The Petya Ransomware Is Starting To Look Like a Cyberattack in Disguise (theverge.com)

← Back to Stories (view on slashdot.org)

The Petya Ransomware Is Starting To Look Like a Cyberattack in Disguise (theverge.com)

Posted by msmash on Wednesday June 28, 2017 @08:46AM from the new-twist dept.

Further research and investigation into Petya ransomware -- which has affected computers in over 60 countries -- suggest three interesting things: 1. Ukraine was the epicentre of the attack. According to Kaspersky, 60 percent of all machines infected were located within Ukraine. 2. The attackers behind the attack have made little money -- around $10,000. Which leads to speculation that perhaps money wasn't a motive at all. 3. Petya was either "incredibly buggy, or irreversibly destructive on purpose." An anonymous reader shares a report: Because the virus has proven unusually destructive in Ukraine, a number of researchers have come to suspect more sinister motives at work. Peeling apart the program's decryption failure in a post today, Comae's Matthieu Suiche concluded a nation state attack was the only plausible explanation. "Pretending to be a ransomware while being in fact a nation state attack," Suiche wrote, "is in our opinion a very subtle way from the attacker to control the narrative of the attack." Another prominent infosec figure put it more bluntly: "There's no fucking way this was criminals." There's already mounting evidence that Petya's focus on Ukraine was deliberate. The Petya virus is very good at moving within networks, but initial attacks were limited to just a few specific infections, all of which seem to have been targeted at Ukraine. The highest-profile one was a Ukrainian accounting program called MeDoc, which sent out a suspicious software update Tuesday morning that many researchers blame for the initial Petya infections. Attackers also planted malware on the homepage of a prominent Ukraine-based news outlet, according to one researcher at Kaspersky. Ars Technica has more.

182 comments

Min score:

Reason:

Sort:

Russians by 110010001000 · 2017-06-28 08:50 · Score: 4, Interesting

So the Russians did it?
1. Re:Russians by Oswald+McWeany · 2017-06-28 08:58 · Score: 3, Insightful
  
  So the Russians did it?
  They would be the logical assumption. No one gains more by destabalising Ukraine.
  
  --
  "That's the way to do it" - Punch
2. Re:Russians by NettiWelho · 2017-06-28 09:01 · Score: 1
  
  So the Russians did it?
  Who has most to gain from russia being blamed for something petty with no gains in it for them whatsoever? I mean, what is the motive? All that is gonna cause is systems being hardened and exploitable resource being exhausted.
  
  Besides, if it was the russians they'd have setup a decryption system that won't get disconnected in 5 minutes after it becoming public to milk all possible cash out of it.
3. Re:Russians by avandesande · 2017-06-28 09:02 · Score: 1
  
  We need a new Southpark with "Blame Russia"
  
  --
  love is just extroverted narcissism
4. Re:Russians by Anonymous Coward · 2017-06-28 09:03 · Score: 0
  
  please shut the fuck up.
5. Re:Russians by Anonymous Coward · 2017-06-28 09:05 · Score: 0
  
  3 possibilities:
  1. the russians did it
  2. china did it to force the west to concentrate on russia instead of them
  3. the west did it to justify further increase in military spending and control laws
  I would say 1 is the most likely, but 2 and 3 are not out of the question either.
6. Re: Russians by Anonymous Coward · 2017-06-28 09:05 · Score: 0
  
  I'm not saying it's Russians.... But it's Russians!
7. Re:Russians by Oswald+McWeany · 2017-06-28 09:06 · Score: 3, Insightful
  
  Who has most to gain from russia being blamed for something petty with no gains in it for them whatsoever?
  No one really. No one really gains from Russia being blamed if it wasn't Russia. There is no reason to frame Russia.
  
  I mean, what is the motive?
  
  Oh, you mean, like, besides destabalising the country they are trying to stealthily reclaim, that they've already illegally stolen territory from.
  
  --
  "That's the way to do it" - Punch
8. Re:Russians by johanw · 2017-06-28 09:09 · Score: 1
  
  To frame someone is the core buisiness of the CIA.
9. Re:Russians by MightyMartian · 2017-06-28 09:13 · Score: 4, Insightful
  
  You are aware, I trust, that Ukraine and Russia are effectively at war, right? Why this need for convoluted conspiracy theories when the most parsimonious explanation is that Russia waged a cyberattack on Ukraine? Maybe Russia didn't give a flying fuck whether anyone could eventually decrypt the data or not, if hte point is just to cause damage. It's like asking "Why didn't they send in the Army Corp of Engineers to rebuild the bridge they just bombed to oblivion?" answer being, they just wanted to bomb the bridge to oblivion.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
10. Re:Russians by Anonymous Coward · 2017-06-28 09:13 · Score: 0
  
  And the KGB are all saints.
  Moron.
11. Re:Russians by Oswald+McWeany · 2017-06-28 09:19 · Score: 1
  
  The CIA are more than capable of getting their hands dirty, wouldn't make any sense for them to attack a country they're hoping to stay independent just to make someone else randomly look bad.
  
  --
  "That's the way to do it" - Punch
12. Re:Russians by Anonymous Coward · 2017-06-28 09:22 · Score: 0
  
  Obama did it.
13. Re:Russians by Anonymous Coward · 2017-06-28 09:25 · Score: 0
  
  So the Russians did it?
  No shit they did it. I want to see proof they didn't do. World is shitty enough as it is and these idiots still want to fuck shit up. The only country that even comes close to doing bullshit like that is China, and they have economic ties with Ukraine. May be Jesus did it. I doubt it though.
14. Re:Russians by NettiWelho · 2017-06-28 09:28 · Score: 1, Troll
  
  You are aware, I trust, that Ukraine and Russia are effectively at war, right?
  So why expend your limited resource on forcing a couple of ukrainian grocery shops to re-image their cash register computers?
  
  Why this need for convoluted conspiracy theories when the most parsimonious explanation is that Russia waged a cyberattack on Ukraine?
  Because I know from first hand experience government lies all the fucking time.
15. Re: Russians by bn-7bc · 2017-06-28 09:32 · Score: 1
  
  Well I think you mean FSB as the KGB was defict in 1995, I donÂt know enugh about them to dy if it was just a rename or a bigger otg change tho
16. Re:Russians by Anonymous Coward · 2017-06-28 10:01 · Score: 0
  
  We need a new Southpark with "Blame Russia"
  There is always Archer. There is also Russia that does a good job all by itself. Even if by some miracle of a or the God that may or may not exist, they didn't do it, they need to be fucked into oblivion. Russia should be a definition of a terrorist state even if state like China did it and tried to blame them. Fuck Russia. Start by freezing all overseas accounts that do not belong to "bydlo" and you will see diplomacy work overnight.
17. Re:Russians by skids · 2017-06-28 10:05 · Score: 4, Informative
  
  Moreover, Russia has been engaging in a sustained cyber-warfare campaign in Ukraine, up to and including taking down the power grid and hacking cells of military personnel to gain information on troop positions. Making it look like ransomware was probably more an afterthought in hopes that paranoid firewall admins worldwide would block Ukrainian IP addresses... they really don't care that it eventually gets attributed to them.
  I rolled my eyes this morning when I heard the company of origin was in the Ukraine and was not very surprised to see this article today.
  
  --
  Someone had to do it.
18. Re:Russians by Anonymous Coward · 2017-06-28 10:08 · Score: 1
  
  As anyone with a brain knows, 60% of all Ukrainian businesses includes a lot more than a few "grocery shops" having trouble with their "cash register computers", you Russian troll.
19. Re:Russians by Anonymous Coward · 2017-06-28 10:10 · Score: 1
  
  So why expend your limited resource on forcing a couple of ukrainian grocery shops to re-image their cash register computers?
  Why hurt the Ukrainian economy when one of your primary goals for the past several years has been to hurt the Ukrainian economy?
  You're right, I can't figure that one out.
  I also can't figure out why a country that has waged one cyberattack after the next against Ukraine, basically using it as a cyberwarfare testing ground, would... launch yet another cyberattack against Ukraine.
  Also, I am a moron.
20. Re:Russians by MightyMartian · 2017-06-28 10:16 · Score: 2
  
  Cyberwarfare isn't conventional warfare. It's not like you can run out of electrons. Russia has a group of hackers, and writing malware is a part of their job. When you think about how much it costs to keep the rebels armed and maintain an ununiformed Russia force in rebel areas of Ukraine, a cyberattack is so much bloody cheaper.
  As to your explanation for your bizarre conspiracy theory, that really doesn't answer the question at all. You've come up with a very convoluted conspiracy whose only defense seems to be "I don't trust the three letter agencies." Well, I don't trust them either, but I trust conspiracy theories that fail Occam's Razor.
  Russia has everything to gain by destabilizing Ukraine, whether that be militarily, or via fucking up their computers. Welcome to the face of modern warfare.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
21. Re:Russians by MightyMartian · 2017-06-28 10:18 · Score: 1
  
  Meant to say:
  "Well, I don't trust them either, but I trust conspiracy theories that fail Occam's Razor *EVEN LESS*."
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
22. Re:Russians by Rei · 2017-06-28 10:20 · Score: 1
  
  It's also worth noting that according to other sources Kaspersky is lowballing the percentage of victims that are in Ukraine.
  
