US$100K+ extorted in DDoS scam; Ransomware's silent Android attack; UNSW's new quantum labs
A group of cybercriminals operating under the name ‘Armada Collective’ has successfully extorted more than US$100,000 (about AU$131,000) from website operators after threatening the websites with distributed denial of service (DDoS) attacks.
Denial of service protection provider Cloudflare detailed the extortion campaign in a blog post earlier this week.
Cloudflare said it began hearing reports in March that a group of crims calling itself the Armada Collective was sending emails to online businesses, threatening to launch DDoS attacks if payments of bitcoin were not paid.
According to the blog post, the threatening emails demand a “protection fee” ranging from 10 to 50 bitcoin (about $6100 to $30,700).
What’s particularly interesting about this extortion campaign is that, at least according to Cloudflare, the group hasn’t actually launched any attacks.
“To date, we've not seen a single attack launched against a threatened organisation. This is in spite of nearly all of the threatened organisations we’re aware of not paying the extortion fee. We’ve compared notes with fellow DDoS mitigation vendors and none of them have seen any attacks launched since March against organisations that have received Armada Collective threats,” the blog post read.
However, it does seem that some companies threatened have indeed paid the protection fee. Cloudflare cited a security analyst from Bitcoin analysis firm Chainalysis as concluding that more than US$100,000 has been sent to the attackers by victims.
This isn’t the first time a group going by the name Armada Collective has threatened companies with DDoS attacks unless a payment was made. Cloudflare suggested that the group currently calling itself Armada Collective is in fact a different set of individuals to the original group. According to Cloudflare, that original group did indeed carry out their threatened DDoS attacks.
Silent Android ransomware
Security researchers have discovered an attack method that uses an exploit kit to deliver ransomware to Android devices silently in the background, without requiring user interaction.
In a Blue Coat Labs blog post, Andrew Brandt said the research lab discovered the attack method when a test device in a lab environment was hit with ransomware after an advertisement containing hostile Javascript loaded from a web page.
“This is the first time, to my knowledge [that] an exploit kit has been able to successfully install malicious apps on a mobile device without any user interaction on the part of the victim,” Brandt wrote.
“During the attack, the device did not display the normal ‘application permissions’ dialog box that typically precedes installation of an Android application.”
Brandt said that the attack seems to have been going on at least since mid-February, and may in fact have begun earlier still.
New quantum computing labs at UNSW
The University of New South Wales (UNSW) has opened a new quantum computing laboratory complex.
UNSW said the new labs will double the productive capacity of the UNSW headquarters of the Australian Research Council Centre of Excellence for Quantum Computation and Communication Technology (CQC2T) — a facility dedicated to the development of atomically precise devices in silicon.
The labs will also be used to advance development to commercialise UNSW’s quantum computing research.
The new laboratory complex will eventually contain six new scanning tunnelling microscopes, which can be used to precisely position individual atoms within silicon for development of quantum chip hardware.
The complex will also house six new ultracold dilution refrigerators which can reach temperatures close to absolute zero. The refrigerators allow researchers to measure and demonstrate quantum logic operations of the qubits and atomic-scale circuits they make.
“The international race to build a super-powerful quantum computer has been described as the space race of the computing era,” said CQC2T director, Professor Michelle Simmons.
“Our Australian centre’s unique approach using silicon has given us a two- to three-year lead over the rest of the world. These facilities will enable us to stay ahead of the competition.”
Strategies for navigating Java vulnerabilities
Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...
Not all cyber risk is created equal
The key to mitigating cyber exposure lies in preventing breaches before they happen.
How AI can help businesses manage their cyber risks
Artificial intelligence can be a powerful ally in the fight against cyberthreats.