Daily Archives: 2020-02-07

New Ransomware Targets Industrial Control Systems

Source: Schneier on Security

Article note: Your regularly scheduled reminder about not plugging critical systems into the Internet. As the footnote indicates, this is going to complicate the "Technology term or Pokémon" game, because now Ekans is both.

EKANS is a new ransomware that targets industrial control systems:

But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. That allows it to then encrypt the data that those control system programs interact with. While crude compared to other malware purpose-built for industrial sabotage, that targeting can nonetheless break the software used to monitor infrastructure, like an oil firm's pipelines or a factory's robots. That could have potentially dangerous consequences, like preventing staff from remotely monitoring or controlling the equipment's operation.

EKANS is actually the second ransomware to hit industrial control systems. According to Dragos, another ransomware strain known as Megacortex that first appeared last spring included all of the same industrial control system process-killing features, and may in fact be a predecessor to EKANS developed by the same hackers. But because Megacortex also terminated hundreds of other processes, its industrial-control-system targeted features went largely overlooked.

Speculation is that this is criminal in origin, and not the work of a government.

It's also the first malware that is named after a Pokémon character.

Posted in News | Leave a comment

AirPods Are a Tragedy

Source: Sarah Vessels' Tumblr

Article note: Speaking of Bluetooth headphones being a shitshow...
AirPods Are a Tragedy:

“Future Relics is a column about the objects that our society is currently making, and how they may explain our lives to future generations.” via Pocket

Posted in News | Leave a comment

Critical Bluetooth Vulnerability in Android

Source: Hacker News

Article note: Lovely, a use-after-free vuln that can be used to pwn Android devices via Bluetooth. So, along with the ambient tracking, additional battery drain, additional non-servicible battery to keep charged until it wears out, and general shittyness of Bluetooth audio, another reason why the removal of headphone jacks from devices for the "wireless future" is dumb. I've got a couple pairs of Bluetooth headphones that I'll use around the house or office, so I can pace while connected to a computer or [appliance Blutetooth tx dongle replacing a pre-bluetooth rf model on my] TV, but that's about the only use-case I've found where wired isn't better in every way. Also, as usual, the way the fondleslab software ecosystem has coalesced is super dumb so droves of devices are now permanently vulnerable. This shit should have been standardized over a HAL/discovery mechanism/bootloader as soon as they started being user-exposed general purpose computers, even the abortion that is the PC ACPI and UEFI stack is better than ARM SoC's interfaces.
Posted in News | Leave a comment