•   
  •   

Tech & Science hackers delete NAS devices from Lenovo and demand ransom

16:41  30 june  2020
16:41  30 june  2020 Source:   zdnet.de

Microsoft gives tips against ransomware

 Microsoft gives tips against ransomware © DEFAULT_CREDIT ransomeware-shutterstock-carlos-amarillo-800 Blackmailers are striking more than ever in the current crisis. Microsoft's security experts want some advice to help reduce the risk of ransomware. ransomware blackmailers gain access to third-party computers, encrypt data and only release it for ransom payments. This can even be life-threatening if critical systems fail in hospitals. This does not in any way prevent hackers from attacking hospitals.

Nefarious hackers are wiping files on publicly accessible storage devices and leaving just a Bitcoin BTC According to users on the BleepingComputer forums, files on their Lenovo Iomega NAS ( network attached One of the ransom notes outlines the attackers’ demand of 0.03 Bitcoin (0).

A hacker group going by the name of 'Cl0ud SecuritY' is breaking into old LenovoEMC (formerly Iomega) network - attached storage ( NAS ) devices , wiping files, and leaving ransom notes behind asking owners to pay between 0 and 5 to get their data back. Attacks have been happening for

Hacker (Bild: Shutterstock) © DEFAULT_CREDIT hackers (Image: Shutterstock) There is no evidence that the hackers copy the data before deletion. So a ransom payment is unlikely to bring back the lost data. There is also no evidence that the hackers have published stolen data on the Internet as threatened.

A hacker group that calls itself 'Cl0ud SecuritY' is currently breaking into old NAS devices from LenovoEMC (formerly Iomega) in order to delete all files stored on it . They then demand a ransom of between $ 200 and $ 275 from the victims so that they can get their files back.

Hacker (Bild: Shutterstock) © Provided by ZDNet Hacker (Image: Shutterstock) According to the BitcoinAbuse portal, on which users can also report attacks with ransomware and other cyber crimes, the wave of attacks has been going on for at least a month. The hackers apparently limit their activities to NAS devices from Lenovo / EMC, the surface of which is accessible via the Internet and not protected by a password. ZDNet USA used the Shodan device search engine to find around 1000 vulnerable network storage devices.

Hollywood celebrities' law firm used by Madonna and Robert De Niro hit by hackers

  Hollywood celebrities' law firm used by Madonna and Robert De Niro hit by hackers Email addresses, private correspondence and phone numbers said to be among the data stolenThe website of Grubman Shire Meiselas & Sacks is currently down and it is alleged up to 756 gigabytes of data from the firm’s files has been stolen.

Nefarious hackers are wiping files on publicly accessible storage devices and leaving just a Bitcoin ransom note behind. According to users on the According to users on the BleepingComputer forums, files on their Lenovo Iomega NAS ( network attached storage ) devices are allegedly being deleted

Specifically, hackers delete files of vulnerable Lenovo Iomega NAS devices . Researchers believe that hackers use the search engine Shodan to Security investigators identified different messages to different victims. Hackers demand different amounts of money, ranging between 0,01 and 0,05 Bitcoin.

A text file entitled “Recover Your Files” was already stored on many of these devices, which contains instructions on how affected persons can get their deleted data again. The ransom demands were signed by the Cl0ud SecuritY group. The email address “cloud@mail2pay.com” is also given as a contact option.

The latest attacks may be related to a campaign that targeted Lenovo / EMC NAS devices last year. Although the name Cl0ud SecuritY did not appear last year, certain similarities suggest that the same people are behind it.

According to security researcher Victor Gevers , the attacks are each due to a probably inexperienced hacker. Victims are always devices that are freely accessible to everyone via the Internet. He also never bothered to encrypt data.

hackers demand 42 million: Otherwise data about Trump, Madonna and Lady Gaga will be published

 hackers demand 42 million: Otherwise data about Trump, Madonna and Lady Gaga will be published After the cyber attack on a renowned entertainment law firm, extortionists are now doubling the ransom demand to $ 42 million. The reason: "dirty laundry" was found through US President Trump. © Provided by www.rollingstone.de Donald Trump After the cyber attack on a renowned entertainment law firm, blackmailers are now doubling the ransom demand to $ 42 million. The reason: "dirty laundry" was found through US President Trump.

Synology is back in the spotlight for NAS trouble -- this time its devices are being ransomed for Bitcoin. Now, the company is going to be back in the unwelcome spotlight for a new flaw — an exploit dubbed SynoLocker is locking NASes unless the owners pay a ransom fee to decrypt their files.

Password-guessing attacks against Synology NAS devices are delivering a ransomware payload. Taiwan-headquartered storage vendor Synology is warning users to strengthen the passwords to their network attached storage ( NAS ) after several devices — capable of storing terabytes of data

There is also no evidence that the hackers' claim that they made copies of all the data is true. The threat to publish all data on the Internet if the ransom is not paid within five days has apparently never been implemented. Based on the information available to him, the researcher classifies the ransom note as an empty threat to intimidate users and extort money for files that have already been deleted.

NAS devices from LenovoEMC or Iomega are rarely used today, as they were discontinued by Lenovo in 2018 and decommissioned by their users. However, there is still an support site from Lenovo that provides information on how these devices can be protected against external attacks.

network storage is always the target of hacker attacks. As a rule, attempts are made to encrypt the content with ransomware in order to give users a real incentive to pay a ransom.

WEBINAR webinar recording: To new heights with SkySQL, the ultimate MariaDB Cloud

In this webinar we will introduce SkySQL, explain the architecture and explain the differences to other systems such as Amazon RDS. In addition, you will get an insight into the product roadmap, a live demo and learn how to get SkySQL up and running in just a few minutes.

Register now and watch the webinar recording.

Dozens of American companies victims of a Russian attack .
© Pixabay / Illustration photo Dozens of American companies victims of a Russian attack At least 31 companies have been targeted by highly sophisticated ransomware, including eight companies among the most 500 most important of the country. This is a large-scale operation. Hackers based in Russia launched a new wave of attacks against American companies with ransomware, which encrypt data and make it only accessible in exchange for the payment of a ransom, have warned computer researchers.

—   Share news in the SOC. Networks
usr: 1
This is interesting!