F-Secure reports that Locky ransomware is seeing a resurgence. Phishme publishes more details on the Rockloader-delivered “Bart” crypto ransomware (it’s especially active in Germany, the UK, and the US). The cross-platform, Java-based Adwind remote-access Trojan continues to spread rapidly. Zscaler reports that the Sundown exploit kit is pushing RIG and Neutrino for black marketshare left by the effective disappearance of Angler and Nuclear. (Sundown is run by the self-styled “Yugoslavian Business Network.”)
The OurMine hackers, known for their skiddish compromises of prominent tech executives with weak social media passwords, claim they’ve taken down HSBC servers in the US and UK. The bank recovered rapidly; it’s unclear whether any customer service was disrupted.
Pokémon Go, its privacy concerns partly addressed (if you’ve updated, and done everything else right) continues its long march through the Internet. TechCrunch reports that the game already has more “active daily users” than Pandora, Netflix, Google Hangouts, and Spotify and that it’s installed on more devices than such popular apps as Candy Crush, Viber, LinkedIn, Clash of Clans, and Tinder. This is of security interest not only because of privacy issues, but due to the number of malicious apps trying to ride Pokémon Go’s coattails.
Chinese hackers appear, according to a Congressional inquiry, to have successfully hacked the US Federal Deposit Insurance Corporation. A House committee staff report also charges that the FDIC tried to cover up the incident.
Two US Federal court decisions suggest an expansive understanding of what counts as cyber crime (and cyber liability).