Security News This Week: Ransomware Groups Promise Not to Hit Hospitals Amid Pandemic

The news at large this week has understandably focused on the new coronavirus that continues to spread throughout the world. It's slowly seeping into the world of cybersecurity as well, as hackers and scammers take advantage of confusion, anxiety, and lax work from home set-ups to stir up trouble.

The need for information has spurred partnerships between encrypted messaging app WhatsApp and several governments; on Friday, the World Health Organization announced that it, too, would use the ubiquitous Facebook subsidiary to provide reliable, up-to-date information. The White House, meanwhile, has discussed using phone data to help track the spread of the novel coronavirus, but it's not clear how much good that would actually do.

For those who need a little good news this week—probably everyone?—Microsoft along with dozens of international partners recently dismantled the infamous Necurs botnet. And HBO managed to make a documentary about election security that actually makes you care about election security.

Lastly, an organization called Shadowserver has helped keep the internet safe for the last 15 years. Unless it can raise a significant amount of money, fast, all the malicious traffic it has diverted and contained threatens to spill back into the internet.

But wait, there's more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.

Well, this is… nice? It's definitely something. BleepingComputer reached out to the operators of multiple strains of ransomware, asking if they had plans to stop hitting hospitals during the coronavirus pandemic. Two of them actually wrote back to say yes, absolutely, they'll take it easy on the health care industry (except pharmaceutical companies) until the Covid-19 situation improves. Please take this with gigantic boulders of salt, especially given that ransomware attackers historically love to go after hospitals. And even if the proprietors of DoppelPaymer and Maze—the two who responded to BleepingComputer–do keep to their word, lots of prolific ransomware remains in play. In fact, hackers hit a Czech hospital earlier this week.

GrayKey is a forensics tool used by law enforcement to access locked and encrypted iPhones. New documents unearthed by Motherboard this week show that the cost of licensing the online version of the tool has increased to $18,000 per year. Another forensics company, Cellebrite, announced last year that it could break into basically every iOS device. Just good to remember the next time the FBI says it has no choice but ask Apple to unlock an iPhone for them.

Around months ago, Magecart hackers placed malicious code on the NutriBullet website, letting them glean credit card info from online transactions. This part is pretty standard, Magecart affects thousands of domains big and small. But what's slightly different with this case is that every time the Magecart code got removed, the hackers would simply add it back, over and over, thanks to a deeper flaw in NutriBullet's infrastructure. The back and forth has gone on so long that security company RiskIQ went ahead and called NutriBullet out for not doing enough to solve the problem, in an attempt to save people from getting ripped off when they bought their fancy blender.

After some initial confusion about whether it had been hacked and if so how, it appears that the Department of Health and Human services experienced nothing more than a failed distributed denial of service attack at the beginning of the week. Nothing to see here, really; it's mostly worth noting for the reminder that everyone's understandably pretty on edge, even when it comes to some relatively routine scanning activity.

WIRED is providing unlimited free access to stories about the coronavirus pandemic. Sign up for our Coronavirus Update to get the latest in your inbox.

More From WIRED on Covid-19

Read more: https://www.wired.com/story/ransomware-magecart-coronavirus-security-news/

Related posts