Hackers Dine on Zomato

Online restaurant and food joint aggregator Zomato had indeed hit the jackpot of being Hackers dine on Zomatothe first company with over 120 million visitors every month. The company has been protecting the personal information of its users diligently till recently. A security recently breach of the company’s systems resulted in a theft of their user database as 17 million user records were stolen.

The Delhi-based company claims that the passwords were hashed that means it cannot be converted easily by the hackers. In an official blog, the company has also explained that it has logged all users out of its website and app as a precaution. Emails have been sent to affected users urging them to change their passwords to be on the safer side. In the same blog, Zomato has also assured that financial data and credit card information of users has been fully secured.

A report stated that a web vendor under the pseudonym “nclay” had taken the responsibility for the hack. Further investigations into the matter suggested that the hacker has provided exact details of stealing of the data which shows loopholes in the company’s security system.

Zomato’s founder Deepinder Goyal tweeted that most of the people use their Facebook and Google accounts to log in to Zomato. So, they are not at much risk as they don’t have passwords for these accounts. However, he assured users that the company will be enhancing and focusing on its security measures and will do everything in the interest of the users.

Ransomware is an act of encrypting files from a victim computer and prohibiting access until the user pays an amount of money demanded by a hacker. There have been several cases of ransomware experienced in the past. The most disruptive ransomware named WannaCrypt popularly called Wcry severely hit dozens 74 countries including India affecting more than 45,000 computers in many enterprises that include IT organizations, ATMs, universities, hospitals, railway station networks.

 … Read the rest

Read more

Gauss Hard to Decode, Kaspersky Looks for Help!

Gauss- the newly formed malware seems to be getting on nerves of researchers at Kaspersky Lab, as the security firm asks the community if someone can be of any help to decrypt the virus’s payload.

Kaspersky said that the hackers who formed Gauss shut down its power and control servers before the firm could track them down. And this is the main reason why the firm has problems decoding details about the virus.

In a statement, Aleks Gostev, chief security expert, Kaspersky global research and analysis team reveals that the idea and purpose of Gauss stays a mystery for the researchers. He further stated that the cryptography and precautions used by the authors to hide the payload of this malware can mean that it plans to target high profile users.

Gostev also explained that in order to understand the virus, it is mandatory to decrypt Gauss. He also revealed the fact that the payload of Gauss contains coding that could be used for cyber-sabotage, like Stuxnet’s SCADA code.

The destructive malware, Gauss, which was discovered by Kaspersky earlier this month, aimed to spy on banking passwords and transactions of computers in the Middle East, specifically in Lebanon. The banks that the virus attacked include Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank, and Credit Libanais. The malware also targets Citibank and PayPal, which are the only non-Lebanese banks.

The virus is believed to be directly related to Flame, and is also said to be a descendant of Stuxnet and Duqu.

Gauss malware is directed to steal financial information, browser passwords, system configurations, cookies, and more. And just like Stuxnet, this virus can also be passed from computer to computer by infecting USB drives.

Researchers at Kaspersky clarified that the payload of Gauss stays in the USB data-stealing module. This payload, they said, is always on a lookout for a particular folder in Program Files, which begins with an extended character, such as Arabic or Hebrew. Once a folder is discovered along with other system requirements, Gauss uses its payload to decrypt and infect the computer.

So far, Gauss malware is believed to have infected more than 2,500 computers.… Read the rest

Read more