pop song — “WannaCry” — as analysts warned the global ransomware attack could be just the first of a new wave of strikes by computer criminals.
Worldwide Cyberattack Spreads Further in Second Day — A cyberattack against tens of thousands of data networks in scores of countries, all infected by malware that locks computer files unless a ransom is paid, spread further in its second day Saturday, with no progress reported in efforts to determine who launched the plot.
Authorities Seek Clues On Culprits Behind Global Cyberattack — The British government said on Saturday it does not yet know who was behind a massive global cyberattack that disrupted Britain’s health care services, but Interior Minister Amber Rudd said the country’s National Crime Agency is investigating where the attacks came from.
Europol Working on Probe Into Massive Cyberattack — The European Union’s police agency, Europol, says it is working with countries hit by the global ransomware cyberattack to rein in the threat and help victims.
‘Perfect Storm’ of Conditions Helped Cyberattack Succeed — The cyberextortion attack that hit dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks.
Where Global Cyberattack Has Hit Hardest — A look at some of the countries and organizations hardest hit during the global cyberattack.
What Is the Digital Currency Bitcoin? — In the news now after a cyberextortion attack this weekend, bitcoin has a fuzzy history, but it’s a type of currency that allows people to buy goods and services and exchange money without involving banks, credit card issuers or other third parties.
Ransomware Attack Could Herald Future Problems
Tech staffs around the world worked around the clock this weekend to protect computers and patch networks to block the computer hack whose name sounds like a pop song — “WannaCry” — as analysts warned the global ransomware attack could be just the first of a new wave of strikes by computer criminals.
The United States suffered relatively few effects from the ransomware that appeared on tens of thousands of computer systems across Europe and into Asia, beginning Friday. Security experts remained cautious, however, and stressed there was a continuing threat.
In contrast to reports from several European security firms, a researcher at the Tripwire company on the U.S. West Coast said late Saturday that the attack could be diminishing.
“It looks like it’s tailing off,” said Travis Smith of Tripwire.
“I hope that’s the case,” Smith added. The Oregon firm protects large enterprises and governments from computer security threats.
Ransomware attack
The code for the ransomware unleashed Friday remains freely available on the internet, experts said, so those behind the WannaCry attack — also known as WanaCryptor 2.0 and a variety of other names — could launch new strikes in coming days or weeks. Copycat attacks by other high-tech criminals also are possible.
“We are not out of the woods yet,” said Gary Davis, chief consumer security evangelist at McAfee, the global computer security software company in Santa Clara, California. “We think it’s going to be the footprint for other kinds of attacks in the future.”
The attack hit scores of countries — more than 100, by some experts’ count — and infected tens of thousands of computer networks.
Industry reports indicate Russia, Taiwan, Ukraine and Britain were among the countries hit hardest, and more hacking reports can be expected when offices reopen for the new workweek Monday or, in some parts of the world, Sunday.
One of the weapons used in the current attack is a software tool reportedly stolen from the U.S. National Security Agency and published on the internet by hackers last month.
The tool affords hackers undetected entry into many Microsoft computer operating systems, which is what they need to plant their ransomware. However, Microsoft issued patches to fix that vulnerability in its software weeks ago that could greatly reduce the chances of intrusion.
Outdated operating systems
The crippling effects of WannaCry highlight a problem that experts have long known about, and one that appears to have hit developing countries harder.
Some organizations are more vulnerable to intrusion because they use older or outdated operating systems, usually due to the cost of upgrading software or buying modern hardware needed to install better-protected operating systems. Companies like Microsoft eventually stop updating or supporting older versions of their software, so customers using those programs do not receive software patches or security upgrades.
Much of the ransomware’s spread around the world occurred without any human involvement. The WannaCry malware self-propagates, copying itself to all computers on a network automatically.
When a demand for ransom payments appears on a user’s screen — $300 at first, doubling to $600 in a few days — it’s usually too late: All files on that computer have been encrypted and are unreadable by their owners.
The hackers said they would reverse the effect of their software once they received the payments they demanded.
Microsoft patched the “hole” in the newest versions of its operating software — Windows 10 for most home users — in March, three weeks before the stolen NSA exploit software was published on the internet. Since Friday, the company dropped its refusal to update old versions of its programs and issued patches specifically written for use in Windows XP and several other systems.
Microsoft declined a request for an interview, but a statement on the company’s blog said: “Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. We are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003.”
“A lot of people in the security community were impressed with Microsoft’s speed, but it highlights an ongoing challenge we have,” said Stephen Cobb, a senior security researcher with ESET, a global security software company. “If a malicious code outbreak breaks out tomorrow, and targets unsupported operating systems, Microsoft may have to go there again.”
…
‘Perfect Storm’ of Conditions Helped Cyberattack Succeed
The cyberextortion attack hitting dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks.
Not to mention the fact that those responsible were able to borrow weaponized software code apparently created by the U.S. National Security Agency to launch the attack in the first place.
Other criminals may be tempted to mimic the success of Friday’s “ransomware” attack, which locks up computers and hold people’s files for ransom. Experts say it will be difficult for them to replicate the conditions that allowed the so-called WannaCry ransomware to proliferate across the globe.
But we’re still likely to be living with less virulent variants of WannaCry for some time. And that’s for a simple reason: Individuals and organizations alike are fundamentally terrible about keeping their computers up-to-date with security fixes.
The worm
One of the first “attacks” on the internet came in 1988, when a graduate student named Robert Morris Jr. released a self-replicating and self-propagating program known as a “worm” onto the then-nascent internet. That program spread much more quickly than expected, soon choking and crashing machines across the internet.
The Morris worm wasn’t malicious, but other nastier variants followed — at first for annoyance, later for criminal purposes, such as stealing passwords. But these worm attacks became harder to pull off as computer owners and software makers shored up their defenses.