  --
  "99 dead duelists of Dios on the wall. 99 dead duelists of Dios! Take one's ring, pass it around..."
23. Re:Russians by MightyMartian · 2017-06-28 10:32 · Score: 1, Informative
  
  You understand the concept of Occam's RAzor, right?
  Which explanation is more parsimonious?
  1. Russia waged a damaging cyberattack on Ukraine, a country it is already effectively at war with and which it has already annexed territory from.
  2. The CIA waged a cyberattack on Ukraine, a country the United States is friendly, even allied with, causing Ukraine businesses considerable damage, to make the Russians look bad.
  I want you to tell me which explanation is the more parsimonious.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
24. Re:Russians by NettiWelho · 2017-06-28 10:38 · Score: 1
  
  Cyberwarfare isn't conventional warfare. It's not like you can run out of electrons. Russia has a group of hackers, and writing malware is a part of their job. When you think about how much it costs to keep the rebels armed and maintain an ununiformed Russia force in rebel areas of Ukraine, a cyberattack is so much bloody cheaper.
  As to your explanation for your bizarre conspiracy theory, that really doesn't answer the question at all. You've come up with a very convoluted conspiracy whose only defense seems to be "I don't trust the three letter agencies." Well, I don't trust them either, but I trust conspiracy theories that fail Occam's Razor.
  Russia has everything to gain by destabilizing Ukraine, whether that be militarily, or via fucking up their computers. Welcome to the face of modern warfare.
  "my bizarre conspiracy theory"
  
  Just look at whos weapons are being used in these attacks
  
  "NotPetya ransomware also uses two NSA exploits leaked by the Shadow Brokers in April 2017. These are ETERNALBLUE (also used by WannaCry) and ETERNALROMANCE.""
25. Re: Russians by Anonymous Coward · 2017-06-28 10:44 · Score: 0
  
  Considering their ex-director is now the fucking president of Russia, I strongly doubt anything has changed about the KGB except its name.
26. Re:Russians by JaredOfEuropa · 2017-06-28 10:46 · Score: 1, Insightful
  
  How is Twitter a "source"?
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
27. Re:Russians by Anonymous Coward · 2017-06-28 10:47 · Score: 0
  
  Because Americans care what other people think about them, Doubly so for the CIA.
28. Re:Russians by MightyMartian · 2017-06-28 11:24 · Score: 1
  
  That didn't answer my question
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
29. Re:Russians by chispito · 2017-06-28 11:34 · Score: 1
  
  You are aware, I trust, that Ukraine and Russia are effectively at war, right?
  So why expend your limited resource on forcing a couple of ukrainian grocery shops to re-image their cash register computers?
  
  Why this need for convoluted conspiracy theories when the most parsimonious explanation is that Russia waged a cyberattack on Ukraine?
  Because I know from first hand experience government lies all the fucking time.
  The only government lying about Russia's stance toward the Ukraine is Russia. Many independent commentators yesterday were suggesting that it appears to be a disruption campaign disguised as ransomware.
  
  --
  The Daddy casts sleep on the Baby. The Baby resists!
30. Re:Russians by gweihir · 2017-06-28 11:45 · Score: 1
  
  Likely, but the question is _which_ Russians. Do not forget that this may well be counted as "terrorism" by some metrics and states are understandably reluctant to be labelled as supporting that. My guess would be some misguided Russian "patriots" did this and the only support from Putin they have is that the Russian government will not try very hard to find them.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
31. Re:Russians by edis · 2017-06-28 11:45 · Score: 2, Interesting
  
  point is just to cause damage
  Not the only point. Days before this outbreak, I happened to read articles, plain stating, that Ukraine is a country turned by Russia into test battlefield of cyberwar (and other kinds of modern war, as per their definition, BTW). Which was proved once again. Russia flexes its muscles both in operation, in damage, and in getting away with it. The same pattern of pushing the limits where they did their dirty act, yet remain difficult to name and be punished - it repeats all over. This pattern is by now well recognizable. It is the same, as throw chunks of army over the border for couple of "training" days, then withdraw them and get away like there was no war. Direct their "polite" military without identification to "help with voting" at neighboring country.
  Their problem, however, is that these patterns are more recognizable, as more instances have been applied. Element of surprise has worn, it is of little secret now, what is Russia Today.
  
  --
  Servant of karma
32. Re:Russians by Anonymous Coward · 2017-06-28 11:48 · Score: 0
  
  That didn't answer my question
  If I was asked to guess at a plausible US motivation, I'd simply follow the money$$$.
  The CIA wouldn't frame Russia because Americans care what people think. The CIA would do it to put more pressure on NATO cooperation and funding. The US is undoubtedly planning to get all NATO nations to stick to their GDP commitments for defense spending, and will probably offer to sell millions/billions in defense equipment(planes/bombs/guns, no butter) to NATO nations as they now have an imminent Russian bear threat.
  It also bolsters the US position against Russia in the ME, helping to further justify the offensive posturing against Syria. A posture which has little public support among the general public in the US, despite the medias attempts to claim otherwise.
  This is however purely conjecture.
33. Re:Russians by MightyMartian · 2017-06-28 11:51 · Score: 0
  
  I'm not asking for a plausible motive, I'm asking you which of the two claims is the most parsimonious. Your theory still smells of special pleading, whereas simply saying "The Russians, who already are essentially waging war with Ukraine, have launched another kind of attack."
  Why is it so fucking hard to imagine a belligerent in a conflict would use a cyberattack as part of an overall strategy to undermine their opponent? It's far more straightforward and likely that various versions of "The US attacked a friendly power to frame Russia and look good", which is the essence of your claim.
  Surely you must see the stupidity of your claim, the complexity, and frankly, the pure lack of necessity. Why are people so keen to let the Russians off the hook at every opportunity, and find some bizarre and tortured logic to blame the US?
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
34. Re:Russians by edis · 2017-06-28 12:14 · Score: 1
  
  Yep, as we know by now, there are enough of "misguided Russian patriots", spending their vacations by participating in very reasonably coordinated warfare against Ukraine, that itself chose distancing.
  
  --
  Servant of karma
35. Re:Russians by Anonymous Coward · 2017-06-28 12:38 · Score: 1
  
  There's a damn good chance it was perpetrated by the UK / US:
  1. Further de-stabilise Ukraine (oh well, collateral damage)
  2. MAIN GOAL: blame gets put onto Russia, placing a greater wedge between two neighbors
  3. BONUS POINTS: internationally entrenching Russia further into a pariah state
  After all: subterfuge is the name of the game.
  Heck, we'd also do it to the Chinese if we could, except they might decide to respond by dumping a couple trillion of their foreign currency reserves.
36. Re: Russians by Anonymous Coward · 2017-06-28 12:57 · Score: 0
  
  You forgot one other idea. It's encrypting only certain systems. Banking systems. Along with certain file type erasures. Could this be a political job. To eliminate the record of payments, and the routing slips?
37. Re: Russians by Anonymous Coward · 2017-06-28 13:02 · Score: 0
  
  This is an obvious CIA operation, hopefully they got some better Russian translators this time to write the comments in the code.
38. Re:Russians by gweihir · 2017-06-28 13:09 · Score: 1
  
  If you count this one as "coordinated warfare", then you are out of your mind.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
39. Re:Russians by Anonymous Coward · 2017-06-28 14:02 · Score: 0
  
  No. It was done by Ukrainian guy. I know who did it. Not a bright mind, just a software developer from Lviv, Ukraine. And there was no political context, poor thing just wanted to earn some cash. Usual salary in the Ukraine is about $115 per month.
40. Re:Russians by Anonymous Coward · 2017-06-28 14:25 · Score: 1
  
  Twitter is not the source. The source is ESET, which appears to be a Slovak Antivirus software company. Not complicated.
41. Re:Russians by Anonymous Coward · 2017-06-28 14:25 · Score: 0
  
  Effectively at war? Are you serious? Did you ever read "1984"? That's current Ukraine. No one in Russia knows that they are in war with the Ukraine. There is civil war in the Ukraine, though.
  There is over one million of Ukrainians working in Russia. And over a million of refugees from war. Russians don't mind, as these are white, educated refugees, who perfectly speak Russian and share the same culture. You don't need visa to cross the border, and people do it. You can freely live up to 90 days in Russia with Ukrainian passport, and vice versa. You can walk the street of Russian waving Ukrainian flag, as some people do. I don't think the opposite would work, though.
  If you'd like to know more about the conflict, I suggest you to see the "Ukraine on Fire" movie by Oliver Stone, 2016.
  P.S. Country like Ukraine couldn't possibly survive a war with Russia. Georgia fell in 5 days in 2008. Crimea was taken without a single shot, all 19 000 Ukrainian soldiers just gave up, without order, with 15 000 of them later joined the Russian Army and only 4 000 returned to mainland. And today Ukraine is claiming that it's protecting us from Russia. Yeah, right.
42. Re:Russians by Anonymous Coward · 2017-06-28 14:29 · Score: 0
  
