South Korean Banks Receive DDoS Threat from Hacker Group, Record Ransomware Payment Demanded

CircleID CircleID: Various sources including South Korea's news agency Yonhap are reporting that a hacker group has threatened to launch a DDoS attack against seven South Korean banks unless they pay about 360 million won (US$315,000) in bitcoin. The hacker group, known as Armada Collective, has threatened KB Kookmin Bank, Shinhan Bank, Woori Bank, KEB Hana Bank, NH Bank and two other lenders. Zeljka Zorz reporting in Help Net Security writes: "Choi Sang-Myung, a researcher at South Korean's Hauri Labs, noted that these latest threats might have been a consequence of the recent successful extortion attempt of South Korean web hosting provider Nayana. ... The deadline for the announced attacks was this Monday. The websites of the aforementioned banks are online and working, but whether it's because they paid the requested amount or because they managed to twart the DDoS attacks is impossible to tell."

— Update: New report from BBC, "Global ransomware attack causes chaos ... Companies across the globe are reporting that they have been struck by a major ransomware cyber-attack. ... Experts suggest the malware is taking advantage of the same weaknesses used by the Wannacry attack last month. ... Kaspersky Lab reported that it believed the malware was a 'new ransomware that has not been seen before' despite its resemblance to Petya."

— Petya is a ransomware with an evil twist: F-Secure: "Instead of encrypting files on disk, it will lock the entire disk, rendering it pretty much useless. Specifically, it will encrypt the filesystem’s master file table (MFT), which means the operating system is not able to locate files. It installs itself to the disk’s master boot record (MBR) like a bootkit. But instead of covert actions, it displays a red screen with instructions on how to restore the system."

— "A South Korean hosting firm just paid $1m to get their data back and that's a huge incentive. It's the biggest incentive you could offer to a cyber-criminal." Andrei Barysevich at security firm Recorded Future told BBC
Follow CircleID on TwitterMore under: Cyberattack, Cybercrime, Cybersecurity, DDoS

The post South Korean Banks Receive DDoS Threat from Hacker Group, Record Ransomware Payment Demanded appeared first on iGoldRush Domain News and Resources.

Continue reading

AUCTION RECAP OF JUNE 26, 2017

A comprehensive look at the final auction prices, closeouts and more from the auction list posted on June 26, 2017. 

If there is an asterisk (*) next to a price, it means that the name was at auction from a private seller (rather than an expiring name) and may have had a reserve.  I’m only showing where the price was when the auction ended, but the name may not have sold if a reserve was in place.

Save Money With Daddy Bulk Domain Registration

 Namejet

Top 10 Namejet sales for yesterday as listed on Namebio.

ech.com $26,125
tohe.com $4,002
airalgerie.com $2,600
dkf.net $1,515
25313.com $1,211
63953.com $1,112
alphasecurity.com $1,109
fbyj.com $1,000
fzln.com $1,000
gnmp.com $1,000

The post AUCTION RECAP OF JUNE 26, 2017 appeared first on DSAD.

Continue reading

Alo Yogo is a reverse domain name hijacker

Domain Name Wire Domain Name Wire: Maker of yoga apparel filed baseless cybersquatting dispute in effort to snag domain ALO.com. Yoga apparel company Alo Yoga (Color Image Apparel, Inc.) has been found guilty of reverse domain name hijacking over the domain name ALO.com. The company, which uses the domain name AloYoga.com, filed a cybersquatting case with World Intellectual Property Organization. The […]
The post Alo Yogo is a reverse domain name hijacker appeared first on Domain Name Wire | Domain Name News & Views.

The post Alo Yogo is a reverse domain name hijacker appeared first on iGoldRush Domain News and Resources.

Continue reading

Sedo’s Top 10 MLS sales this year

Domain Name Wire Domain Name Wire: Company reveals top (public) sales this year through its distribution network. Domain name marketplace Sedo offers a system called SedoMLS that syndicates domain name listings to partners including domain name registrars. This puts your domain names in front of buyers when they are looking for domains at the registrars. Sedo has revealed the top 10 […]
The post Sedo’s Top 10 MLS sales this year appeared first on Domain Name Wire | Domain Name News & Views.

