Ransomware available for free on dark web

Researchers discovered a new Ransomware as a service threat available in the dark web with free of cost without any registration.
Instead of distributing the malware and infect the computer, malware authors are earning money by selling their malware via ransomware as a service cybercrime business.
In this case usually, ransomware developer host their services in dark web and anyone can buy it and they can change their own modification such as ransom amount, ransom notes.
Apart from this, some sophisticated ransomware having some advanced functions such evasion techniques to avoid detection and analysis also users will be provided a control panel to control each and every infected victim.
Buyers just need to set up their vault address and they need to customize it then later they will spread the malware.
So once infect victims paid the ransom amount then the percentage of the amount will deliver both buyer and the malware author who create this ransomware.

US charges Russians for interfering in 2016 Elections, Identity theft in the centre

On Friday, Special Counsel Robert Mueller charged against 13 Russian nationals and three Russian groups for interfering with the 2016 U.S. elections.

The charges included creation of false U.S. identities as well as identity theft of six U.S. residents. The charges of identity theft were brought against four Russian nationals.

According to the indictment, the Russian nationals used stolen Social Security numbers, home addresses, and birth dates of the six persons to open bank and PayPal accounts and obtain fake government documents between June 2016 and May 2017.

“This indictment serves as a reminder that people are not always who they appear to be on the Internet,” Deputy Attorney General Rod J. Rosenstein said at a press briefing announcing the indictments.

The Russians allegedly used the stolen identities to open four accounts at an undisclosed U.S. bank and purchased more than a dozen bank account numbers from online sellers.

The stolen information was also allegedly used to evade PayPal security measures.

“We work closely with law enforcement, and did so in this matter, to identify, investigate and stop improper or potentially illegal activity,” PayPal said in a statement.

The Russians are claimed to have used the accounts to pay for the promotion of politically inflammatory social media posts, IRA expenses, political rallies and political props including banners, buttons and flags, in efforts to boost President Trump’s campaign, and are alleged to have been paid $25 to $50 per post from U.S. persons to promote content on IRA-controlled Facebook and Twitter accounts.

Credentials of more than 50k snapchat users in public domain

In late July, Snapchat’s director of engineering emailed the company’s team in response to an unfolding privacy threat. A government official from Dorset in the United Kingdom had provided Snapchat with information about a recent attack on the company’s users: a publicly available list, embedded in a phishing website named klkviral.org, that listed 55,851 Snapchat accounts, along with their usernames and passwords.
The attack appeared to be connected to a previous incident that the company believed to have been coordinated from the Dominican Republic. Not all of the account credentials were valid, and Snapchat had reset the majority of the accounts following the initial attack. But for some period of time, thousands of Snapchat account credentials were available on a public website.
According to a person familiar with the matter, the attack relied on a link sent to users through a compromised account that, when clicked, opened a website designed to mimic the Snapchat login screen. Many companies, including Facebook, scan links as they are sent in an effort to identify pages that mimic their login screens and block them accordingly.
“We are very sorry when anyone is tricked by phishing,” a Snap spokesman told The Verge. “While we can’t prevent people from sharing their Snapchat credentials with third parties, we do have advanced defenses to detect and prevent suspicious activity. We encourage Snapchatters to always use strong passwords, enable login Verification, and never use third-party apps or plugins.”

Uproar over a viral video in Russia


The heat and dust over corruption charges in Russia are no longer available in Instagram much to the major disappointment of an opposition party leader in the country.
Alexei Navalny, the prominent opposition party leader said under mounting pressure from the ruling side, the internet regulator has blocked the access to the striking evidence to substantiate the allegations.     
The crux of the stinging controversy is a 25 minute YouTube video showing Oleg Deripaska to have met deputy prime minister Sergei Prikhodko on a yacht triggering huge acrimony in many pockets of Russia giving sleepless nights to a section of the rulers forcing them to resort to such step.
Uploaded by Navalny's Anti-corruption Foundation, the upload struck the response of millions of visitors who got ready to take on the rulers even the YouTube has nothing to react.
The ruling side resorted to ISPs to block the access to the startling revelations since the local internet service providers were believed to have been unable to do it.    
The ruling giant in question has flatly denied the allegations and called it a fabricate and a figment of imagination.
According to Navalny, he was disallowed to take on Putin in the upcoming presidential polls acting on a politically motivated allegations of corruption. Now he has accused Instagram of resorting to an "illegal censorship request"
What has further aggravated the scene is the surface of female model, who herself was believed to have erased some of her materials connecting to corrupt practice.  
Without details, Facebook sources have already confirmed that if government observes something is violated on the internet, they are free to contact seeking restriction in the relevant territory in the name of transparency.
The internet regulator is understood to have been waiting for YouTube to take action against the video which was running into a hail of acrimonious controversy.


Zero Day Telegram Vulnerability Exploited by Hackers for Cryptomining

Kaspersky Lab has revealed that in October 2017, they had discovered a flaw in Telegram Messenger’s Windows desktop client that was being exploited “in the wild”. According to Kaspersky, the flaw has allegedly been by Russian cybercriminals in a cryptomining campaign.

The Telegram vulnerability involves the use of an RLO (right-to-left override) attack when the user sends a file through the messenger.

RLO Unicode method is primarily used for coding languages that are written right-to-left, such as Hebrew or Arabic, but hackers can use it to trick users into downloading malicious files. When an app is vulnerable to attack, it will display a filename incompletely or in reverse.

Kaspersky has said that it seems that only Russian cybercriminals were aware of this flaw and were exploiting it — not to spread ransomware but cryptomining malware.

The attacks enabled cybercriminals to not just spread the cryptomining malware but also to install a backdoor to remotely control victims’ computers.

“We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability. What we do know is that its exploitation in Windows clients began in March 2017,” read the report Kaspersky published on the flaw.

In the report, Alexey Firsh, cyberthreat researcher at Kaspersky, has outlined several scenarios that show cases of how the vulnerability was actually exploited.

He also wrote that Telegram was informed of this flaw and it no longer occurs in their products.