Wifatch: The Vigilante Malware

Malware. That one word which seems to inspire fear and dread in everybody who hears it, even more so when you’ve experienced it first hand on one of your many devices. Malicious Software, or Malware for short, is often used by people to spread itself over the internet or even WiFi in the hopes of creating openings for other malicious software, from a program that can redirect you when you go on the internet to one that encrypts your hard drive until you pay hundreds of pounds so that (if they are true to their word) they will release your files. The world has changed since those dark days, there is a new piece of software in the world; Wifatch is here.

Wifatch was found in late 2015 by Symantec and focuses on the bugs and security issues normally involved in routers (a piece of hardware we all use but rarely update). This malware doesn’t just infect your router and use it to spread to others, it closes off potentially dangerous loopholes and bugs on your router. That’s right, this malware, a piece of software that by its very nature breaches your security and trust, is trying to help stop you from being affected by … malware?

Not only does it block common points of danger for routers but it also tries to disinfect infected systems, even going so far as to reboot systems in the hopes of stopping any malware that is currently running.

The developer even left a funny message in its source code for those brave enough to browse it.

Is this the kind of software that we need? What do you think about this vigilante malware?

Thank you Symantec and the BBC for the information.

Images courtesy of Symantec.

Norse Providing Real-Time Hack Monitoring Map

With all the rambling going on the Internet regarding cyber crime and hacking, nobody can see the full extent of what is really going on. China and the US are reported to constantly ‘clash’ about online spying, having companies and businesses suffering from their actions as a result.

A company from the US called Norse is apparently providing a map which reportedly displays real-time cyber-attacks occurring all over the world. The map can be viewed here (map apparently working best with Chrome), having the company stating that “attacks shown are based on a small subset of live flows against the Norse honeypot infrastructure, representing actual worldwide cyber attacks by bad actors”.

Defence One reports that business hours on Monday in Hong Kong, China has led the list of countries where attacks originated, having the US as China’s top target. The attacks are said to include protocols such as SSH, Telnet, as well as the Windows hacking tool named Crazzynet.

The report also gives examples of targeted and well-organised strikes from China occurring at 1:30 pm on Monday in Hong Kong, having Seattle and Washington as targets. Another example stated originated from Hong Kong and targeted St. Louis just after 4 pm.

Norse is reportedly founded by a former intelligence expert, having previously worked with the US Department of Homeland Security, and a technology consultant.

Thank you Defence One for providing us with this information
Images courtesy of Defence One