Connect with us

New US bill to oblige victims of ransomware to notify criminals of payments

Published

on

More information on ransomware will help the authorities develop effective defense strategies.

A new US government bill called the Ransom Disclosure Act could oblige victims of US ransomware attacks report any payments to hackers within 48 hours.

The bill was drafted by US Senator Elizabeth Warren and US House of Representatives Deborah Ross. The senator said the number of attacks by ransomware groups is growing despite the multifaceted efforts to solve the problem, so getting more detailed information about financial transactions in underground circles can help the authorities to develop and implement more effective strategies for neutralization and protection.

The four main points of the bill are as follows:

  • Require victims of ransomware (excluding individuals) to disclose ransom payments no later than 48 hours after the payment date, including the amount of the ransom requested and paid, the type of currency used to pay the ransom, and any known information about the perpetrators;

  • Require the US Department of Homeland Security to release information disclosed during the previous year, other than identifying information about the ransom paying entity;

  • Require the US Department of Homeland Security to create a website through which people can voluntarily report ransom payments;

  • Instruct the Secretary of Homeland Security to conduct research on the common features of ransomware attacks and the extent to which cryptocurrency has contributed to these attacks, and provide recommendations for protecting information systems and enhancing cybersecurity.

Forcing victims to disclose ransom payments to hackers has always been controversial, as this can only exacerbate the impact of ransomware attacks. This strategy may lead to cases where the restoration of normal company operations will be delayed due to additional verification.

To enter into force, the bill must pass a vote in the Senate, then in the House of Representatives, and finally be signed by US President Joe Biden.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

On October 24, a bug in GPSD will send users 19 years back

Published

on

The effect of the error can lead to unpredictable failures on different systems, including those that do not directly use GPSD, since this application is used to obtain accurate time data on some NTP servers used for time synchronization.

A critical issue has been identified in the GPSD package, which is used to extract accurate time and position data from GPS devices, which will cause the time to shift 1024 weeks ago on October 24, i.e. time will be changed to March 2002. About it informs opennet.ru.

The issue appeared in releases 3.20 through 3.22 inclusive and was fixed in the GPSD 3.23 release (the fix was also backported to the 3.22 Debian package). All users of systems that use GPSD need to urgently install updates, or be prepared for a failure.

The effect of the error can lead to unpredictable failures on different systems, including those that do not directly use GPSD, since this application is used to obtain accurate time data on some NTP servers used for time synchronization. When the time is shifted, the systems can experience problems with authentication (for example, one-time passwords, Kerberos and other access verification mechanisms that have an expiration date will stop working), with the verification of certificates and with calculations that manipulate time ranges (for example, calculating the time of a user’s session).

GPSD is also used in car navigators, drones, robots, military equipment, marine and aviation navigation equipment, in various mobile devices, including those based on the Android platform, for many of which firmware updates are no longer available. Usually, on such devices, GPSD work is related to navigation and does not affect the setting of the system time.

The GPS protocol provides for a week counter, counting weeks from January 5, 1980. The problem is that when broadcasting, only 10 bits are allocated for this counter, which implies that it overflows every 1023 weeks (19.7 years). The first overflow occurred in 1999, the second in 2019, and the third in 2038. These events are tracked by manufacturers and have special handlers for them. Currently, a new GPS message format (CNAV) has been introduced in parallel, in which 13 bits are allocated for the counter (i.e. overflow is expected only in 2137).

In GPSD, in the logic of correcting the appearance of an extra second (added in order to synchronize the reference world atomic clock with the astronomical time of the Earth), an error was made due to which on October 24, 2021, 1024 will be prematurely subtracted from the counter of the number of weeks. As planned by the author of the code, the shift was supposed to occur on December 31, 2022, but the translation of this date into the number of weeks was not performed correctly and the number of weeks actually given in the check fell under October 2021 (the value is 2180 instead of 2600).

/* sanity check week number, GPS epoch, against leap seconds
* Does not work well with regressions because the leap_sconds
* could be from the receiver, or from BUILD_LEAPSECONDS. */
if (0 < session->context->leap_seconds &&
19 > session->context->leap_seconds &&
2180 < week) {
/* assume leap second = 19 by 31 Dec 2022
* so week > 2180 is way in the future, do not allow it */
week -= 1024;
GPSD_LOG(LOG_WARN, &session->context->errout,
"GPS week confusion. Adjusted week %u for leap %dn",
week, session->context->leap_seconds);
}

Continue Reading

Security

Hacker published information about betting on Dota 2 games

Published

on

According to the information released, PSG.LGD Dota 2 coach Zhang xiao8 Nina made over two thousand bets on PSG.LGD matches.

The hacker hacked into the account on the website of the Chinese bookmaker, which, presumably, belongs to the trainer of the PSG.LGD Dota 2 roster Zhang Xiao8 Ning. An anonymous post with screenshots appeared on the Zhihu portal.

The screenshots posted by the hacker prove that xiao8 was betting on PSG.LGD. In the screenshots, you can see the same username as in the screenshots previously posted by ex-wife Nina.

The hacker said that between May 2019 and December 2020, the mentor of the Chinese team made 2,444 bets for a total amount exceeding one million dollars. Note that neither PSG.LGD nor xiao8 commented on the situation in any way.

On October 18, ex-wife Nina stated that he has repeatedly made bets on Dota 2 matches, including those of his own team. To confirm her words, she published screenshots of the Xiao8 account from the bookmaker’s website, as well as fragments of correspondence.

However, at the moment, many experts believe that the girl deliberately set up her ex-spouse and, for this, fabricated the necessary evidence against the cybersportsman.

Continue Reading

Security

White hacker received $ 2 million for a vulnerability found in the Polygon blockchain network

Published

on

The reward is a record in the history of the DeFi sector.

A security expert discovered a critical vulnerability in Polygon’s second-tier solution that could lead to losses of $ 850 million. The project paid the researcher a record $ 2 million remuneration.

The Polygon project launched the bounty program in September, and it drew attention to the cybersecurity specialist Geghard Wagner. He noted that Polygon uses the Plasma security system to secure transactions between its networks and Ethereum, which, in his opinion, is difficult to reliably implement.

Wagner elaborated on how he discovered the vulnerability in the Plasma Bridge. The expert called the vulnerability a “double spending bug”. Using an error in the code, an attacker could withdraw an amount 223 times the original value of the tokens. The contribution of every $ 200 thousand could bring a potential hacker $ 44.6 million.In case of exploitation of the vulnerability, the protocol losses could amount to $ 850 million.

The Polygon developers agreed to pay the maximum reward for finding a vulnerability of $ 2 million, which was the largest reward for finding bugs in the history of DeFi.

Also, the Polygon developers confirmed that the bug was present on the mainnet. Wagner suggested that the problem was “due to the use of third-party code without fully understanding it.” He stressed that the solution of the developers turned out to be “not too sophisticated”, but coped with its task.

Continue Reading

Most Popular