Ransomware

Below is a notice from FinCEN, the USA's Financial Intelligence Unit. But there's a subliminal message. It's issued out of the FinCEN distribution system but it makes it very obvious that FinCEN is part of Treasury. And, as we know, you don't mess with Treasury, ergo you don't mess with FinCEN.

The actual subject is scary, too.

It's almost too convenient: as the USA tries to find support for its push against Iran, the USA has managed to find two men it says were behind major ransomware attacks ranging from 2015 until September 2018. They are Iranian.

Even more bizarre is that some nit at the FBI thinks that a US assistant Attorney General is being original, perhaps even clever, by calling ransomware attacks "21st Century Blackmail." There are some who will be delighted at the news: US President Trump and his pro-Israeli groups have been angling for any persuasion they can to encourage action against Iran by other countries, almost all of which do not line up with the USA. Others will stand back and say "Really?"

Below is an example of the tactics used by Israeli company RevenueHits that sells itself as a high-profit platform to rival Google Adsense.

This advertisement takes control of the user's browser, produces a page that falsely claims to belong to Microsoft and then says that the computer is locked and asks for a user-name and password. The window cannot be closed by usual means. Amongst other things, it threatens the standard business model of millions of websites.

The US government's CERT division of the Department of Homeland Security has issued a statement that explains the risks and problems associated with the Petya ransomware virus and details of it.

We are not pretending to be making any contribution to the story about this spectacularly successful virus - we're just helping spread information about it. This is from the USA Government's information service about cyber-threats, US-CERT which is part of the Department of Homeland Security.

17 May 2017