Month: December 2015

A new wave of crypto ransomware is hitting Windows users courtesy of poorly secured websites. Those sites are infected with Angler, the off-the-shelf, hack-by-numbers exploit kit that saves professional criminals the hassle of developing their own attack.

The latest round is especially nasty because before encryption, the drive-by attacks first use malware known as Pony to harvest any login credentials stored on the infected computer, according to a blog post published by a firm called Heimdal Security. The post explains:

The campaign is carried out by installing a cocktail of malware on the compromised PC. The first payload consists of the notorious data thief Pony, which systematically harvests all usable usernames and passwords from the infected system and sends them to a series of Control & Command servers controlled by the attackers.

The purpose of this action is to abuse legitimate access credentials to web servers and CMS systems used by websites and to inject the malicious script in these websites so that the campaign achieves the largest possible distribution.

In the second phase, the drive-by campaigns unfolds via the victim being moved from the legitimate website, which has been compromised, to a heap of dedicated domains which drop the infamous Angler exploit kit.

The Angler exploit kit will then scan for vulnerabilities in popular third-party software and in insecure Microsoft Windows processes, if the system hasn’t been updated. Once the security holes are identified, Angler will exploit them and force-feed CryptoWall 4.0 into the victim’s system.

To consider just how insidious attacks like these are, consider this: earlier this week, Ars reported that the Reader's Digest website was actively infected by Angler. A reader promptly replied that someone in his organization had visited the site in early November—four weeks before the article was published—and was infected by CryptoWall after reading an article. The target's only mistake, it seems, was failing to update one of several apps.

Attorney General Loretta Lynch, China's State Councilor and Minister of Public Security Guo Shengkun, and US Secretary of Homeland Security Jeh Johnson pose for a photo at the first US-China cyber coordination meeting in Washington on December 1. (credit: news.cn)

Update 12/3/15 2:15 ET: China has apparently made arrests in the case. The Washington Post reports that a group of hackers arrested by the Chinese government in September were in fact the people behind the OPM breach. The hackers were targeted based on intelligence provided by the US, and China had previously reported that Americans believed these hackers, whose identity has not been revealed, were involved in state-sponsored industrial espionage. It's not clear if the group was connected in some way to the Chinese military or had other government connections, but the arrests were made as part of the deal struck between the US and China in September. This led to President Obama dropping the threat of economic sanctions against China. (Our original story on the situation appears below.)

An official Chinese report claims that US and Chinese representatives "yielded positive outcomes" at the first meeting of a bilateral cyber security coordination group. The group was set up under the provisions of an agreement signed off on by President Barack Obama and Chinese President Xi Jinping in September. At the meeting in Washington, China acknowledged that the long-running penetration and theft of data from the systems of the Office of Personnel Management did originate from within China—but not from a state-sponsored attacker. "Through investigation, the case turned out to be a criminal case rather than a state-sponsored cyber attack as the US side has previously suspected," the report from China's Xinhaunet on the meeting claimed.

As part of the September agreement, China has pledged not to conduct economic espionage against the US. Last month, China joined the Group of 20 nations (the 20 most wealthy nations in the world) during the Ankara summit in pledging not to conduct any economic cyber-espionage against each other. Prior to these agreements, the Chinese leadership (and most of the other nations in the world) had not made any distinctions between economic espionage and spying on other governments.

Enlarge (credit: Ron Amadeo)

Not content with being the world's biggest video platform, YouTube now wants to be Netflix. A report from the Wall Street Journal says that YouTube is looking to bolster its new premium service, YouTube Red, with TV shows and movies.

YouTube Red launched a few weeks ago and offers ad-free YouTube, offline playback, and background music video playback for $9.99 per month. YouTube is developing exclusive original series for the service with some of its homegrown stars like "PewDiePie," but now it apparently wants to add professional TV shows and movies to the mix, putting it in competition with Netflix.

Of course, all of this hinges on actually securing deals with content studios, which have historically been wary of Google's online dominance. But spending lots and lots of cash may help get deals done. According to the report, Netflix is expected to spend $3.3 billion this year, and Hulu and Amazon are spending $1.5 billion.

(credit: Lunar Mission One)

Is there a business case that would support a private, unmanned mission to the moon? The people at Lunar Mission One certainly think so. If they're right, an unmanned lander will touch down on a crater rim near the Moon's south pole in 2024. Part of the lander will be devoted to scientific exploration, drilling through the regolith into the underlying rock and then analyzing the cores.

Once the borehole is drilled, the lander will fill it with what Lunar Mission One calls "the ultimate time capsule." This will actually be a pair of archives—one public, containing a digital record of life on Earth, and a second private archive. The latter, with up to 10 million individual "digital memory boxes," is what's going to pay for the mission. We recently spoke with David Iron, the founder of Lunar Mission One, to find out a bit more.

Iron has a lengthy background in the space industry, and he came up with the idea of crowdfunding a moon landing after the UK government asked him to put together the case for funding space exploration. Iron said he was thinking about how to persuade people to pay to put their stuff on the moon. "Information is OK, but you'll only get a few tens of dollars from each person, which isn't enough," he told Ars. "It wasn't until I realized that we can also store hair, because it's incredibly small and light, that people would pay hundreds of dollars for that, and I realized we had a business case."

Better fix those technical problems before you land...

An inordinate amount of our recent Just Cause 3 review had to focus on the significant technical problems in the PC build of the game rather than the physics-based mayhem the title is designed for. We weren't alone in noting that these technical problems get in the way of what should be an effortlessly enjoyable experience.

The developers at Avalanche Studios and publisher Square Enix have heard those concerns loud and clear, but they say they'll "need a little bit of time" to roll out a patch that fixes the problems. As the developers write in a recent post on the game's Steam info page:

We know that some of you are encountering some technical issues—we’re looking into them all and we’re fully committed to providing you the best possible experience.

We know you’re going to want specific information on when a patch will land and what will be fixed—we would love to give you that information, and we will as soon as we have it. But right now, a little over one day since we launched, we have huge numbers of players in our enormous game world and we’re monitoring all the data coming in.

We need a little bit of time to recreate some of these issues and build fixes. Rest assured though—we are fully committed to making Just Cause 3 as awesome as possible. We already know loads of people are having a blast with the game but we’ll do all we can to make sure everyone is laughing and smiling as they play.

We could point out that it would be nice if the developers had been able to recreate and fix these widespread problems before the game was actually released. But that's not the gaming world we live in anymore; like it or not, "launch now, fix later" is becoming the de facto standard for many of the biggest games from big publishers.