BU-CERT – Page 8 – Bournemouth University Computer Emergency Response Team

‘CovidLock’ Exploits Coronavirus Fears With Bitcoin Ransomware

Posted on 16 March 2020

From cointelegraph.com

Opportunistic hackers are increasingly seeking to dupe victims using websites or applications purporting to provide information or services pertaining to coronavirus.

Cybersecurity threat researchers, DomainTools, have identified that the website coronavirusapp.site facilitates the installation of a new ransomware called “CovidLock.”

The website prompts its visitors to install an Android application that purportedly tracks updates regarding the spread of COVID-19, claiming to notify users when an individual infected with coronavirus is in their vicinity using heatmap visuals.

Reported security issue by Vismit Sudhir Rakhecha(Druk)

Posted on 24 June 2019

We would like to thank Vismit Rakhecha who reported a security issue and contributed to the improvement of the security of one of our services.

https://twitter.com/rvismit

Reported security issue by lacroute serge

Posted on 12 June 2019

We would like to thank lacroute serge who reported a security issue and contributed to the improvement of the security of one of our services.

https://twitter.com/fakessh

Elevated phishing activity at BU

Posted on 20 September 2018

For the past couple of days BU has been targeted through spear phishing emails. Users should be alert on any emails coming from student accounts with a subject related to academic activities (projects, guest lecturers, etc.)

TV licensing suffers data breach

Posted on 13 September 2018

Following this statement from tvlicensing.co.uk, customers who used their services to pay for their tv licensing fees between 29 August until around 3.20pm on 5 September 2018 may have their details compromised. The company reports that this was due to a technical update and during that period the transactions were not as secure as intended.

Weakness in WhatsApp Enables Large-Scale Social Engineering

Posted on 10 August 2018

From darkreading.com

Researchers at Check Point Software Technologies say they have discovered a dangerous weakness in the WhatsApp messaging app that gives threat actors a way to manipulate content in private and group conversations on the platform without raising any red flags.

The security vendor this week published a report demonstrating how an adversary could exploit the issue to change the identity of a message sender, alter the text of message replies, and send private messages spoofed as a public message to individual participants in a group.

More information here

Shrug ransomware victim? Here’s how to retrieve your locked files for free

Posted on 24 July 2018

From zdnet.com

A new form of ransomware is being distributed through drive-by attacks, but victims can retrieve their locked files for free due to mistakes in the attack’s code.

Shrug ransomware first appeared in the wild on July 6, and comes embedded in fake software and gaming apps. Those who get tricked into downloading and running the file-encrypting malware are met with an extensive and mocking ransom note penned by an attacker calling themselves Martha.

More information here