Connect with us

Software

Petya Ransomware Devastates Ukraine and Infects Institutions Worldwide

blank

Published

on

NotPetya, GoldenEye, ransomware, cyberattack

On June 27, authorities worldwide confirmed that a ransomware, named Petya (aka, NotPetya or GoldenEye), infected a massive number of organizations and institutions across the world, over two thousand at last count. The attackers are demanding $300 (US) in Bitcoin for each infected machine to regain access to the encrypted files. Multiple sources, including the National Cyber Security Centre (UK), the Reporting and Analysis Centre (Switzerland), and the Federal Office for Information Security (Germany), confirmed that the virus is exploiting the Server Message Block vulnerability. This is the same vulnerability the WannaCry virus exploited last month.

The earliest confirmed reports came from Ukraine where the ransomware has disrupted the entire country’s infrastructure. The deputy Prime Minister, Rozenko Pavlo, confirmed infection of all government computers. The national power company and Ukraine’s national bank confirmed an attack that included disabling ATMs. Ukraine’s primary airport, Boryspil International, experienced computers and flight boards going down which interfered with all inbound and outbound flights. The cyber attack crippled the monitoring system for the Chernobyl exclusion zone. Authorities there are manually monitoring the radiation until they can bring the system back online.

Continued Russian Aggression Against Ukraine?

Some in the Ukrainian government are blaming Russia for the attack. They say that the cyber attack on the country is not a coincidence because June 28 is Ukraine’s Constitution Day. Furthermore, hours before the virus infected systems, a car-bomb assassinated a high-ranking Ukrainian intelligence officer, Colonel Maksim Shapoval. Taken in context of continued Russian aggression against the Ukraine, it is hard not to make this connection.

However, Russia denies orchestrating the ransomware attack. There is the fact that the Russian oil firm Rosneft confirmed that its servers were attacked. Other major targets include the Danish conglomerate Maersk, the largest container shipping company in the world, and the US pharmaceutical company Merck. Companies in Denmark and Spain have also confirmed attacks by the same virus.

Exploits and Patches

Early analysis shows that Petya is employing the NSA exploits EternalBlue and EternalRomance, as well as EsteemAudit. Microsoft has released patches for these exploits since March, so it is not known if these were insufficient to block the infection or if the affected institutions did not install the patches.

We will learn more over the next few days about the global extent of the attack, though it may be a month or two before we truly understand the economic and social costs.

Archaeology, technology, science, movies and TV shows, video games, government and politics, reading sci-fi and fantasy, '60s/70s classic rock. These are the areas in which I spend my days (somewhere in there are food and travel...).

Apps

Mobile apps from Threads make profile switching easy

blank

Published

on

blank

Twitter rival, Threads, owned by Meta, now allows account switching without logging out.

This Thursday, the social networking app announced that users can swap accounts on its mobile apps by long pressing the bottom right profile icon. Tap “Add profile” after the long press to add a profile.

Users can easily switch between work and personal profiles. Instagram CEO Adam Mosseri did not say if the profile-switching feature allowed you to add a limit of accounts.

 

Threads profile switching

On the same day as Facebook allowed multiple personal profiles on Blue, the text-based social networking app announced its profile feature.

Threads keeps adding features three months after its launch. It began testing full-text search in New Zealand and Australia late last month. The company launched global search this month.

Threads added 24-hour post notifications and web quote functionality in September.

Threads’ competitors ship features in a competitive social media landscape. Mastodon released version 4.2 this week with improved profile and post search, automatic quick action suggestions in the search box, a new web interface with thread indicators and article previews, and a Privacy and Reach settings tab.

Continue Reading

Apps

Elon Musk said X will collect ‘a tiny monthly payment’ for its service

blank

Published

on

X owner Elon Musk suggested today that Twitter may no longer be free. Musk said the business was “moving to a small monthly payment” for the X system in a live-streamed meeting with Netanyahu on Monday. He suggested such a tweak to address platform bots.

Musk said, “It’s the only way I can think of to combat vast armies of bots.” According to him, bots have a high effective cost due to their low cost (a tenth of a penny), even though they require a few dollars. Each bot creator needed a new payment method to make another bot.

Musk said the new subscription price would be a “small amount of money.”

Musk also announced that X now has 550 million monthly users and 100 to 200 million daily postings. Musk’s stats may include automated accounts, either good bots like news feeds or malicious bots like spammers.

This figure couldn’t be compared to Twitter’s pre-Musk user base, which was computed using mDAU, Twitter’s own metric. This earlier statistic identified Twitter users who may be monetized by adverts. Twitter reported 229 million mDAUs in Q1 2022.

Musk did not specify when he would charge for X. Since Musk took over the network last year, it has been pushing users to subscribe to X Premium (formerly Twitter Blue). This $8 per month or $84 per year subscription service lets you modify posts, reduce the ad load, prioritize search and conversation rankings, make lengthier posts, and more.

X doesn’t divulge its paying subscribers, but independent research shows X Premium doesn’t attract most customers. X Premium has 827,615 subscribers, according to one estimate.

Musk has considered charging everyone for X. In fact, Platformer claimed last year that Musk was considering a Twitter paywall.

Though hate speech on X came up, Musk and Netanyahu discussed AI technologies and regulation today. Musk called himself “against antisemitism” and “anything that promotes hate and conflict.” Musk threatened to sue the Anti-Defamation League, which has accused Musk and X of antisemitism, in his latest fight.

Continue Reading

Apps

X launches government ID account verification

blank

Published

on

blank

For paid users, X, formerly Twitter, has implemented government ID-based account verification to prevent impersonation and provide “prioritized support.”

Social media partner Au10tix provides identity verification solutions from Israel. The ID verification pop-up says the Au10tix can store this data for 30 days.

blank

X’s verification support page says ID verification is available in “numerous countries,” but not in the EU, EEA, or UK. The region’s strict data protection laws likely explain this.

ID-based verification seems unnecessary and rarely beneficial. The company may age-gate content based on ID age.

“X currently focuses on account authentication to prevent impersonation and may explore additional measures, such as ensuring users have access to age-appropriate content and protecting against spam and malicious accounts, to maintain platform integrity and healthy conversations,” it said.

Users who pass the verification badge will receive a government ID verification note. Only clicking the blue checkmark on the profile page shows it. The company said ID-verified users will get “prioritized support from X Services,” but this is unclear.

The company allowed paid users to hide checkmarks from their profiles last month.

X plans to speed up checkmark reviews if users verify their IDs. Plus, they can frequently change their names, usernames, and profile photos without losing the checkmark.

Only paid users can use ID-based verification. Ironically, X promotes impersonation and spam reduction but doesn’t offer verification tools to all users.

Twitter discontinued legacy verification and removed account checkmarks in April. However, the company reinstated the top account checkmark after much chaos.

The social network added biometric data, education, and job history to its privacy policy last month.

“This will additionally help us tie, for those that choose, an account to a real person by processing their government-issued ID,” X told Bloomberg. “This will also help X fight impersonation attempts and secure the platform.”

Continue Reading

Trending