Cryptolocker Infects 250K Systems

DELL’s security research team has revealed that a new form of ransomware, dubbed “Cryptolocker” has managed to infect up to 250,000 devices, stealing almost a million dollars in Bitcoins.

“Based on the presented evidence, researchers estimate that 200,000 to 250,000 systems were infected globally in the first 100 days of the CryptoLocker threat,” Dell announced in a Secureworks post.

The firm worked out that if the Cryptolocker ransomware threat actors had sold its 1,216 total Bitcoins (BTC) that they collected from September this year, immediately upon receiving them, they would have earned nearly $380,000.

“If they elected to hold these ransoms, they would be worth nearly $980,000 as of this publication based on the current weighted price of $804/BTC,” Dell said.

Cryptolocker is unique when compared against your average ransomware. Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses third-party certified cryptography offered by Microsoft’s CryptoAPI.

“By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent,” Dell said.

Conventionally, ransomware prevents victims from using their computers normally and uses social engineering to convince them that failing to follow the malware authors’ instructions will lead to real-world consequences. These consequences, such as owing a fine or facing arrest and prosecution, are presented as being the result of a fabricated indiscretion such as pirating music or downloading illegal pornography.

“Victims of traditional forms of ransomware could ignore the demands and use security software to unlock the system and remove the offending malware,” Dell explained. “Cryptolocker changes this dynamic by aggressively encrypting files on the victim’s system and returning control of the files to the victim only after the ransom is paid.”

Dell said that the earliest samples of Cryptolocker appear to have been released on 5 September this year. However, details about its initial distribution phase are unclear.

“It appears the samples were downloaded from a compromised website located in the United States, either by a version of Cryptolocker that has not been analysed as of this publication, or by a custom downloader created by the same authors,” Dell added.

Dell seems to think that early versions of Cryptolocker were distributed through spam emails targeting business professionals as opposed to home internet users, with the lure often being a ‘consumer complaint’ against the email recipient or their organisation.

Attached to these emails would be a ZIP archive with a random alphabetical filename containing 13 to 17 characters, containing a single executable with the same filename as the ZIP archive but with an EXE extension, so keep your eye out for emails that fit this description.

Source

HP To Support The iPad

Is your iPad out of warranty? Hewlett-Packard to the rescue.

HP updated its SmartFriend support service and will now troubleshoot problems with Windows, Android, Chrome OS, OS X and iOS products, according to a fact sheet describing the service.

“HP is expanding its HP SmartFriend service to provide 1:1 expert support for any brand of PC or tablet,” the company said. The plan previously supported PCs from HP and other vendors, as well as Macs.

Users can avail of the service to address general hardware, software and malware issues. HP says its agents can “remove viruses, improve PC performance, solve software errors, and connect devices to a wireless network with enhanced security.” The support is provided by phone or over the Internet, so don’t expect a technician to trot in and fix your iPad in person. But HP notes it can save you from driving to a store.

Unlike Best Buy’s Geek Squad service, HP’s service does not include hardware repairs. It can be tricky to change the battery or storage in tablets, so for iPads, the Genius Bars at Apple Stores may still be the best option for some repairs.

HP didn’t immediately comment on exactly what support it will provide for the iPad. HP printers offer wireless printing from iPads and iPhones. HP sells primarily Windows PCs and Android tablets, though on last Thursday it announced the Pavilion 14 laptop with Google’s Chrome OS.

While SmartFriend includes support for iOS devices, the service seems focused mainly on Windows products. Its technicians include “Microsoft Application Trainers, Microsoft Product Specialists, A+/MCP/MCSE Certified Professionals, Network Administrators and HTML Developers,” according to the fact sheet.

The service starts at US$9.99 per month and users can sign up for a pre-paid, monthly or yearly support plan. A “Complete Plan” supports two devices, while a “Family Plan” supports up to four devices.

Source

Apple Outs Patch For Tracking Issue

As Apple promised last week in several discussions regarding its location tracking issues, iOS 4.3.3 addresses three bugs related to the database of location information on iOS devices. Firstly, it reduces the amount of the cached location information to a week’s worth, rather than relying on a size limit, as it previously did.

Secondly, it no longer backs up the cache to your Mac or PC via iTunes upon syncing, so the information isn’t available to anyone with access to your computer. And finally, the cache is now deleted from the device when Location Services are disabled in iOS’s Settings app.

Apple has also announced plans to encrypt the location information on iOS devices itself in the next major update to the operating system, which presumably means it will be incoporated into iOS 5.

The iOS 4.3.3 update applies to the iPhone 4, iPhone 3GS, iPad, iPad 2, third-generation iPod touch, and the fourth-generation iPod touch. Exceptions to this fix though, are the iPhone 3G and the second-generation iPod touch, both of which were supported by the original release of iOS 4 when the location database is believed to have been created but have since been dropped from compatibility. Also missing in action is the CDMA iPhone 4, although some reports have suggested that it didn’t log data in the same way as the GSM model.

Read More…