  There should have been a bunch of question marks. Maybe you missed the sarcasm. The only people dirtier than the Russians, and who meddle in even more elections are the Americans. No one trusts them 2 point bla bla bla centimeters.
43. Re: Russians by Anonymous Coward · 2017-06-28 14:40 · Score: 0
  
  Bush jr would have shot first and asked questions later.
44. Re:Russians by Anonymous Coward · 2017-06-28 14:41 · Score: 0
  
  Because people despise American hypocrisy.
  And aren't as shallow thinking as you. America had already been destabilising The Ukraine previously.
  Every man and his dog knows the blame will be put on Russia. The US gets everything it wants. Distraction from Obamacare repeal, remind everyone of the evil Russians, more NATO spending, more money for defense, more sales for defense contractors, test out some cyber weapons, etc etc. VS the downside of what exactlly? Some people get free rids on Ukraines metro for a day or so?
45. Re:Russians by Anonymous Coward · 2017-06-28 14:48 · Score: 0
  
  Apparently the American hackers ran out of electrons though. Or do you think America doesn't have government sponsored hackers? Because all the NSA leaks say otherwise. Who wrote all this malware in the first place, yep NSA.
  America has a bunch of malware, what better place to test it than where your hated enemy will get the blame.
46. Re:Russians by Paradise+Pete · 2017-06-28 15:09 · Score: 1
  
  How is Twitter a "source"?
  In the same way that "paper" is something that can be written upon.
47. Re:Russians by Paradise+Pete · 2017-06-28 15:13 · Score: 1
  
  Then why would they disguise it as ransomware? Sure, it could be, but you're weaving quite a tapestry there, which I think is the Martian's point.
48. Re:Russians by Anonymous Coward · 2017-06-28 15:13 · Score: 0
  
  I want to see proof they didn't do.
  You're English is a bad as your logic - both are seriously flawed.
49. Re:Russians by Anonymous Coward · 2017-06-28 15:16 · Score: 0
  
  The Gerasimov Doctrine (Russia's war doctine) states:
  
  The very "rules of war" have changed. The role of non-military means of achieving political and strategic goals has grown, and, in many cases, they have exceeded the power of force of weapons in their effectiveness.
50. Re: Russians by Anonymous Coward · 2017-06-28 15:24 · Score: 0
  
  You're using an Oliver Stone movie as a source? That's pretty funny.
51. Re: Russians by Anonymous Coward · 2017-06-28 15:26 · Score: 0
  
  Yup, Putin is trying to protect the Trump cronies like Manafort and Flynn.
52. Re:Russians by Anonymous Coward · 2017-06-28 19:51 · Score: 0
  
  https://soylentnews.org/articl... are you the last person to know?
53. Re: Russians by Anonymous Coward · 2017-06-28 21:06 · Score: 0
  
  Should we add NettiWelho to the list of paid Russian trolls?
  Yes, I'm afraid there's very little doubt.
54. Re:Russians by rtb61 · 2017-06-28 22:20 · Score: 1
  
  What the fuck, fuckity, fuck, fuck insane bullshit are you claiming. Fucking prisons across the globe with millions of inhabitants and many of them would not only destabilise their own country to get rich, they would also rape, kill and eat you, if it would make them more powerful.
  Like all attacks it is worse in the country of origin where career criminals, who would not only destabilise their own country but kill everyone who tried to stop them, launched it. The Ukraine could not be more corrupt run by fascists to enrich themselves, the number one illegal arms supplier, so corruptly so, that they did not have arms to kill their own people, already sold to middle east and African terrorists.
  Ukrainian accounting software update was responsible for most of the infections and that could only have been an inside job.
  
  --
  Chaos - everything, everywhere, everywhen
55. Re: Russians by PoopJuggler · 2017-06-28 22:25 · Score: 1
  
  Russia certainly needs no help looking bad
56. Re: Russians by PoopJuggler · 2017-06-28 22:29 · Score: 1
  
  Except for the US any gain is not worth the blowback if caught. Russia doesn't care if they're caught so for them it's a win/win.
57. Re:Russians by Anonymous Coward · 2017-06-29 01:36 · Score: 0
  
  (BTW, I'm new to this thread, so not a previous poster.)
  What you seem to ignore is that YOUR country is also waging a deliberate and very sustained cold war against Russia. Old 5-eyes is working 24x7 to weaken and destabilise a formidable foe.
  >> Why are people so keen to let the Russians off the hook at every opportunity
  Most users on such websites don't; it just really grabs your attention when people do defend Russia. (Why? Well, only you can answer that question. But I suspect it will require an introspection you're not willing / interested in conducting.)
  I won't even bother answering your original question: it was deliberately crafted to elicit a singular answer.
58. Re:Russians by ElizabethGreene · 2017-06-29 01:50 · Score: 1
  
  As a child I read story. There was young a boy tending sheep. He loved to watch the people drop everything and scurry out to protect him and the sheep he yelled "Wolf!". It was great fun until one day he saw the wolf, cried "WOLF!", and no one came so the wolf ate him.
  Shouting "RUSSIA ATTACKS!" is a valid strategy to undermine the current US republican-dominated government and Trump specifically. The people doing this need to understand that there can be expensive and painful consequences if it turns out not to be true.
  See also "Iraqi Weapons of Mass Destruction"
59. Re:Russians by ElizabethGreene · 2017-06-29 01:53 · Score: 1
  
  > No one really gains from Russia being blamed if it wasn't Russia.
  This is incorrect. The US is attempting to pick a fight with Russia, and this is another pinprick. Why we are trying to pick this fight I do not know.
60. Re:Russians by edis · 2017-06-29 02:47 · Score: 1
  
  Civil war does NOT start with masqueraded foreign troops taking institutions in targeted areas, being set up for fight. I remember very well how after annexation of Crimea people in Eastern Ukraine were urged DAVAI DAVAI, WHAT ARE YOU WAITING FOR?! Then slowly posts on roads were established first of all, and further groups of people speaking St.Peterburg tongue of russian helped taking control over local institutions, with "tourists on vacations" from Russia being leaders of organizing "alternate local governing" and actual military operations. Not quite close to the civil war, see? It is not the civil war, when foreign army gets involved.
  
  --
  Servant of karma
61. Re:Russians by edis · 2017-06-29 02:53 · Score: 1
  
  What do you say? :-) Having primary channel of distribution being chosen with quite a sophistication, effective and country-targeted, please show some respect to the buddies over there. Didn't it work well, after all? Dirty deeds, but done well.
  
  --
  Servant of karma
62. Re: Russians by Anonymous Coward · 2017-06-29 03:07 · Score: 0
  
  How can the US get caught when there are an army of ignorant fools like you and MightyMartian telling everyone the Russians did it...
63. Re:Russians by Anonymous Coward · 2017-06-29 03:12 · Score: 0
  
  the reason they didn't make much $ is that the email was blocked by the isp..... read it here on /.
  https://it.slashdot.org/story/17/06/27/2040254/hacker-behind-massive-ransomware-outbreak-cant-get-emails-from-victims-who-paid
64. Re:Russians by Anonymous Coward · 2017-06-29 03:37 · Score: 0
  
  Shouting "RUSSIA ATTACKS!" is a valid strategy to undermine the current US republican-dominated government and Trump specifically. The people doing this need to understand that there can be expensive and painful consequences if it turns out not to be true.
  I remember not long ago when crying wolf about Russia was a top Republican strategy. Now I keep hearing on talk radio about how they are our friends. We are in more than one proxy war with this "friend". So, don't give me some bullshit liberal conspiracy.
65. Re:Russians by Anonymous Coward · 2017-06-29 03:48 · Score: 0
  
  The US is not "trying to pick a fight". The US and the rest of the civilized world are trying to pressure Russia to follow international norms of not invading your neighbor with military force and seizing their territory, along with lots of other bad behaviors.
  If Russia would get their troops and weapons out of Ukraine that would be a start.
66. Re:Russians by Anonymous Coward · 2017-06-29 03:56 · Score: 0
  
  That is an absurd comparison.
  The purveyors of the imaginary, made up deliberately to provoke war "Iraqi Weapons of Mass Destruction" lie are the EXACT same republicans that you are defending.
  The Russian made anti aircraft missiles shooting down civilian airliners are not imaginary. The Russian malware disabling Ukrainian the power grid are not imaginary.
  If you are stating this then you are deliberately lying or you are foolishly misinformed.
67. Re:Russians by Anonymous Coward · 2017-06-29 06:27 · Score: 0
  
  I'm not asking for a plausible motive, I'm asking you which of the two claims is the most parsimonious. Your theory still smells of special pleading, whereas simply saying "The Russians, who already are essentially waging war with Ukraine, have launched another kind of attack."
  Why is it so fucking hard to imagine a belligerent in a conflict would use a cyberattack as part of an overall strategy to undermine their opponent? It's far more straightforward and likely that various versions of "The US attacked a friendly power to frame Russia and look good", which is the essence of your claim.
  Surely you must see the stupidity of your claim, the complexity, and frankly, the pure lack of necessity. Why are people so keen to let the Russians off the hook at every opportunity, and find some bizarre and tortured logic to blame the US?
  I guess we have reached the next step in the New "Red Scare"...shall we blacklist Oliver Stone?
  http://dailycaller.com/2016/11/23/oliver-stones-russian-documentary-blames-cia-for-kremlins-invasion-of-ukraine/
68. Re:Russians by Anonymous Coward · 2017-06-29 08:56 · Score: 0
  
