Tag - Ransomware
Welcome to the Game Replay, the thrice-weekly look at the wider world of gaming by the staff of MacNN. In today's edition, Blizzard makes all current expansions for World of Warcraft free by rolling them into the base game, racism by Twitch viewers of a Hearthstone tournament prompts re-examination of moderation policies, Apple disagrees with a Palestinian game developer over game classification, and the creators of ransomware that typically aimed at gamers has given up the master encryption key to security researchers.
A new OS X security tool has been developed and released by Mac security researcher Patrick Wardle. The new "RansomWhere?" tool monitors a user's Mac file system for untrusted processes that attempt to encrypt any files. Once an unusual process is detected, the tool stops the process after the encryption of a small handful of files, and alerts the user. The user can then choose whether to allow the process, or terminate it.
Victims of one strain of "ransomware" may be able to get their data back. A collaboration between the Netherlands Police's National High Tech Crime Unit (NHTCU) and security company Kaspersky, a tool has been created that can be used to decrypt data encrypted by the CoinVault malware, potentially saving many users from paying a random or having to rebuild their data if backups failed.
In a speech on Monday, Detroit Mayor Mike Duggan revealed some of the recent technical problems the city is facing. As if bankruptcy and other financial woes from the recession weren't enough for the city, Duggan said that Detroit has been a target for various cyberattacks, including an attempt by hackers to hold one of the city's databases for ransom.
Victims of the CryptoLocker ransomware may be able to unlock their files without having to pay. Security experts from FireEye and Fox IT are hosting Decrypt CryptoLocker, a site dedicated to providing keys for affected systems, allowing for encrypted files to become available to users who chose not to pay the malware creator's ransom demand.
A new trojan targeting Android devices has been discovered that is holding phones hostage until a fine is paid. Ransomware, in this case the Trojan.Koler.A, accuses the device's owner of looking at illegal pornography and threatens action by authorities. The ransomware asks for a $300 fine to be paid via "untraceable payment mechanisms such as Paysafecard or uKash" according to Ars Technica's report.
Hackers have altered DNS records of websites hosted by Go Daddy, with the aim of infecting visitors with ransomware. The attackers are adding subdomains to the DNS records, pointing to a malicious IP address under their control, allowing victims to believe they are going to the right website, and for the pages to avoid various security protection mechanisms. This attack comes two months after an alleged attack on the Go Daddy network.