Ransomware victims pay up and Cambridge Analytica shuts down

A US school district gives in to ransomware demands, Facebook announces dating feature, and Cambridge Analytica ceases operations.

MA school district pays $10,000 ransom

On April 14, the Leominster school district in Massachusetts was hit with a ransomware attack that took the education sector’s computer system hostage, locking all administrators and teachers out of their email. Authorities believe the attack was intended only as a money-making scheme and not to mine sensitive data.

Leominster schools superintendent Paula Deacon sought response advice from Interim Police Chief Michael Goldman. Goldman advised the educator to pay the ransom, but under certain conditions. Goldman told the press that negotiations were made with the ransomers before the $10,000 in Bitcoin was paid. Deacon and Goldman asked the cybercriminals to prove the computer system would be restored by unlocking certain files before they paid the ransom. The ransomers did indeed decrypt the requested files, and Leominster officials paid the ransom. As of today, the Leominster school district is still awaiting the full restoration of the hijacked system.

FaceDate announced at F8

CEO Mark Zuckerberg was no doubt much more comfortable in front of the crowd at Facebook developer conference F8 this week than he was speaking on the Senate floor in April. He had been called to Capitol Hill to answer questions about Facebook’s data security policy in the wake of the Cambridge Analytica revelation. But at F8, back on his home turf of San Jose, Zuckerberg announced a host of new features we will soon see activated on the social giant’s platform or that of its subsidiaries.

Topping the new announcements is FaceDate, a matchmaking endeavor on par with Tinder, where Facebook users who are not yet friends are introduced based on desire and matching data. Matched users will “meet” in a dedicated inbox where they will only know each other’s first names. As soon as FaceDate was announced on Wednesday, the stock for the current champion of internet dating sites, Match Group, plummeted 22%.

Other announcements by Zuckerberg included a “clear history” privacy feature that will allow users to delete all the data Facebook has collected on them. The CEO stated that while this will lessen the FB experience by taking away some of the smoothness of the system already knowing your preferences, it should give peace of mind to anyone worried about their data.

Cambridge Analytica shuts down

Political research firm Cambridge Analytica announced on Wednesday that it is ceasing all its US and UK operations. The firm’s meteoric rise to infamy for allegedly collecting the data of 87 million Facebook users without their permission has scared away their regular customers and poses a serious hindrance to any new business. The company stated in an official statement that “parallel bankruptcy proceedings will soon be commenced on behalf of Cambridge Analytica LLC and the certain of the Company’s U.S. affiliates in the United States Bankruptcy Court for the Southern District of New York.”

The company’s official statement goes on to express amazement and disappointment at the bad press and “sensationalistic reporting” that permanently — and unfairly — tarnished the research firm’s reputation, reaffirming its “unwavering confidence that its employees have acted ethically and lawfully.”

Despite the shutdown, some critics are wary that this is not the end of shady data collection and Cambridge Analytica, for the firm’s parent company SCL Group is thriving and has just announced a new venture called Emerdata, to which some Cambridge Analytica employees have already migrated.  

Cryptocurrency malware spreads using FB Messenger

A malware discovered back in August 2017 is seeing a resurgence, as it was detected just last month in a widespread spike of activity across multiple countries such as Spain, Germany, South Korea, and Japan.

The malware is packed into a malicious website link that is “shared” through social engineering on Facebook Messenger. The link claims it is a YouTube video, but when the user clicks on it, they are given an error message directing them to download a needed codec. Once they do, the malware termed FacexWorm infects their system and triggers a number of cryptocurrency theft and cryptomining operations.

So far, the damage done seems to be minor, but as always, users should be on guard and properly vet any link sent to them before clicking.

Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Learn more about products that protect your digital life at avast.com. And get all the latest news on today's cyberthreats and how to beat them at blog.avast.com.

--> -->