The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
WannaCry Shuts Down Honda Production Plant
Over the last few days, Honda officials have discovered a recurrence of WannaCry across multiple machines around the globe. This reinfection was enough to force the temporary closure of their Sayama plant in Japan. While Honda did implement several patches to ward off the initial attack in May, their efforts may not have been thorough enough, leading to their current predicament. Fortunately, the plant was able to reopen a day later, after the systems had been fully updated and cleaned.
Web Host Pays Out $1 Million Ransom
A South Korea-based web hosting service was recently hit with a Linux variant of Erebus ransomware, which affected over 150 unique servers for thousands of different business clients. While Linux systems haven’t traditionally been desirable targets for ransomware, attacks like this one are steadily increasing as more Linux exploits are discovered. Faced with the prospect of overwhelming fallout, the owner of the hosting company chose to pay the ransom, after negotiating with the attackers for a smaller sum.
NSA Malware Installing Cryptocurrency Miners
As further effects of the NSA leak continue to surface, one NSA hacking tool in particular is being used again as a backdoor to allow remote file execution on infected machines and install a cryptocurrency miner. In addition to using DOUBLEPULSAR—a backdoor that was also used in WannaCry attacks in May—to infect the machine, the Trojan also does a check for CPU usage to determine if the computer is suitable for mining Monero, a newer cryptocurrency that has been gaining market strength.
Mac® Computers Becoming Focal Point for Attackers
As more high-level employees use Macs for their daily operations, cybercriminals have more reasons to focus on Apple products when looking for valuable data to steal. By using service-based malware campaigns, criminals can now target entire networks of systems, rather than individual computers, giving them greater reward for less effort. Fortunately for Mac users, the same security rules for PC still apply: run the latest security updates, always back up your important files, and use some form of third-party security software to cover the remaining attack vectors.
WannaCry Found on Australian Traffic Cameras
In the past week, officials have discovered at least 55 traffic cameras in Victoria, Australia were compromised with WannaCry ransomware after being connected to an infected USB drive. While the cameras have continued to function normally, traffic officials are still monitoring the system to ensure no incorrect traffic citations are issued due to the camera tampering.