The post Sedo’s Top 10 MLS sales this year appeared first on iGoldRush Domain News and Resources.

Continue reading

Phishing: the Worst of Times in the DNS

CircleID CircleID: The Anti-Phishing Working Group has released its latest Global Phishing Survey, written by myself and Rod Rasmussen. This report comprehensively examines a large data set of more than 250,000 confirmed phishing attacks detected in 2015 and 2016. By analyzing this cybercrime activity, we have learned more about what phishers have been doing, and how they have done it. Unfortunately, there's more phishing than ever, and phishers are registering more domain names than ever.

Our major findings include:

1. In 2016, the number of phishing attacks, and the number of domain names used for phishing, reached an all-time high.

2. Malicious domain name registrations are also at an all-time high, indicating detection and mitigation problems at certain registrars and registries. Historically, most phishing has occurred on conpromised domains, where phishers broke into innocent registrants' web hosting. But increasingly, phishers just go and register the domains they need. This major shift is concerning, and it means abuse detection and mitigation efforts are failing especially at certain registries and registrars.

3. Phishing in the new top-level domains (nTLDs) is rising and becoming more pervasive, but is not yet as pervasive as it is in the domain space as a whole. By the end of 2016, almost half of the nTLDs that were available for open registration had phishing in them. The nTLDs are also a place where phishers are purchasing domain names for themselves. Of the 6,549 domains used for phishing in the nTLDs in 2016, 86% (5,633) were registered maliciously.

4. New companies are constantly being targeted by phishers, while a few brands face an onslaught of thousands of attacks per year.

5. Contrary to conventional wisdom, phishers often wait up to three weeks before using domain names they have registered.

Full statistics and analysis of each of these topics — including breakdowns by TLDs and registrars — are included in the report.

In the meantime, phishers are employing another new trick that uses the domain name system. We call this "domain shadowing," and is when a phisher manipulates an unsuspecting company's DNS settings to insert multiple phishing sites onto the company's servers. This often results in hundreds of new phishing sites at a time.

Our statistics under-count the total amount of phishing that occurred in the wild — more attacks were undetected by our sources, and more attacks were reported but not confirmed. The numbers are a baseline compiled through collection and counting methods that have remained consistent over the years.

Those who operate Internet resources have the responsibility to do so in a secure and wise manner. We hope this report is helpful and provides information that will make the Internet a better place.
Written by Greg Aaron, VP iThreat Cyber Group, and Co-Chair of the APWG's Internet Policy CommitteeFollow CircleID on TwitterMore under: Cybercrime, Cybersecurity, DNS, Domain Names, Top-Level Domains

The post Phishing: the Worst of Times in the DNS appeared first on iGoldRush Domain News and Resources.

Continue reading

Saxenda® : Big pharma bucks, lots of registered domains

Saxenda® is a drug aimed at reducing the risks of diabetes; as with most pharmaceutical products, it’s also a registered trademark. Pharmaceutical companies generate billions of dollars in revenue annually, and they spend a lot of money for consumer awareness and brand protection. Saxenda® was introduced to the US market in 2014, after receiving approval […]

Copyright DomainGang

Continue reading

Daily Domain Picks 6-27-17

Daily Domain Picks 6-27-17   Go Daddy Auction Picks 6-27-17 Powered by ExpiredDomains.com Full List 33289.com AdministratorWork.com AFNP.com AfricanStartups.com ARFC.com BetaMonkeys.com BigTwig.com BTVQ.com BuzzMotors.com BVKR.com CambridgeTechnologies.com CFHO.com ChampionsPower.com DriveTeach.com EHK.net ELA.cc ErgonomicBed.com FishingForDeals.com GEZK.com GoConsumers.com HackersRevolution.com HandmadeBlogger.com HiredAway.com HMZU.com HomesForSale.me HPEB.com HYOJ.com IHA.cc Jaxen.com JVQ.net LittlePlaza.com LondonHeart.com Nishoo.com NOQL.com OpenMoment.com PacketBuilder.com Positionable.com PUYF.com PWV.net QJAP.com […]
Continue reading