Cloud Security News: Week in Review is our blog series, grabbing the more interesting cloud security scoops from the web. Sit back, relax, and catch up on all you should know about this week.
Did you hear about the massive cyberattack on NHS Trust hospitals back in October? It was initially thought to be a computer virus that affected the hospital systems. But after further investigation, a new discovery has come to light. In other cyberattack news, the malware called “Floki Bot” is out wreaking havoc, targeting point-of-sale systems belonging to banks and insurance firms. Interestingly enough, Floki Bot is actually an evolved version of the notorious banking Trojan, Zeus. Last but not least, a new platform has been discovered that takes hacking to a whole new level involving gamifying DDoS attacks. Though it may not be all that it seems for players. Read below for more details.
By Danny Palmer (@dannyjpalmer)
Some of you might recall the cyberattack on Northern Lincolnshire and Goole NHS Foundation Trust that occurred back in October. Remember, the “computer virus” that forced NHS Trust to halt operations in 3 hospitals and cancel 2,800 patient appointments? Well, it turns out that the attack was in fact a Globe2 ransomware infection. Fortunately for NHS Trust (and unfortunately for the hacker), no ransom was paid to get the systems back up and running on November 2nd.
Threatpost: Zeus Variant ‘Floki Bot’ Targets PoS Data
By Tom Spring (@zpring)
Unfortunately for banks and insurance companies across the U.S., Canada, and Brazil, there has been a recent escalation of cyberattacks being executed using the Floki Bot banking malware. Floki Bot is in fact a cousin of the infamous Zeus banking Trojan, as it was created using code from Zeus. Despite similarities, it differs in that it targets point-of-sale systems through spear phishing attacks and the RIG exploit kit. “Floki Bot is currently being actively bought and sold on several darknet markets,” according to the Cisco Talos report released on Wednesday, which details the steps of the infection process and the analysis behind the research.
By Waqas Amir (@Writerblues)
Here’s a new spin on how DDoS attacks are carried out. Introducing “Surface Defense,” a gaming platform that was created by Turkish hackers that gets players (most are fellow hackers) to execute DDoS attacks on political websites. Points are awarded to players based on the amount of time they spend attacking websites, and can be redeemed for the hacking tool, called Sledgehammer. The winners can then customize the tool and sell it to other hackers. Though it may seem like it’s just a game to those playing, it may have an unforeseen ulterior motive, making the attacker become the attacked.