In early May, Tumblr announced that an unknown third-party obtained access to email addresses and passwords for an undisclosed amount of their users back in 2013, before they were acquired by Yahoo. According to Troy Hunt, owner of the “Have I Been Pwned” website, over 65 million credentials were leaked online from this 2013 breach, and are now for sale online. A hacker going by the name of “peace_of_mind” is selling the Tumblr data for 0.4255 Bitcoin ($225) on a Darknet marketplace.
Tumblr’s blog reads, "As soon as we became aware of this, our security team thoroughly investigated the matter. Our analysis gives us no reason to believe that this information was used to access Tumblr accounts.” Also, Tumblr hashed and salted (adding random digits to the end of hashed passwords) all of the passwords, making them much harder for hackers to crack.
Microsoft issued an alert on May 26 warning of a new ransomware, dubbed ZCryptor, which is able to not only encrypt your files, but also reproduce itself and spread to other systems through removable devices. This ransomware is one of the few that is capable of spreading on its own by dropping a copy of itself in removable drives, as well as network drives. Trend Micro gave ZCryptor an overall risk rating of critical, with a high damage potential.
Once embedded on the user’s computer and the files are encrypted a ransom note appears demanding 1.2 Bitcoins (approx. $500). It gives the victim four days to comply before boosting the payment to 5 Bitcoins. There is no decryption key for ZCryptor just yet, but fortunately we can largely defend against it as we would other ransomware variants, such as avoiding clicking on suspicious links and email attachments, disabling macros by default, and maintaining secure backups.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.