Attackers DDoS WannaCry Kill Switch (venturebeat.com) 73
An anonymous reader quotes VentureBeat:
As of late Friday, after many of the deadlines threatening data deletion had passed, few victims had paid ransoms. According to Elliptic Enterprises, only about $94,000 worth of ransoms had been paid via Bitcoin, which works out to less than one in a thousand of the 300,000 victims who were reportedly affected by WannaCry... While not as bad as feared, ransomware (not to mention cybersecurity threats in general) isn't going away. Wired reported that the domain registered by Hutchins has been under intense denial-of-service attacks delivered by an army of IoT devices marshalled, zombie-like, by Mirai.
Re: (Score:2)
Law of Large Numbers?
https://en.wikipedia.org/wiki/Law_of_large_numbers [wikipedia.org]
Re: (Score:2)
you honestly believe this isn't the original jerk behind the ddos?
Re: (Score:2)
Re: (Score:1)
The problem with democracy is voters are sports fans and they turn every election into a team sporting match.
Re: (Score:2)
Don't worry, AI will save us. I keep having flashbacks [imdb.com] to the late 70's show with Gil Gerard and Erin Gray listening to Theo explain diplomacy to ignorant masses .
Re: (Score:3, Insightful)
Between antifa's brown shirt tactics (literally, they wear actual brown shirts while parading around with weapons and threatening people) and people like yourself that can't stop obsessing over that idiot, I'm thinking Trump is the least of our problems.
Re: (Score:1)
Antifa's are a strawman being stood up being the alt-right as something to make them look like the victim. They aren't a serious movement.
Re: (Score:1)
Trump's a bitch but not a bigger bitch than his pathetic voters.
I know. It's like he's always crying right?
"Boo Woo. Poor me. Nobody's fair to me. This is a witch hunt." And on and on.
He never misses a moment to let us know how difficult life is for him. And he's got the look of someone who cries every night. Such weak talk. Poor little underdog.
Just look at his wife. You can just see that she is sick of hearing his whining at night and crying into pillows.
Wonderful (Score:2)
If I had the money to borrow Mirai, I can't imagine a more amusing thing to do than to poke holes in the WannaCry Dam. I tip my hat to whoever is behind this evil scheme.
Re: (Score:2)
That would probably be like borrowing from yourself. The people who have control of the Mirai network are probably the ones initiating the WannaCry. Find them and you could kill two birds with one stone.
Typical Rate (Score:5, Informative)
Less than one in a thousand is a typical 'success' rate for any scam. Given that this is a worm, the cost of propagating to those 300k devices was almost nil after it was done being coded. Considering the attack used publicly-released exploits, pretty much every other component could've been sitting in a drawer using 95% reused code chunks.
It's not like Silicon Valley contractors were paid to code this thing, some 3rd-world hacker (possibly unemployed) threw it together; the cost of creation is way under $94k, I suspect. The NSA probably paid 10x that to find the exploits, and who knows if they ever got to use them.
Re: (Score:1)
You're funny because you think Silicon Valley contractors aren't 3rd-world hackers.
I thought it just resolved the domain name? (Score:2, Informative)
I thought the "kill switch" just attempted to resolve the domain name which is why just registering the name was enough to activate it. If that's the case, what's the point of the DDoS other than just being a dick overall?
Re: I thought it just resolved the domain name? (Score:1)
Re: (Score:3)
No. It actually makes a full HTTP request, and requires a good response. I believe MalwareTech originally even said that the killswitch was fragile, and he tried to make it somewhat resilient, but it's not a cure. It holds off the payload, but is absolutely not an excuse to avoid patching, updating, and disinfecting your systems.
success (Score:5, Interesting)
$94k is not a bad payout. Sure they hoped for more, and the worm was very successful and could've yielded more. But publicity is the enemy of every good scam, so typically, they actually do not want their scam to make headlines.
Given all that, they still made the equivalent of a yearly salary on this thing, and without the inconvenience of paying taxes or having to show up in the office. Any indy mobile games developer would be happy with getting that return from a game.
Ransomware is here to stay. But maybe with the large number of victims this time, people will actually demand that software vendors start to provide something that is better than utter crap? That we have a very serious issue in software quality and we can't afford to bet our economy, social networks and basically all of civilisation on something that's made cheap and fast (you know the third that wasn't picked).
We need some basics done right in software, and that means re-engineering a big part of it. We need to understand trust levels, MLS or its variants. We need to get away from the user model we have, where users are treated as either complete idiots or all-knowing gods. We need to get our shit sorted out instead of pushing the next shoddy "disrupting product" out the door in search of a quick buck and a profitable IPO.
Maybe if something besides $$$ still had a value in this society...
Re: (Score:2)
We need some basics done right in software,
While I agree with your sentiment, let's not forget that these were stolen NSA exploits. Even if the security bar were raised substantially, the NSA will still be willing to throw billions in taxpayer dollars at finding exploits and creating complex implants. If those expensive top-shelf exploits are released into the wild by crackers who stole them, other malware authors will happily use them for random mundane stuff like ransomware. Just wait until ransomware starts flashing itself into device firmware so
Re: (Score:1)
While I agree with your sentiment, let's not forget that these were stolen NSA exploits.
Even the NSA can only find what's there. We can raise the software quality (i.e. lower the bug count) by at least two orders of magnitude, this has been demonstrated. It is more expensive, but not that much (not even one order of magnitude).
We just don't because making a quick buck before the shit hits the fan is still a viable business model.