  I would counter, why are Americans so eager recently to put Russia on the hook for everything? Its not bizarre or tortured to wonder why a country would aide in the overthrow of formerly stable ME countries and continually tout the end goal of Democracy for all. It didnt work in Iraq, Afghanistan, Libya, Egypt, or Syria. Russia simply tried to put the brakes on for Syria and that's when the Ukrainian situation exploded. Maybe its just because I generally ignore the media/propoganda and just focus on whats actually happening. But Russias positions internationally over the last few years has seemed far more reasonable and measured than the US. Trump had it right when he pointed out that ISIS was born out of the ashes in Iraq, grew into adolescence with the bloodshed in Libya thanks to an infusion of Toureg mercenaries Ghadafi kept on a leash. And then the US tries foolishly to find and support a Free Syrian Army which doesn't exist anywhere but on paper and in the American media cycle.
  The real question, why are Americans so keen to put everyone but themselves on the hook?
69. Re:Russians by Anonymous Coward · 2017-06-29 10:38 · Score: 0
  
  that's your goto, right? "the US did it!".
70. Re:Russians by kaatochacha · 2017-06-29 10:39 · Score: 1
  
  Dude, the russians messed with the election because PUTIN DISLIKES HILARY.
  They're the epitome of petty...
71. Re: Russians by Anonymous Coward · 2017-06-29 10:48 · Score: 0
  
  because there's an equally annoying army of ignorant fools like you seeing CIA spies in every cubbyhole.
72. Re:Russians by Anonymous Coward · 2017-06-29 11:09 · Score: 0
  
  Yeah, they're BOTH cunts.
73. Re:Russians by Anonymous Coward · 2017-07-03 05:33 · Score: 0
  
  The moment you mentioned Oliver Stone was the moment you jumped the shark.
  Please, go back to your usual subject: Chemtrails.
74. Re:Russians by Anonymous Coward · 2017-07-03 05:37 · Score: 0
  
  I have never head on talk radio how they are our friends. You just pretend you heard it, because NPR told you so.
75. Re:Russians by Anonymous Coward · 2017-07-03 13:16 · Score: 0
  
  Heh, no more than warmongers elsewhere. Need more data to ascribe blame here. Could easily be a false-flag attack.
Ready Set Go by Anonymous Coward · 2017-06-28 08:51 · Score: 0

Let the blaming of Russia commence. If some "security expert" concludes "a nation state attack was the only plausible explanation" then it's gotta be Putin, right?
1. Re:Ready Set Go by Oswald+McWeany · 2017-06-28 09:15 · Score: 5, Interesting
  
  It doesn't always "have to be Putin" but there is a reason why it frequently is Russia.
  1) They have the resources. No country has a better human resource for hacking than Russia. They have a large highly trained tech-savvy population. They've put more effort into teaching people to be computer literate than almost anywhere else. They also have a wild-west type law enforcement that overlooks a lot of hacking and allows people to hone their skills that way.
  2) They have a motive. Russia is semi-openly hostile to most countries that lay to it's West. They have a policy of constantly testing our defenses. They frequently fly planes into other countries airspace to see how quickly they will react, the cyber warfare is more of the same testing. They're seeing how we will react.
  3) They have a leader who doesn't give a damn what other countries think of them. Putin wants what is best for Russia and doesn't care if that makes people in other countries not like him. He doesn't want to be known as clean or honourable- he just wants to restore the empire. Furthermore, his background is in espionage. Being sneaky is in his blood.
  
  --
  "That's the way to do it" - Punch
2. Re:Ready Set Go by Anonymous Coward · 2017-06-28 09:55 · Score: 0
  
  Yeah, you almost had me until "he just wants to restore the empire". What a load of BS. How the hell does anyone know with such certainty what Putin wants?
3. Re:Ready Set Go by Rei · 2017-06-28 10:18 · Score: 4, Insightful
  
  Yeah, what part of him de facto annexing parts of half a dozen neighboring countries and de jure annexing part of Ukraine would give one the impression that he wants to restore the empire? What part of Putin lamenting the fall of the Soviet Union would give one that impression?
  
  --
  "99 dead duelists of Dios on the wall. 99 dead duelists of Dios! Take one's ring, pass it around..."
4. Re:Ready Set Go by Anonymous Coward · 2017-06-28 10:42 · Score: 3, Informative
  
  Care to name half a dozen neighboring countries parts of which Putin annexed de facto or otherwise?
5. Re:Ready Set Go by edis · 2017-06-28 12:23 · Score: 1
  
  highly trained tech-savvy population
  I recall how it all started. Westerners had money, credit cards, and software, that was protected from being stolen.
  Post-soviet kids didn't, so they had works to do. I was reading those cracker magazines, they have been very educational.
  
  --
  Servant of karma
6. Re:Ready Set Go by dbIII · 2017-06-28 16:40 · Score: 1, Informative
  
  "he just wants to restore the empire". What a load of BS. How the hell does anyone know with such certainty what Putin wants?
  Maybe because he's said that himself many times, especially when campaigning for election.
7. Re:Ready Set Go by Anonymous Coward · 2017-06-28 18:59 · Score: 0
  
  Half a dozen? As in, six? Which ones?
8. Re:Ready Set Go by Carewolf · 2017-06-28 19:53 · Score: 0
  
  Care to name half a dozen neighboring countries parts of which Putin annexed de facto or otherwise?
  I could name three: Geogia (twice), Ukraine and Moldova, not sure what the last three might be.
9. Re:Ready Set Go by dunkelfalke · 2017-06-28 21:00 · Score: 3, Insightful
  
  Even Moldova would be wrong - that particular civil war happened when Putin was just an aide for a local politician.
  
  --
  "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
10. Re:Ready Set Go by Buchenskjoll · 2017-06-28 21:27 · Score: 1
  
  3) They have a leader who doesn't give a damn what other countries think of them. Putin wants what is best for Russia and doesn't care if that makes people in other countries not like him. He doesn't want to be known as clean or honourable- he just wants to restore the empire.
  Fun exercise: Replace Putin with Trump and Russia with USA.
  
  --
  -- Make America hate again!
11. Re:Ready Set Go by edis · 2017-06-28 21:56 · Score: 0
  
  Take Georgia, Moldova, Ukraine, Chechnya. Baltic states were lost, as life there took off, and currently is at higher standards, than compatriots in native Russia have - one has to be insane to long losing that in his life.
  
  --
  Servant of karma
12. Re:Ready Set Go by qaz123 · 2017-06-28 22:59 · Score: 2
  
  Chechnya was not a separate country from Russia even after the Soviet Union broke up. It was and is within the Russian borders.
13. Re:Ready Set Go by Oswald+McWeany · 2017-06-28 23:17 · Score: 2
  
  3) They have a leader who doesn't give a damn what other countries think of them. Putin wants what is best for Russia and doesn't care if that makes people in other countries not like him. He doesn't want to be known as clean or honourable- he just wants to restore the empire.
  Fun exercise:
  Replace Putin with Trump and Russia with USA.
  For point 3, I in no way disagree with you. There is a reason those two men admire each other.
  
  --
  "That's the way to do it" - Punch
14. Re:Ready Set Go by thegarbz · 2017-06-28 23:35 · Score: 1
  
  Russia is semi-openly hostile
  That's a very nice way of putting a relationship which has in recent history resulted in one country taking a section of the other country by force.
15. Re:Ready Set Go by dunkelfalke · 2017-06-28 23:48 · Score: 2
  
  Yes, we already know that you hate Russia. You have been writing about that "for fucking years, absolutely years".
  And yes, Putin was absolutely right that the breakup of the USSR was a disaster - it sent millions of people into poverty, lowered their average life expectation by a decade, revoked many of their rights and freedoms and directly killed tens of thousands in the ensuing ethnic conflicts.
  A slower and more peaceful transformation would have been far more preferable for everyone and all of this is just as true for Yugoslavia.
  
  --
  "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
16. Re:Ready Set Go by Anonymous Coward · 2017-06-29 00:32 · Score: 0
  
  Moldova is not Russia's neighbor.
17. Re:Ready Set Go by edis · 2017-06-29 01:41 · Score: 0
  
  Yeah, it was not, in spite of fighting damn hard, and after Putin allowed his puppet to take local throne in exchange to loyalty, it once again is at peaceful home of Russia the Empire.
  "Not a separate" has bloody dear price.
  Chechen–Russian conflict: https://en.wikipedia.org/wiki/...–Russian_conflict
  Caucasian War: https://en.wikipedia.org/wiki/...
  
  --
  Servant of karma
18. Re:Ready Set Go by edis · 2017-06-29 02:55 · Score: 0
  
  Or was it, buddy? Read Wikipedia articles, and you will find it out!
  
