Security News

Ransomware attackers wish victims happy holidays, offer discounts

Avast Security News Team, 3 January 2020

Plus more news bytes from the week, including California's new privacy law and some new sextortion scam tactics

In a new case of social engineering, certain ransomware attackers sent their victims holiday notes wishing them a merry Christmas and offering a limited-time discount on their ransom demands. The Maze ransomware group, which claimed responsibility for the December attack against the City of Pensacola, told Bleeping Computer that they were slashing their million-dollar demand from the Florida city to $500,000, as part of a “New Year celebration.” They also stated that they offered a 25% discount to their other ransomware victims for payments received between Christmas and New Year’s Eve. Another group – those behind the Sodinokibi ransomware attacks – sent its victims holiday messages that did not offer a discount, but did encourage quick payments in the spirit of the new year, writing, “Merry Christmas and Happy Holidays everyone! You have a great opportunity to enter the new year, leaving all the bad in the outgoing year. I advise you to write to us as soon as possible and not waste your precious time that you can spend with your family.” The note goes on to urge the victims to negotiate and pay their ransoms as soon as possible. 

Did some security research run amok in 2019?

When a security researcher found an exposed Boeing server online, his analysis of the Boeing firmware was that a savvy hacker could gain access to the avionics networks of Boeing’s planes. Boeing has responded by refuting the statement. Another researcher, working on his PhD, discovered a way to remotely hack into volume controls on various devices and make them emit high-intensity sounds that could damage speakers and human ears. Read more on Dark Reading

This week’s quote 

“This cloak-and-dagger world of mostly military and government agencies working in complete secrecy is not the world we live in today… Nowadays we even have smart devices that can communicate with each other. This new digital landscape brings risks as well as opportunities.” – Elizabeth Bruton, curator of technology and engineering at the Science Museum. Read about her curation of TOP SECRET: From Cyphers To Cybersecurity

Cyberattack impacts US Coast Guard

The U.S. Coast Guard issued a bulletin in December that a ransomware attack had crippled one of their regulated facilities, causing its primary operations to be suspended for over 30 hours. The bulletin reported that when an employee clicked on a phishing email, ransomware burrowed into the facility’s system, disrupting the entire IT network which stretched beyond the footprint of the facility alone. It also compromised camera access systems, physical access systems, and critical process control monitoring systems. 

This week’s stat

According to state estimates, California’s new privacy law will protect over $12 billion worth of personal information used for advertising in California each year.

California’s version of the GDPR now in effect

The California Consumer Privacy Act (CCPA) took effect on the first day of 2020, allowing residents to better control the personal data that social media sites, banks, credit agencies, and other organizations collect on them. TechCrunch reported that many companies – particularly those that voted against the law – are not ready for its new rules and regulations. As a result, the information clauses that allow consumers to opt out of data collection have been buried in each company’s privacy policies, making it difficult for users to find them. To help address the issue, one researcher is assembling a detailed list called the California Privacy Directory, which explains how to opt out of each company’s data collection.

Microsoft sues hacking group linked to North Korea

Thallium, a hacking group with ties to North Korea, is being sued by Microsoft under the complaint that the group impersonates Microsoft in phishing campaigns aiming to net usernames and passwords. The complaint alleges that Thallium has been targeting users associated with nuclear proliferation including government employees, human rights activists, university staff members, and more. The phishing emails are designed to look like official Microsoft messages, falsely alerting victims that there is a problem with their account, and urging them to enter usernames and passwords to “fix” the issue. Read more on Bloomberg Law

Sextortion scammers use new tricks 

As a way to get around spam filters, sextortion scammers have begun using a couple of new tricks that evade detection. Sextortion has become a widespread cyber ruse where attackers fraudulently claim that they have video of the victim watching adult videos online. The attackers threaten to share the video with all the victim’s contacts unless the victim pays an extortion demand. Many spam filters have learned to recognize and block these emails, so attackers have started splitting their bitcoin addresses in half and sending the emails in foreign languages, imploring the user in English to “Use Google Translate.” These tactics obfuscate the emails’ intent, keeping common spam filters from catching them. Read more on Bleeping Computer

laser

This week’s ‘must-read’ on The Avast Blog

University of Michigan researchers demonstrated how to hack smart speakers via laser. They also climbed 140 feet to the top of a bell tower at the University of Michigan and successfully controlled a Google Home device on the fourth floor of an office building 230 feet away. Read more of the weirdest cybersecurity news of 2019. 


Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN. Get advertisers off your back and disguise your online identity for greater privacy with Avast AntiTrack.