Re: (Score:1)
$94k isn't a lot of money, considering the coder behind WannaCry made pretty much every mistake in the book. He hardcoded a killswitch URL without owning the URL. He coded in a single bitcoin wallet so there's no way to tell which victim paid off the ransom. I doubt the author of this crap also wrote the exploit code, which by reports is highly sophisticated. That means he almost certainly bought the exploit code. Add this to the cost of renting a Mirai botnet, the author's hemorrhaging money fast.
While I d
Re: (Score:2)
You dont have to buy what has been publicly released on the internet. Have you ever heard of piracy?
Re: (Score:3)
Given all that, they still made the equivalent of a yearly salary on this thing, and without the inconvenience of paying taxes or having to show up in the office.
Difference is that they're going to have to look over their shoulders and it is likely that they'll never be able to claim that Bitcoin because the intelligence services will be monitoring it. When you fuck with a nation's national health service disrupting the medical treatment of millions of people, some of it for things like cancer treatments, and that nation has GCHQ at its disposal and access to the US intelligence network you need to be seriously fucking careful you do a damned good job of covering yo
Re: (Score:1)
Seriously, they're going to lose a third of the money channeling it (slowly, in batches) through multiple bitcoin laundering services, then dump it (again, slowly and in differently sized batches) into a bank account in a country that doesn't share much data with the UK/US/etc. There are better ways for a good developer to make money than something like this, even in a poor country. This was most likely considered a disaster by whoever created it.
Re: (Score:2)
You sure the government cares so much? As long as they didn't hit the GCHQ itself, I'm not sure they'll got out of their way to find them.
Re: (Score:1)
They were too cocky. Wannacry? Just begs for clickbait. Everyone wanted to see if there was any carnage. Should have named it Sugarpops or FreeHealthCare, nobody would have looked then.
I guess... (Score:2)
Criminals gonna criminal.
Seriously, though, the makers of the ransomware are criminals. It's not entirely unrealistic to think they're also the type who would DDoS.
And the DDoS is probably less of a crime than the ransomware.
All of this assumes that the (in my opinion likely) possibility that the DDoS and ransomware are coming from the same person or people.
Automatic updates are a pain (Score:4, Insightful)
As the article points out, a big part of the reason is that people disable automatic updates. This should never be done, but I can understand. Automatic updates are rude. They change and break things. Windows updates got kinda nicer last few years (after you disable automatic reboot http://www.makeuseof.com/tag/d... [makeuseof.com] ), but all other software updates are still crap. Every time I run a third-party sofware update (Adobe, Flash, etc.), it breaks and resets things. No I don't want a new UI for Acrobat that makes the icons twice the size (nope, forced). No I don't want the load-at-boot reinstalled (nope. reinstalled. fire msconfig and regedit to get rid of it). No I don't want to reinstall the auto-update (ditto). No I don't want my print settings reset to default (nope, done). And crap like that, every time. This is a price for security that we should not have to pay.
Re: (Score:2)
Windows updates got kinda nicer last few years (after you disable automatic reboot http://www.makeuseof.com/tag/d [makeuseof.com]... ), but all other software updates are still crap.
Every time I run Windows updates, I then have to run a script to rip Telemetry out of my Windows. So, no. Windows updates are now malware. That's not better. You are suffering from Stockholm syndrome.
Re: Automatic updates are a pain (Score:2)
The problem is that software vendors have lost customer trust and they aren't even working on getting it back. Historically, updates, upgrades, and new features were separate things. When companies started to think "How do we monotize our current user base?" that things went to shit.
Now features, mostly unwanted, are being shoved down the update channel. All it really accomplishes over time is making the update channel the same as a forced upgrade/feature channel. Something that most people just don't wan
Re: (Score:2)
You are correct. And there is only one way to get them to change that. Instead of paying for the inferior software they provide.. Bootleg it. Fuck them, They can have their money when they act right. Until that day i will never give another penny to a software vendor.
Re: (Score:2)
I am talking about my own experience (Win 7) and I compare Windows updates to other vendor's updates. Okay I agree with you, now I remember, Windows update probably broke one thing in my computer and it can no longer hybernate correctly. That happened on travel and caused me a day of mess. I'd blame that on buggy Apple's drivers for macbook, though. (That's another compromise.)
The problem is, not letting it update is even worse. I did that for a while years ago, then had to reinstall the OS from scratch as
Re: (Score:2)
Thanks. Seriously, that's another compromise. I tried to switch to Linux twice, with several years in between. Both times it ended up in a UI and experience disaster, I lost work files and/or OS installation within days of starting it. I don't think I am sufficiently geeky, or non-dumbass as you say, to manage Linux on a personal computer. We run it on lab servers and there it's good but, in my experience, it's too much of a geekhole for the PC used by non-programmers.
Re: (Score:2)
Re: (Score:1)
Sure. It's a business. They invested the time to make a virus that works, why not try to make as much money off it as they can. I'm surprised they haven't re-launched it. New kill switch.
Re: (Score:2)
It has always been WannaCrypt, WannaCry for short.. see it now?
They DDoSed ... (Score:4, Insightful)
Kill Bitcoin, Kill Ransomware (Score:1)
Simple as that.
The world never (or almost never) had such a thing as Ransomware until untraceable, auto-laundering methods of payment like Bitcoin.
Even cash is traceable, because you have to send it somewhere!
Stop Bitcoin, and its ilk, and you will take the "Ransom" motive out of "Ransomware". Just. Like. That.
Before Bitcoin it was Ukash and Paysafe (Score:3)
Re: (Score:2)
That's bullshit! Reveton [wikipedia.org] back in 2012 used to demand Ukash or Paysafecard.
Ok, so that's one.
Name 3 others and I'll believe you. And they can't be variants of Reveton.