  --
  Servant of karma
19. Re:Ready Set Go by Anonymous Coward · 2017-06-29 03:10 · Score: 0
  
  What he said was that the fall of the USSR was a tragedy. Never did he say he wanted to "restore the empire".
20. Re:Ready Set Go by qaz123 · 2017-06-29 05:16 · Score: 1
  
  When was it? in 18th century?
  I thought you were talking about post-soviet Russia
21. Re:Ready Set Go by qaz123 · 2017-06-29 05:46 · Score: 2
  
  Let me educate you :) The USSR consisted of 15 republic states. According to the constitution of the USSR each republic state had a right to secede from the USSR. These republic states were: Armenia, Azerbaijan, Belarus, Estonia, Georgia, Kazakhstan, Kirghistan, Latvia, Lithuania, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine, Uzbekistan.
  https://en.wikipedia.org/wiki/...
  As you can see there were no Chechnya among them. Chechnya was a part of the Russian republic state. In the end of 1991, all 15 republic states seceded from the USSR and became 15 independent states. The USSR ceased to exist. And because Chechnya was part of the Russian republic state within the USSR, it became a part of the current Russian Federation.
22. Re:Ready Set Go by dbIII · 2017-06-29 12:51 · Score: 0
  
  Never did he say he wanted to "restore the empire".
  He has. Frequently.
  As an aside he's got Joseph Stalin's library in his office and uses it to impress/scare visitors. When he wants to see what Stalin thought of something he reads the copious notes in the margins of those texts.
23. Re:Ready Set Go by Anonymous Coward · 2017-06-29 12:53 · Score: 0
  
  Putin is MUCH MUCH scarier than Trump
  One is a vain idiot
  the other is smart, ruthless and charismatic
24. Re:Ready Set Go by sydbarrett74 · 2017-06-30 07:31 · Score: 1
  
  Putin wants what is best for Putin
  
  FTFY.
  
  --
  'He who has to break a thing to find out what it is, has left the path of wisdom.' -- Gandalf to Saruman
25. Re:Ready Set Go by kaatochacha · 2017-07-03 05:39 · Score: 1
  
  And Taiwan is not a separate country from the People's Republic, but that doesn't make either of them exactly so.
26. Re:Ready Set Go by qaz123 · 2017-07-03 06:36 · Score: 1
  
  You are talking what you know nothing about. I saw how the situation in Chechnya was developing very closely to me. To compare it to Taiwan? There wasn't anything close to Taiwan in resemblance in Chechnya. There were only 2-3 years of anarchy there when Russian government have no control over that Russian province. And that's it
How... by The+Grim+Reefer · 2017-06-28 08:51 · Score: 1

How did the NSA go from "No Such Agency" to one that can't keep control over tools like this? What in the hell happened?
1. Re:How... by Captain+Splendid · 2017-06-28 08:56 · Score: 2
  
  Information wants to be free?
  
  --
  Linux, you magnificent bastard, I read the fucking manual!
2. Re:How... by Anonymous Coward · 2017-06-28 08:59 · Score: 0
  
  That's easy. They subcontracted it out to some guy in Hong Kong who posted it on the internet then ran to Russia.
  The only thing less competent than the government is the private sector when corners need to be cut so the CEO can skim more off the top.
3. Re:How... by avandesande · 2017-06-28 09:03 · Score: 1
  
  Entropy doesn't favor things being secret.
  
  --
  love is just extroverted narcissism
4. Re:How... by Anonymous Coward · 2017-06-28 09:06 · Score: 0
  
  Are you really so arrogant that you think that the Americans who work for the NSA are the only ones in the world who know how to write malicious code?
5. Re:How... by The+Grim+Reefer · 2017-06-28 09:18 · Score: 2
  
  Are you really so arrogant that you think that the Americans who work for the NSA are the only ones in the world who know how to write malicious code?
  Not at all. But everything I've read states that it was derived from the code that the Shadow Brokers released.
muh russia? by Anonymous Coward · 2017-06-28 08:54 · Score: 0

Putin get off the netcom netcruiser account, we only have 40 hrs a month!
Who Loves You Baby! by Anonymous Coward · 2017-06-28 08:55 · Score: 0

PUTIN!
Suck on the lollipop!
TRUMP powa!
The Growing Cyber War by Frosty+Piss · 2017-06-28 08:59 · Score: 5, Interesting

I suspect that Russia's growing use of "cyber war" tactics against its enemies will eventually backfire in the political arena. They really can't expect that governments, both friend and foe, will not start to lean on them in a more forceful way. I think and all-out âoecyber warâ between a growing number of countries would be very very very bad for everyone.

--
If you want news from today, you have to come back tomorrow.
1. Re:The Growing Cyber War by quonset · 2017-06-28 09:07 · Score: 2
  
  When then president Obama was informed Russia was doing whatever it could to damage or help defeat Hillary Clinton and get Trump elected, he approved covert measures to plant cyber bombs into Russia's infrastructure. They would be used if the U.S. and Russia escalated the attacks on one another.
  They were still in the planning stages when Obama left office, but enough was done that the incoming president could follow up and use them, if necessary. Which was never done. After the changing of administrations, the new president promptly shelved these plans. As a goodwill gesture towards Russia, or possibly a way of saying thanks for the help.
2. Re:The Growing Cyber War by sheph · 2017-06-28 09:13 · Score: 0
  
  Ok that's an interesting claim. Care to provide some sources for that conspiracy theory?
  
  --
  I don't believe in karma, I just call it like I see it.
3. Re:The Growing Cyber War by desdinova+216 · 2017-06-28 09:14 · Score: 1
  
  . After the changing of administrations, the new president promptly shelved these plans. As a goodwill gesture towards Russia, or possibly a way of saying thanks for the help.
  why not both?
4. Re:The Growing Cyber War by sheph · 2017-06-28 09:28 · Score: 0
  
  Except that the article in its closing paragraph indicates that it would take a direct order from Trump to stop it, and no such order has been given. Keep in mind as well that this is all based on anonymous sources coming from a publication well known for its bias. I'm not saying it's false, I'm just skeptical considering the lack of credible information. While the constant crowing about fake news has worn rather thin it's not exactly incorrect. The media in general leans liberal and has been far more critical of Trump than they were of Obama. They've also been caught making stuff up outright. So yeah, I think it makes the president look somewhat petty when he calls attention to something that everyone who cares already sees. But at the same time he's not wrong.
  
  --
  I don't believe in karma, I just call it like I see it.
5. Re:The Growing Cyber War by Anonymous Coward · 2017-06-28 09:28 · Score: 0
  
  I suspect that the media's growing use of "Russia" as a scape goat for all things cyber will eventually backfire in the popular arena.
6. Re:The Growing Cyber War by Anonymous Coward · 2017-06-28 09:29 · Score: 0
  
  Obama’s secret struggle to punish Russia for Putin’s election assault
  Over that five-month interval, the Obama administration secretly debated dozens of options for deterring or punishing Russia, including cyberattacks on Russian infrastructure, the release of CIA-gathered material that might embarrass Putin and sanctions that officials said could “crater” the Russian economy.
  But in the end, in late December, Obama approved a modest package combining measures that had been drawn up to punish Russia for other issues — expulsions of 35 diplomats and the closure of two Russian compounds — with economic sanctions so narrowly targeted that even those who helped design them describe their impact as largely symbolic.
  Obama also approved a previously undisclosed covert measure that authorized planting cyber weapons in Russia’s infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office. It would be up to President Trump to decide whether to use the capability.
7. Re:The Growing Cyber War by MightyMartian · 2017-06-28 10:24 · Score: 4, Interesting
  
  The Obama Administration alluded to consequences at the time. A good many anti-Obama and pro-Russia types (there seem an unusual amount of both on here) seem to forget that everyone knew for months BEFORE the election that the Russians were trying to screw over the US election, and since then we've seen them do it in other Western countries.
  I simply do not understand the willingness of some to condemn the United States and act like cheerleaders for Russia. Russia has been the West's enemy for decades, and even during the brief periods of reasonably good relations over the last few centuries, neither side has ever particularly trusted the other.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
8. Re:The Growing Cyber War by Anonymous Coward · 2017-06-28 10:34 · Score: 0
  
  As a not very proud citizen of USSR, which seams surprisingly enough a better version of Russian Federation, I suggest you take your own dick and shover it where the sun doesn't shine sociopath motherfucker. If you do not have a dick, I would suggest chemical castration for the betterment of future generations.
9. Re:The Growing Cyber War by gweihir · 2017-06-28 11:50 · Score: 2
  
  That is why I do not think this actually is anything done officially or with official sanctioning. Putin (very much unlike Trump) is not stupid at all and does understand this game very well, because he is a long-time high-level player. His morals may be questionable, but not his smarts.
  My take is that this is some Russian "patriots" and that the only thing they will get from Putin is that the Russian authorities will not try very hard to find these criminals. That is as long as they make very sure to not to much domestic damage. Hence I think these "patriots" are about one coding error away from a long-term vacation in a Siberian labor-camp.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
10. Re:The Growing Cyber War by Mal-2 · 2017-07-03 06:06 · Score: 1
  
  After the changing of administrations, the new president promptly shelved these plans. As a goodwill gesture towards Russia, or possibly a way of saying thanks for the help.
  Or he said he did, with the same intentions but not the cost. I think it's more likely those plans are perhaps de-emphasized, but not completely abandoned. I don't think his Not Invented Here syndrome runs that deep.
  
