• Welcome to Global Gulag Media Forum. Please login or sign up.

BREAKING: Europe is hit by new 'WannaCry' virus

Started by EvadingGrid, Jun 27, 2017, 09:20:40 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.


BREAKING: Europe is hit by new 'WannaCry' virus, with Ukraine power grid, Russian oil giants and Danish shipping giants all affected

    Ukrainian deputy Prime Minister among those affected by latest virus
    Russian oil giant Rosnef and Danish shipp firm AP Moller-Maersk also hit
    IT experts said virus appears to be ransomware, similar to 'WannaCry' attack

By Chris Pleasance for MailOnline
Published: 15:02, 27 June 2017


Hackers have launched a fresh ransomware attack on Europe just a month after the 'WannaCry' virus locked computers across the continent. The Ukrainian government appears to have been badly affected, alongside Russia's Rosneft oil company and Danish shipping giant A.P. Moller-Maersk. Rozenko Pavlo, Ukraine's deputy Prime Minister, posted an image of his locked computer, saying 'all computers of the government' had fallen victim to the virus.



Are they going blame this on North Korea again?   


Quote from: 2Revolutions on Jun 27, 2017, 09:45:15 AM
Are they going blame this on North Korea again?

Last time it hit Russia and Eastern Europe, though I think that reflects they have more old computers than anything else. Besides, wikileaks have proved that the CIA can and does fake digital signatures. But, I'm not inclined to blame anyone, because its common sense the baddies have covered their tracks.


The moral of this story and 99% of other similar stories is use Linux or better still the BSD Unix family for servers.
But none of the MSM will ever point that out, if only in passing.

Secondly, I'll point out the disgrace that the UK's one and only Aircraft Carrier which has just been launched is flawed because it runs an expired copy of Windows XP or summat...

Big Lizzie squeezes under the Forth Bridge but sails straight into a cyber attack storm: Britain's biggest warship relies on vulnerable Windows XP despite Navy boasting of NASA standard security


I think a lot of people would be surprised how much vital infrastructure is running on old operating software like XP, Vista etc. 


Quote from: 2Revolutions on Jun 27, 2017, 10:17:18 AM
I think a lot of people would be surprised how much vital infrastructure is running on old operating software like XP, Vista etc.

Its very frustrating.
The worst is when they claim lack of money, when Linux or BSD Unix is FREE.

As for launching our one and only aircraft carrier and its built around windows xp, words fail me . . .


HMS Windows XP: Britain's newest warship runs Swiss Cheese OS
Spotted on carrier control room screens - reports
By Gareth Corfield 27 Jun 2017 at 13:52


The Register
Huge ransomware outbreak spreads in Ukraine and beyond
Petya or cattle?
By John Leyden 27 Jun 2017 at 14:48

Updated A huge ‪ransomware‬ outbreak has hit major banks, utilities and telcos in Ukraine as well as victims in other countries.

Early analysis of the attack points towards a variant of the known Petya ransomware, a strain of malware that hijacks the Master Boot Record and encrypts filesystem tables on infected Windows PCs as well as individual files. Early reports suggest the malware is spreading using by network shares and email but this remains unconfirmed. The outbreak is centred but not confined to the Ukraine. Victims in Spain, France and Russia have also been reported.

Victims include Ukrainian power distribution outfit Ukrenergo, which said the problem is confined to its computer network and is not affecting its power supply operations, Reuters reports. Other victims include Oschadbank, one of Ukraine's largest state-owned lenders.

Global shipping outfit Maersk Group is also under the cosh.

Hackers behind the attack are demanding $300 (payable in Bitcoin) to unlock each computer. It's easy to ascribe any computing problem in Ukraine to Russia because of the ongoing conflict between the two countries, but the culprits behind the latest attack are just as likely to be cybercriminals as state-sponsored saboteurs, judging by the evidence that's emerged this far.

"While ransomware can be (and has been) used to cover other attacks, I think it's wise to consider Ukraine attack cybercriminal for now," said Martijn Grooten, editor of Virus Bulletin and occasional security researcher. ®

Updated at 1500 UTC to add: Allan Liska, intelligence architect at Recorded Future, said the attack has multiple components including an attack to steal login credentials as well as trash compromised computers.

"This appears to be a multi-pronged attack that started with a phishing campaign targeting infrastructure in the Ukraine," Liska said. "The payload of the phishing attack is twofold: an updated version of the Petya ransomware (older version of Petya are well-known for their viciousness, rather than encrypt select files Petya overwrote the master boot record on the victim machine, making it completely inoperable)."

There is some speculation that, like WannaCrypt, this attack is being spread using the EternalBlue exploit, which would explain why it is spreading so quickly (having reached targets in Spain and France in addition to the Ukraine). "Our threat intelligence also indicated that we are now starting to see US victims of this attack," according to Liska.

There are also reports that the payload includes a variant of Loki Bot in addition to the ransomware. Loki Bot is a banking Trojan that extracts usernames and passwords from compromised computers. This means this attack not only could make the victim's machine inoperable, it could steal valuable information that an attacker can take advantage of during the confusion, according to Recorded Future.

Updated at 1509 UTC to add: Reg sources from inside London firms have been notifying us that they've been infected. We were sent this screenshot (cropped to protect the innocent) just minutes ago:


This might not be related but I find it interesting that Ukraine is negotiating a weapons deal with the US and this virus attacks happens again. 


A number of important US ministers will visit Ukraine in the next two to three months and Kiev looks forward to signing agreements on US arms supplies, Ukrainian President Petro Poroshenko said Wednesday.

KIEV (Sputnik) — Poroshenko added he expected the visit of US Secretary of State Rex Tillerson to Kiev in the near future.

"We are waiting for visits of high-ranking US officials in the near future, two to three months, where agreements will be signed, first of all, what interests me, regarding defense cooperation, regarding the supply of US arms, cooperation in the defense industry, economic and energy cooperation," Poroshenko said in Washington at a briefing on the results of his visit to the United States, which was broadcast by the 112 Ukraine television channel.



NATO says cyber attacks a call to arms

Brussels (AFP) - NATO chief Jens Stoltenberg warned the alliance must step up its defence against cyberattacks, saying they could potentially trigger their Article 5 mutual defence commitment.

Computer users around the world were scrambling Wednesday to reboot systems after a tidal wave of ransomware cyberattacks spread from Ukraine and Russia across Europe to the United States and then on to Asia.

It seemed to be very similar to the WannaCry ransomware which hit more than 200,000 users in more than 150 countries last month.

Stoltenberg said the "attack in May and this week just underlines the importance of strengthening our cyber defences and that is what we are doing."

"We exercise more, we share best practices and technology and we also work more and more closely with all allies," he told reporters ahead of a NATO defence ministers meeting in Brussels on Thursday at which cyber-security will be a key talking point.

Stoltenberg recalled that NATO leaders had agreed last year that a cyber attack could be considered a threat sufficiently serious to warrant invoking the alliance's 'all for one, one for all' security guarantee.

They also made cyber a NATO domain -- on a par with the traditional air, sea and land arms to become part of overall alliance planning and resource allocation.

NATO was also helping Ukraine, the country first hit by Tuesday's cyberattack, with its online defences, Stoltenberg said.

In the NATO context, the greatest fear is that another state would attack an ally's networks to undermine key industrial and civil society infrastructure without firing a shot.

In the event, however, it seems non-state actors may be able to cause just as much mayhem.