March 18, Softpedia – (International) Ransomware uses GnuPG encryption program to lock down files. Researchers from Bleeping Computer and Emsisoft discovered that cybercriminals are using open source GNU Privacy Guard (GnuPG) code and Visual Basic Scripting Edition (VBS) to power VaultCrypt ransomware that uses a 1024-bit RSA key pair to encrypt information and Microsoft’s sDelete application to remove data used in the process. The ransomware sends user log-in credentials for Web sites to a command and control (C&C) server hidden in the Tor anonymous network. Source
March 18, Softpedia – (International) Repackaged Android apps filling third-party stores. Security researchers at Trend Micro discovered an increase of the number of Android apps that are either localized or repackaged containing malware being released for free on unofficial app stores, including spyware that can intercept payment notices or collect the user’s phone model and location, and list of installed apps. Source
March 17, U.S. Attorney’s Office, Eastern District of New York – (New York) New York City Police Department auxiliary officer charged with hacking into NYPD computer and FBI database. An auxiliary officer with the New York City Police Department (NYPD) was arrested and charged March 17 for allegedly using his position to hack into a restricted NYPD computer and other sensitive law enforcement computer systems by installing multiple electronic devices in the Traffic Safety Office of an NYPD precinct to obtain the personal information of thousands of citizens in order to commit fraud. The auxiliary officer ran over 6,400 queries and contacted individuals involved in traffic accidents falsely claiming to be affiliated with a law firm in order to encourage the victims to hire his services. Source