  --
  How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
Do you editors even read your own stories?! by the_skywise · 2017-06-28 09:03 · Score: 0

The attackers behind the attack have made little money -- around $10,000. Which leads to speculation that perhaps money wasn't a motive at all.
Slashdot yesterday

The ransom note demands victims send bitcoin to a predefined address and contact the hacker via email to allegedly have their files decrypted. But the email company the hacker happened to use, Posteo, says it has decided to block the attacker's account, leaving victims with no obvious way to unlock their files.
So that would take care of both point 2 and point 3
Or are you guys just interested in perpetuating propaganda now? (Yeah I know.. silly rhetorical question...)
1. Re: Do you editors even read your own stories?! by bestweasel · 2017-06-28 10:51 · Score: 3, Insightful
  
  That's one way of looking at it; this is another:
  
  Nicholas Weaver, a security researcher at the International Computer Science Institute and a lecturer at UC Berkeley, said Petya appears to have been well engineered to be destructive while masquerading as a ransomware strain.
  Weaver noted that Petyaâ(TM)s ransom note includes the same Bitcoin address for every victim, whereas most ransomware strains create a custom Bitcoin payment address for each victim.
  Also, he said, Petya urges victims to communicate with the extortionists via an email address, while the majority of ransomware strains require victims who wish to pay or communicate with the attackers to use Tor, a global anonymity network that can be used to host Web sites which can be very difficult to take down.
  âoeIâ(TM)m willing to say with at least moderate confidence that this was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware,â Weaver said. âoeThe best way to put it is that Petyaâ(TM)s payment infrastructure is a fecal theater.â
  From Krebs on Security
  For the non-native English speakers here (and I know there are a lot of you), fecal theater is a euphemism for shit show.
We all saw it coming, didn't we? by hyperar · 2017-06-28 09:14 · Score: 1, Insightful

Now everything is "nation-sponsored", so-called expert now throw this at everything without handing a single proof of it's claims, and sometimes not even making sense.
1. Re:We all saw it coming, didn't we? by gweihir · 2017-06-28 11:51 · Score: 1
  
  There are historically a lot of loud-mouths and incompetents in the IT security space. This has unfortunately not changed.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
2. Re:We all saw it coming, didn't we? by thegarbz · 2017-06-28 23:36 · Score: 1
  
  and sometimes not even making sense
  As a matter of interest, what part of this doesn't make sense?
3. Re:We all saw it coming, didn't we? by Anonymous Coward · 2017-06-29 00:22 · Score: 0
  
  The ransomware isn't making money not because it wasn't the goal but because the email address used by them has been shutdown, effectively removing their ability to get money, but from what I understand those that did get through before it was shutdown got their keys. So suggesting Russia was doing this doesn't make sense, if they did they would not have been providing the keys or would be after a lot more than the piddly amount that was being requested, The kits are in the wild with every criminal group, sometimes the most logical answer is the right one and this time that answer is criminals.
4. Re:We all saw it coming, didn't we? by kaatochacha · 2017-07-03 05:51 · Score: 1
  
  IF you're smart enough to run it, you're smart enough to have redundant communication.
Extremely thin "evidence" by William+Baric · 2017-06-28 09:19 · Score: 1

1. Considering (as far as I know) one of the main propagation method for Petya was through a compromise accounting software mostly used in Ukraine, it's not surprising that Ukraine was the most affected.
2. The fact that very few people paid the ransom is completely irrelevant.
3. I'm pretty sure most of these ransomware are made by teenagers and amateurs. Buggy malware is very common.
So the question is, who are those "researchers" and what evidence do they have? More importantly, are those "researchers" politically motivated?
1. Re:Extremely thin "evidence" by MightyMartian · 2017-06-28 10:21 · Score: 2, Insightful
  
  Because Russia would never try to screw around with the computers of a country that it has a) effectively invaded and b) already annexed a piece of its territory. Oh no, to suggest that is somehow to betray "political motivation."
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
2. Re:Extremely thin "evidence" by Anonymous Coward · 2017-06-28 15:09 · Score: 1
  
  You're a gullible idiot. First of all, Euromaidan was a popular revolution, not a coup. In this particular case, the popular revolution thwarted an attempted coup by Yanukovych. Do yourself a favor, and read about Yanukovych's anti-protest laws, which came to be known as the "Dictatorship laws," illegally imposed after a show of hands in the parliament (not the proper voting procedure), after a consultation trip to the Kremlin.
  
  As for Crimea, it was the people who were living in Crimea
  Crimeans didn't decide anything. In spite of overwhelming Russian propaganda, polls before Russia's illegal annexation of Crimea showed that Crimeans preferred to stay with Ukraine. First of all, Russia's referendum pantomime was done in breach of numerous international laws, norms, and treaties, and under Russian military occupation. Second, the referendum did not have a "status quo" option. Third, as the Kremlin's Human Rights Council confirmed that the Crimea "referendum" results were totally fabricated. Russia took away Crimeans' ability to determine their own fate.
  
  the anti-Russia government that took power in Ukraine after the coup?
  When a certain country attacks you, you tend to become anti- that country. But let's get the chronology straight - Russia started its Crimea invasion in early February 2014, while Yanukovych was still in office. One of the Russian officers coordinating the Crimea invasion, was Igor Girkin, who immediately went on to lead Russia's invasion of Ukraine's Donbas region. So your rationalization of Russia's Crimea invasion is absurd.
  
  so anti-Russians it even tried to forbid the Russian language.
  That's a flat out lie. A motion was proposed in the Rada to take away the privileged status of the Russian language, but Ukraine's acting president, Turchynov, said that he wold veto any such proposal, and that was the end of it. How dumb do you have to be to believe that a country could "forbid" a language that's spoken by the majority of that country?
  
  can you explain to me why the US government immediately accepted the result of the coup instead of demanding the respect of democracy
  As mentioned above, Yanukovych tried to subvert democracy in Ukraine - he would've turned Ukraine into a Russia-style dictatorship. The revolution ensured that democracy was not thwarted. After three months of Turchynov's provisional government, Poroshenko was elected in accordance with Ukrainian law.
  
  Considering the difference of military power, if one day Russia decided to invade Ukraine, it would be even easier for them than when the US invaded Iraq.
  More Russian propaganda. Here's a translation of a Novaya Gazeta article, in which a Buryat (Russian Mongol) soldier openly talks about his tank unit invading Donbas. Since the article has been published, his mother has been complaining that the Russian military refuses to give him his military pension or to provide other services due to him as an injured soldier. Ukrainian POW Savchenko was traded to Russia for two Spetsnaz who were captured in Donbas. Just yesterday, a Russian soldier was captured in East Ukraine. You can download the Nemtsov Report, which Boris Nemtsov was compiling before the Kremlin's lackeys murdered him -
3. Re: Extremely thin "evidence" by Anonymous Coward · 2017-06-28 16:38 · Score: 0
  
  Not a gullible idiot, a Kremlin hireling deliberately sowing FUD like so many on here.
4. Re:Extremely thin "evidence" by Carewolf · 2017-06-28 19:56 · Score: 3
  
  You are really stupid or really shilly. So let's pretend the russian never entered eastern Ukraine and shot down a commercial airline and bragged about it. They still invaded Crimea and even annexed it.
5. Re:Extremely thin "evidence" by qaz123 · 2017-06-28 23:56 · Score: 1
  
  One being able of having a motive to do something doesn't mean he did that. Not to mention there are several possible motives.
6. Re:Extremely thin "evidence" by qaz123 · 2017-06-29 00:15 · Score: 1
  
  "of having"=" or having"
7. Re:Extremely thin "evidence" by Anonymous Coward · 2017-06-29 01:55 · Score: 0
  
  Lol, he uses wordpress blogs to prove his point. I mean, seriously? Hahahahaha.
Or maybe it's just badly written by Hentes · 2017-06-28 09:24 · Score: 1

This sounds more like a skiddie modifying the source without understanding it and screwing up than a targeted attack. The code only damages the MFT, which is annoying but most of the time reversible. A nation state level attacker would've been much more thorough.
vaccine by Rudisaurus · 2017-06-28 09:28 · Score: 4, Insightful

According to BleepingComputer.com, you can vaccinate against NotPetya by creating and adding 3 write-protected files to your C:\Windows folder: perfc, perfc.dat, and perfc.dll.

Content doesn't matter but "Read-only" status does.

--
licet differant, aequabitur
1. Re:vaccine by networkzombie · 2017-06-28 10:03 · Score: 2
  
  Be warned that the NotPetya read-only perfc file vaccination method only skips encryption on local system, it does not stop NotPetya from searching and infecting other systems over the network using psexec/WMIC/LSAdump. Sophos claims the psexec/WMIC/LSAdump network infection method will infect fully patched Windows 10 systems.
2. Re:vaccine by 93+Escort+Wagon · 2017-06-28 11:12 · Score: 4, Funny
  
  you can vaccinate against NotPetya by creating and adding 3 write-protected files to your C:\Windows folder: perfc, perfc.dat, and perfc.dll.
  I'm royally screwed, then. Not only does my Mac not have that folder - it won't even let me create a C: drive!
  