So criminals turned to targeted attacks instead to stay below the radar. With ransomware, criminals typically trick individuals into opening an email attachment containing malicious software. Once installed, the malware just locks up that computer without spreading to other machines.
The hackers behind WannaCry took things a step further by creating a ransomware worm, allowing them to demand ransom payments not just from individual but from entire organizations — maybe even thousands of organizations.
Perfect storm
Once inside an organization, WannaCry uses a Windows vulnerability purportedly identified by the NSA and later leaked to the internet. Although Microsoft released fixes in March, the attackers counted on many organizations not getting around to applying those fixes. Sure enough, WannaCry found plenty of targets.
Since security professionals typically focus on building walls to block hackers from entering, security tends to be less rigorous inside the network. WannaCry exploited common techniques employees use to share files via a central server.
“Malware that penetrates the perimeter and then spreads inside the network tends to be quite successful,” said Johannes Ullrich, director of the Internet Storm Center at the SANS Institute.
Persistent infections
“When any technique is shown to be effective, there are almost always copycats,” said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, California. But that’s complicated, because hackers need to find security flaws that are unknown, widespread and relatively easy to exploit.
In this case, he said, the NSA apparently handed the WannaCry makers a blueprint — pre-written code for exploiting the flaw, allowing the attackers to essentially cut and paste that code into their own malware.
Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, said ransomware attacks like WannaCry are “not going to be the norm.” But they could still linger as low-grade infections that flare up from time to time.
For instance, the Conficker virus, which first appeared in 2008 and can disable system security features, also spreads through vulnerabilities in internal file sharing. As makers of anti-virus software release updates to block it, hackers deploy new variants to evade detection.
Conficker was more of a pest and didn’t do major damage. WannaCry, on the other hand, threatens to permanently lock away user files if the computer owner doesn’t pay a ransom, which starts at $300 but goes up after two hours.
The damage might have been temporarily contained. An unidentified young cybersecurity researcher claimed to help halt WannaCry’s spread by activating a so-called “kill switch.” Other experts found his claim credible. But attackers can, and probably will, simply develop a variant to bypass this countermeasure.
Fighting back
The attack is likely to prompt more organizations to apply the security fixes that would prevent the malware from spreading automatically. “Talk about a wake-up call,” Hypponen said.
Companies are often slow to apply these fixes, called patches, because of worries that any software change could break some other program, possibly shutting down critical operations.
“Whenever there is a new patch, there is a risk in applying the patch and a risk in not applying the patch,” Grobman said. “Part of what an organization needs to understand and assess is what those two risks are.”
Friday’s attack might prompt companies to reassess the balance. And while other attackers might use the same flaw, such attacks will be steadily less successful as organizations patch it.
Microsoft took the unusual step late Friday of making free patches available for older Windows systems, such as Windows XP from 2001. Before, Microsoft had made such fixes available only to mostly larger organizations that pay extra for extended support, yet millions of individuals and smaller businesses still had such systems.
But there will be other vulnerabilities to come, and not all of them will have fixes for older systems. And those fixes will do nothing for newer systems if they aren’t installed.
…
Don’t Click: What Is the ‘Ransomware’ WannaCry Worm?
Malicious software called “ransomware” has forced British hospitals to turn away patients and affected Spanish companies such as Telefonica as part of a global outbreak that has affected tens of thousands of computers.
How does it work?
WannaCry — also known as WanaCrypt0r 2.0, WannaCry and WCry — is a form of “ransomware” that locks up the files on your computer and encrypts them in a way that you cannot access them anymore.
How does it spread?
Ransomware is a program that gets into your computer, either by clicking on the wrong thing or downloading the wrong thing, and then it holds something you need to ransom.
In the case of WannaCry, the program encrypts your files and demands payment in bitcoin in order to regain access.
Security experts warn there is no guarantee that access will be granted after payment. Some ransomware that encrypts files ups the stakes after a few days, demanding more money and threatening to delete files altogether.
There are different variants of what happens: Other forms of ransomware execute programs that can lock your computer entirely, only showing a message to make payment in order to log in again. There are some that create pop-ups that are difficult or impossible to close, rendering the machine difficult or impossible to use.
Where has it spread?
British-based cyber researcher Chris Doman of AlienVault said the ransomware “looks to be targeting a wide range of countries,” with initial evidence of infections in at least two dozen nations, according to experts from three security firms.
The broad-based ransomware attack has appeared in at least eight Asian nations, a dozen countries in Europe, Turkey and the United Arab Emirates and Argentina, and appears to be sweeping around the globe, researchers said.
What is so special about WannaCry?
WannaCry is not just a ransomware program, it is also a worm.
This means that it gets into your computer and looks for other computers to try and spread itself as far and wide as possible.
Ransomware has a habit of mutating, so it changes over time in order to find different ways to access computers or to get around patches (operating system updates that often include security updates). Many security firms are already aware of WannaCry in past forms and most are looking at this one right now to see how it might be stopped.
Several cybersecurity firms said WannaCry exploits a vulnerability in Microsoft and that Microsoft patched this in March. People don’t always install updates and patches on their computers, and so this means vulnerabilities can remain open a lot longer and make things easier for hackers to get in.
It exploited a vulnerability in the Windows operating system believed to have been developed by the National Security Agency, which became public last month. It was among a large number of hacking tools and other files that a group known as the Shadow Brokers released on the internet. Shadow Brokers said that they obtained it from a secret NSA server.
The identity of Shadow Brokers is unknown, though many security experts believe the group that surfaced in 2016 is linked to the Russian government.
The NSA and Microsoft did not immediately respond to requests for comment.
…