How is Samas RansomWorm different from normal ransomware?
Whereas traditional ransomware only encrypts the machine the attacker is controlling, RansomWorm spreads inside throughout the entire network to encrypt every server and computer—and the backups.
Edward Snowden was right about CIA hacking activities: they are going to lose control of their “weaponized gun” — and it’s going to be ugly.
On March 7th, 8,761 documents and files were leaked from the CIA to Wikileaks introducing the scope and direction of the CIA’s global covert hacking program, its malware arsenal, and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products: Apple iPhone, Google Android, Microsoft Windows, and even Samsung smart TVs, which are turned into covert microphones.
APT10—allegedly a Chinese threat actor—has come up in the news recently, this time running a campaign known as Operation “Cloud Hopper”.
Chinese actors are the main suspect based on malware compilation time and interactive hacking activities, but there’s a chance that this is a deception attempt to manipulate the forensics evidence.
The main goal for nation-state actors working for intelligence purposes is to establish a consistent and reliable digital presence. Whether or not they have an active operation, they need to be ready to launch a campaign at any time. To do so, they need to be deployed all the time.