  --
  #DeleteChrome
3. Re:vaccine by Coopjust · 2017-06-28 11:21 · Score: 1
  
  Via Sophos:
  
  In cases where the SMB exploit fails, Petya tries to spread using PsExec under local user accounts. (PsExec is a command-line tool that allows users to run processes on remote systems.) It also runs a modified mimikatz LSAdump tool that finds all available user credentials in memory.
  
  It attempts to run the Windows Management Instrumentation Command-line (WMIC) to deploy and execute the payload on each known host with relevant credentials. (WMIC is a scripting interface that simplifies the use of Windows Management Instrumentation (WMI) and systems managed through it.)
  
  So on networked systems, if a host has the "vaccination" gets hit but has credentials for other systems that permit logon/execution saved, then it can still spread. If you don't save networked credentials for other PCs on your network on a given PC, then it shouldn't be an issue on a fully patched network.
  
  I could see this being an issue on corporate networks if Windows Server is not fully patched and a server like AD has a network logon that is valid across a wide number of client PCs/other servers, but the impact on most home networks is likely minimal.
  
  Still wouldn't hurt to apply the 'vaccination' to each PC you own as a precaution though.
4. Re:vaccine by Anonymous Coward · 2017-06-28 11:23 · Score: 1
  
  you can vaccinate against NotPetya by creating and adding 3 write-protected files to your C:\Windows folder: perfc, perfc.dat, and perfc.dll.
  I'm royally screwed, then. Not only does my Mac not have that folder - it won't even let me create a C: drive!
  You need to install Linux first.
5. Re:vaccine by thegarbz · 2017-06-28 23:38 · Score: 1
  
  That's a poor excuse. Don't let the fact that you have to run software that isn't available on other platforms stop you from using this malware. You can always run Petya in a Windows VM and share the folders back to your mac machine. You too could have the full experience.
6. Re:vaccine by strikethree · 2017-06-29 05:54 · Score: 1
  
  you can vaccinate against NotPetya by creating and adding 3 write-protected files to your C:\Windows folder: perfc, perfc.dat, and perfc.dll.
  I'm royally screwed, then. Not only does my Mac not have that folder - it won't even let me create a C: drive!
  Typical Mac user. Sheesh. Any semi-competent Linux user would tell you to install Wine (or buy Cider) first. At least us Linux users do not expect our hands to be held all the time. ;)
  
  --
  "Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
7. Re:vaccine by 93+Escort+Wagon · 2017-06-29 08:28 · Score: 1
  
  Typical Mac user. Sheesh. Any semi-competent Linux user would tell you to install Wine (or buy Cider) first. At least us Linux users do not expect our hands to be held all the time. ;)
  Hey, good point. But I couldn't get it to run in a Crossover Wine bottle either, though. However I have filed a bug report with Codeweavers, and I've up-voted Petya as well... so hopefully soon I can join the fun!
  
  --
  #DeleteChrome
but by Anonymous Coward · 2017-06-28 09:52 · Score: 0

While everybody is busy watching this attack,what else is slipping under the radar.
It reminds me of when every man and his dog was watching for a big,known asteroid to pass close to us,so nobody noticed the one coming in from another direction that then went bang over a Russian city..
I expect a few business's to have to declare in a few months time that they were compromised by something totally different and far more damaging today..
Sigh another Russia poke by people with no clue by guruevi · 2017-06-28 09:58 · Score: 0

The reason the individuals behind the attack didn't make money and all those customers are hosed is because the email address was blocked by the email provider. That was confirmed yesterday. The rest is speculation and hyperbole by idiots without a clue.
Basically this is what happened: some idiot got their hands on some code, thought he was going to get rich and got immediately blocked by taking out his communication. The "attack" was poor because the criminals are idiots.

--
Custom electronics and digital signage for your business: www.evcircuits.com
1. Re:Sigh another Russia poke by people with no clue by MightyMartian · 2017-06-28 10:19 · Score: 5, Insightful
  
  How was the attack poor? Sure, they didn't make any money, but they fucked up a lot of Ukraine businesses. Mission accomplished, I'd say.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
2. Re:Sigh another Russia poke by people with no clue by guruevi · 2017-06-28 12:57 · Score: 1
  
  They didn't get paid, the entire premise of the ransomware failed because they chose an e-mail provider that decided they wouldn't support them. The goal wasn't to fuck anything up, it was to ransom the data and hope a portion of their "victims" didn't have a good backup plan and paid up.
  The businesses technically fucked themselves by a series of bad decisions, first of all, not having backups, not having a competent IT person, running (unpatched) Windows on public systems and/or blindly installing some software, perhaps they'll reconsider their choices in the future.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com
3. Re:Sigh another Russia poke by people with no clue by Anonymous Coward · 2017-06-28 20:45 · Score: 0
  
  Your comment is factually incorrect.
  - patched Windows is still vulnerable
  - the systems initially affected weren't directly accessible from internet
  - "some software" in this case is a tool to help dealing with accounting and taxes in Ukraine. It was first released in 2010.
Pot meet kettle by Anonymous Coward · 2017-06-28 10:58 · Score: 1

You know no one particularly trusts America either right. It's a pretty low bar.
CIA and America have been influencing other countries elections since, almost forever.
But yep it's the Russians (and the Chinese, those damn "Commies")...
1. Re:Pot meet kettle by Anonymous Coward · 2017-06-28 12:36 · Score: 0
  
  CIA and America have been influencing other countries elections since, almost forever.
  I keep hearing that excuse, even though pretty much every discussion I have about US foreign policy includes a mention that that's a terrible idea and we shouldn't do it.
2. Re:Pot meet kettle by Anonymous Coward · 2017-06-28 19:17 · Score: 0
  
  https://soylentnews.org/articl... You must be the one person who didn't know by now.
3. Re:Pot meet kettle by Anonymous Coward · 2017-06-29 17:23 · Score: 0
  
  It is a bad idea and you shouldn't do it. .... BUT YOU HAVE DONE IT FOR DECADES ANYWAY !!!
  How can you not know this?
LOL you Americans are so stupid by Anonymous Coward · 2017-06-28 11:05 · Score: 0

This guy has to be a hired psyop.
Everyone knows the US spent billions to fuck up Ukraine.
US spent $5 billion to destabilize Ukraine
The United States spent $5 billion on Ukraine anti-government riots
Neocons and the Ukraine Coup
U.S. Admits It Spent 5 Billion to Overthrow Ukraine
Victoria Nuland's Admits Washington Has Spent $5 Billion to "Subvert Ukraine"
Nuland: Fuck the EU
The US spent billions to overthrow an elected president in Ukraine, created riots.
Now Joe Biden's runs Ukraine's oil companies.
1. Re:LOL you Americans are so stupid by computererds · 2017-06-30 08:57 · Score: 1
  
  This guy has to be a hired psyop. Everyone knows the US spent billions to fuck up Ukraine.
  US spent $5 billion to destabilize Ukraine The United States spent $5 billion on Ukraine anti-government riots Neocons and the Ukraine Coup U.S. Admits It Spent 5 Billion to Overthrow Ukraine Victoria Nuland's Admits Washington Has Spent $5 Billion to "Subvert Ukraine" Nuland: Fuck the EU
  The US spent billions to overthrow an elected president in Ukraine, created riots. Now Joe Biden's runs Ukraine's oil companies.
  Did you even read your own links?
  
  "That’s a distorted understanding of remarks given by a State Department official. She was referring to money spent on democracy-building programs in Ukraine since it broke off from the Soviet Union in 1991.
  
  We rate the claim Pants on Fire."
Re: Sigh another Russia poke by people with no clu by Anonymous Coward · 2017-06-28 11:08 · Score: 0

It was poor because it could have been much worse.
I'm glad these modern malware authors are so greedy. They make the infection apparent so quickly it's no wonder they fail. This attack could have stayed silent for a few months and it would have been much worse and made a lot more money.
People see a big skull with a flashing background they will sure as hell talk about it.
Ransomware Short-Circuited by shubus · 2017-06-28 11:53 · Score: 2

Cyberattack? Not really. People have already forgotten that the ISP responsible for receiving emails of people desiring to pay the ransom was BLOCKED by the ISP so nobody could pay. This accounts in large part for why the hackers (wherever and whoever they are) didn't collect much money. Anyway, what with all the cyber attacks and ransomware going around I'm still amazed that after all this time, those machines infected STILL HAVE NOT upgraded their OS. It sure pays to do so. But what do I know---I'm not a windows user.
1. Re:Ransomware Short-Circuited by jjw3579 · 2017-06-29 01:56 · Score: 1
  
  Blocking the email would not have blocked payments. Victims were supposed to notify them of the transaction numbers after via email. Also it rekt the MFT table.
2. Re:Ransomware Short-Circuited by shubus · 2017-06-29 04:41 · Score: 1
  
  Agreed! If the victims couldn't email those guys then they'd never get the keys to unlock their files. I do wonder if anyone ever got their unlock keys.
Random malware get how many stories now? by AHuxley · 2017-06-28 13:49 · Score: 1

Malware that flows around the internet and infects random nations?
No security service or nation would allow their own side, nation, interests to be at any risk from random malware.
Malware thats in the wild doing stuff to a lot of nations is not a national cyber event.
Its just malware and a slow news day.
Read up on how nations really consider and use their cyber assets. Nations take care to ensure the system, user or server is the only thing thats accessed.

Lets do some reading
The Inside Story of How British Spies Hacked Belgium’s Largest Telco (December 13 2014)
https://theintercept.com/2014/...
Read down to the "The hack would remain undetected for two years, until the spring of 2013" part and consider the quality and effort a nation puts into its code.
To stay in a network, only that network and not get found. No AV or websites or social media talking about that effort in real time.
Notice the difference after discovery too? "" ... never got a chance to study the routers."" Nations don't comment much on the efforts of other nations, to experts or the media.

Stuxnet https://en.wikipedia.org/wiki/...
Equation Group https://en.wikipedia.org/wiki/...
Again stay hidden, works really well for the task, great effort to stay with interesting people and efforts not spreading back to creators own nation. Skills to try and avoid random AV detection too. Less AV chatter in real time in the wild.
Nations can try automated cyber efforts but again they are automated to respond to very interesting people and try not to get talked about in real time by AV and experts. The staging servers are not found in real time. Malware do random things to many nations is not a cyber effort.
Its just malware and a news story.
Look at list of how nations do their cyber.
Names and definitions of leaked CIA hacking tools (Mar 9, 2017)
https://techcrunch.com/2017/03...
Neat products by server, brand, target. No finding the servers, no finding the nations control GUI. Exploits that work and and can work around most consumer AV and their experts most of the time. Not malware that flows over anything, everything and anyone thats been talked about and studied in real time.
Discovering a Hive, or SparrowHawk would not be an option for a nation's cyber contractors or gov/mil staff.

--
Domestic spying is now "Benign Information Gathering"
Americans are so waistful by Anonymous Coward · 2017-06-28 14:25 · Score: 0

LOL, Putin spent only a fraction of that to overthrow the Democrats. Ruthless efficiency.
1. Re:Americans are so waistful by Anonymous Coward · 2017-06-28 15:09 · Score: 0
  
  Putin spent only a fraction of that to overthrow the Democrats.
  If he did, I would like to thank him for saving America from that psychopathic bitch Hillary and the globalist cabal. That was a huge favor to Western Civilization in general and the US in particular.
2. Re: Americans are so waistful by Anonymous Coward · 2017-06-28 22:04 · Score: 0
  
  I find the idea that you think an international hotel brand magnate is not a globalist very funny.
  How's that Carrier deal working out?
3. Re: Americans are so waistful by PoopJuggler · 2017-06-28 22:22 · Score: 0
  
  How is anything that orange turd is doing working out? He hasn't closed a single deal, hasn't built a wall, hasn't got his travel ban, hasn't repealed the ACA, all he's managed to do is make us look like idiots and hurt the environment. That's what happens when you elect a con-man with zero political experience -- better to have someone who knows what they're doing, even if they're not perfect.
4. Re: Americans are so waistful by Anonymous Coward · 2017-06-28 23:49 · Score: 0
  
  Butthurt much that the crook didn't win ?
5. Re: Americans are so waistful by Anonymous Coward · 2017-06-30 13:31 · Score: 0
  
  >>"Putin spent only a fraction of that to overthrow the Democrats.
  If he did, I would like to thank him for saving America from that psychopathic bitch Hillary and the globalist cabal. That was a huge favor to Western Civilization in general and the US in particular." ..And how is this "saving" working out for you so far?
Misreporting by Anonymous Coward · 2017-06-28 14:41 · Score: 0

Lots of otherwise credible news sites are claiming that this attack permanently damages hard drives because it wipes the master boot record. I'm sorry but if you don't know how to repair a borked MBR you should probably stick to using an iPad.
oh COME ON by Anonymous Coward · 2017-06-28 21:33 · Score: 0

its just a bunch of computers crashing, there has to be more windows botched updates every day in this planet that break computers than this little tiny thing
imagine a blaster that deletes hard drives, now that would be FUN
Another version by qaz123 · 2017-06-28 22:53 · Score: 1

It was Ukrainian cybercriminals who wanted to make money but failed to do that because their email was blocked: http://www.news.com.au/technol... The reason Ukraine was the epicenter of the attack was because the criminals was from Ukraine and therefore had better access to Ukrainian targets or knew them better
1. Re:Another version by Anonymous Coward · 2017-06-29 00:15 · Score: 0
  
  Then how strange the attack originated from a very specific place (a bank) , that only just had recently been audited by the US of A. This happened only one or two days before the outbreak , so it is very safe to asume this was planted there by this American auditors which have been cia/nsa agents in disguise.
  All this to further help their narative on oekraine......and to get more war going or have reasons to put more sanctions on anyone they want to blame for it.
Zero evidence by Anonymous Coward · 2017-06-28 23:17 · Score: 0

So, absolutely no evidence for this being anything than crappy ransomware...
- Very little money earned. That's to be expected when the only way to pay the perpetrator is an email account, which was closed shortly after the ransomware was released.
- One of the attack vectors was an update for an accounting program only used in Ukraine. Other sources puts this accounting program as the initial vector, and the simple explanation would be that the attacker had access (legitimately or otherwise) to their update servers. A smart attacker would use a pwned server with no reference to himself, a dumb attacker would use his place of work. Both have been seen many times before.
- The ransomware has a destructive bug. So did the Morris internet worm.
In short, the only people who sees anything other than a ransomware attack here are those who want to see Russians everywhere. McCarthy is back with a vengeance.
very unsubtle by Anonymous Coward · 2017-06-29 00:10 · Score: 0

so is this posting with nothing but speculation and author fanatasy.. They didn't get much money, probablt because the germans blocked their messaging acount used to make money. And so on and on, Much more likely this story is again yet another cia/nsa/usa manipulated story about something they did in the first place.
It's all they do nowadays, fuck up everything and blame someone else for it. Just so they can hope to get their warmachine going full speed again.
Tell me again these aren't JEW Muppets and puppets.
1. Re:very unsubtle by Anonymous Coward · 2017-07-03 08:59 · Score: 0
  
  So you both deny it being Russia because of the lack of solid evidence, then immediately blame the CIA/NSA/USA with no evidence.
  You're illogical and hypocritical withing three paragraphs. Bravo!
vulnerabity in MEDoc the Ukrainian tax software by bingoUV · 2017-06-29 00:52 · Score: 1

http://www.bbc.com/news/techno...
The tax software's update mechanism got compromised.
Mikko Hypponen, a security expert at F-Secure, is saying - "If you do business in Ukraine, the software (MEDoc) appears to be de facto,"
Microsoft is saying : "Active infections of the ransomware initially started from the legitimate MEDoc update process,"

--
Bingo Dictionary - Pragmatist, n. A myopic idealist.
Not sure by jon3k · 2017-06-29 01:40 · Score: 1

I thought there were lots of reports of infections in Russia? Seems like a dangerous move.

But in general I think Russia's flagrant hacking is really going to come back to bite them. I believe the US is much better at this than Russia. And even if you disagree with that, I don't think any reasonable person would disagree that the US plus its major allies (ie Canada, UK, Germany, etc) are vastly better at this.

I think the only argument you could make is, well they're already attacking Russia and now Russia is just very publicly fighting back. Maybe in an attempt to position themselves to have negotiations for a "truce" between all nations. I think Russia would benefit a lot more from an agreement than the US would, so maybe appearing to be the largest threat actor helps their negotiating position?
US gains from Russia being framed. by Anonymous Coward · 2017-06-29 01:49 · Score: 0

US gains from Russia being blamed if it was or wasn't Russia. There IS reason to frame Russia. American government gets their justification to force Europeans to sanction Russia, which they have been reluctant to do, as of late.
Detracts from DoJ investigation into Kaspersky by sabbede · 2017-06-29 02:43 · Score: 1

If this was an attack on the Ukraine, it was almost certainly launched by Russia, who would not want Kaspersky to reveal that it was an attack. Yet they have. So I'm guessing that the DoJ investigation isn't going to find that Kaspersky is working for Russia. Except for selling them software.
Did anyone read more? You *can't* pay. by whitroth · 2017-06-29 04:16 · Score: 1

As I read on Krebs' site, the stupid malware, unlike other malware that generates a unique email to arrange payment, used one, and only one email address. On finding this, the German ISP that the email was on blocked the email.
The result was that if you *wanted* to pay, you couldn't contact the scum to do so.
No, it was some wannabee idiot(s) who put it out there. And I'm still expecting them in court really soon... or "killed resisting arrest", since it sure seemed like Rosneft (that's the Russian mostly state-owned oil giant - think Exxon) was hit, too.