Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Nothing is given. Everything is earned. You work for what you have.

June 23, 2016

Protected with Purpose:   Nothing is given. Everything is earned. You work for what you have.

Article by: Steven Sundermeier

“A lot can happen in a minute” is what I remember thinking, as I nervously bit the last of my fingernails.  I knew the current commercial was ending, and that meant Play would resume.  A Victor would emerge.  Destiny hung in front of my eyes—about to unfold.  I could barely breathe.

My family and I were on the edge of the couch, the edge of our nerves and on the edge of hope as play resumed at Oracle Arena.  The Cleveland Cavaliers (Cavs) and Golden State Warriors were deadlocked in an 89-89 tie game in the decisive Game 7 of the NBA Finals.  With 53 seconds remaining in the game, the Cavs guard, Kyrie Irving drained a shot from behind the 3-point line giving the Cavs a 92-89 advantage.
 
Could this really happen?  Can I even allow myself the satisfaction of considering it could happen?  My whole life of waiting, hoping, being disappointed, getting hopes dashed, having that sick-feeling in your stomach of having to “wait until next Year”--- AGAIN.  Would Cleveland celebrate its first major sports title in over 5 decades?!
 
After all, Cleveland is synonymous with sports failures.  We experienced ‘The Drive’, ‘The Shot’, ‘The Move’, and the list goes on and on but, who could forget the heartache we [Clevelanders] felt after ‘The Decision’- the July 2010 LeBron James/ESPN television special where LeBron announced to the world that he was “going to take my talents to South Beach”. 

It’s amazing how many thoughts and emotions can flash through your mind in less than 1 minute.  As we all held our breath and watched the clock tick down, the Cavs triumphed and we were now the 2016 NBA Champions.  My wife and I screamed in raw excitement, we embraced each other tightly and fist bumped the kids.  The Father’s Day MiraCLE had happened; the Cavaliers made history (first team to win the NBA Finals after trailing in the series 3 games to 1) and just reversed our city’s long-running sports curse.  Hallelujah!

I know many of you are probably asking yourself how a sports column found its way into a Technology publication.  Bear with me.
 
Shortly after the game concluded and the on-court celebrations subsided (our eyes still glued and ears finely tuned to the TV), the post game interviews started.  The floor reporter asked Cavs superstar, LeBron James a couple of questions.  One of the first questions was “how is this NBA title different than your others?” to this James responded, “I’m home” referring to earning a championship for his hometown Cleveland.  With emotions high and being #ClevelandProud, my wife and I nearly lost it.  (Apparently experiencing your first Sports Title (even as a fan) causes a flood of emotions.)  One of the next questions asked of LeBron was what he wanted to say to the city of Cleveland and viewing audience.  To this he responded, “In Northeast Ohio, nothing is given. Everything is earned. You work for what you have.”

I went to work the following day with my head held high, I was darn proud of my Cleveland Cavaliers (my city, my Cleveland-area business, and basically, I was just happy!).  However, as the day grew long in the office, I couldn’t shake LeBron’s last statement.  Let me explain…

On that Monday following the Cavs big win on Sunday, I personally had the (dis)pleasure of reverse engineering dozens of malicious samples.  Throughout the day, I analyzed new ransomware files, keyloggers, Trojans, and more.  It is common for our ThreatLab to receive thousands of new malicious samples daily.  One particular file I personally looked at arrived directly to our [Thirtyseven4] general sales email inbox as an attachment. 

Nothing is given. Everything is earned. You work for what you have.


Though we covered up the Sender’s email address (for the organizations protection), it is important to note the Sender’s email address wasn’t obscure, foreign or a reason for a red flag, as it appeared to be forged to appear to originate from a legitimate business. Upon analysis of the attached .doc file, the Word document contained a malicious macro that allowed for the malicious files, “ms.exe”, “JavaUpdtr.exe” and “Custom.dic” to be downloaded and dropped unknowingly to the users system upon opening the Word document.  To divert attention to what was actually happening, an error message pops open stating:

Nothing is given. Everything is earned. You work for what you have.


While this is troubling in itself (this is a very deceiving sample), upon analysis of the dropped .exe files, it was determined that the files belonged to malware categorized as the “Bitcoin Miner Family”

What classifies a file to belong to the Bitcoin Miner Family?

Before we get into that, let’s go over a few core definitions that will help in our understanding.  Chances are if you have read my Protected with Purpose columns in the past, you‘ve heard of the term Bitcoin.  Bitcoin is a decentralized digital currency that enables instant payments to anyone, anywhere in the world.  In almost all cases, as noted in past articles, when ransomware strikes and encrypts all the files on a user’s systems, ransomware authors demand payment in Bitcoins.  Bitcoins are an attractive form of payment because transactions are quick and irreversible, they are readily available through the Internet and do not require the trust of a third party.  And apart from the transactions being fast and permanent, the primary reason cybercriminals prefer bitcoin payment is due to the pseudonymous design of the bitcoin system.  While bitcoin transactions are publicly recorded in the Block chain and visible to anyone, they cannot be traced back to the identity of the owner behind the bitcoin address. This anonymity is again strengthened by using new bitcoin addresses for every transaction, making it impossible for Law enforcement agencies to track down or identify these criminals by utilizing only their bitcoin address (which is found in the ransom notes of ransomware, for example). 

Where do bitcoins come from? Unlike here in the United States where the U.S. Treasury decides to print and distribute money, Bitcoin doesn't have a political authority that governs. With Bitcoin, special miners use dedicated software to solve mathematical calculations and are issued a certain number of bitcoins in exchange. The process allows for a slick way of issuing the currency and also creating an incentive for more people to mine. In simple terms bitcoin mining is an activity of securing transactions that are recorded in Bitcoin’s public ledger called the block chain. The mining process is designed to consume a lot of CPU resources and be very difficult in order for the number of blocks found each day by Bitcoin miners to remain constant. This is where bitcoin mining malware comes into play.  Cybercriminals drop malware, created to utilize large sums of CPU resources, on to a user’s system with the purpose of serving them in the process of generating Bitcoins.  The same process can be used to target mobile devices.  This is what it means to be infected by a file belonging to the Bitcoin Miner Family.  The Bitcoin Miner Family is yet another example of the many methods cyber thieves use to monetize their malicious activities!
 
As I drove home that night, LeBron’s words clinked in my head like bitcoins in a virtual piggybank.  How nothing is given. Everything is earned. You work for what you have. What if these cyber thugs practiced something similar?  Using their talents for good, and not destruction.  Instead of taking, giving.  Instead of stealing from others and causing headaches, legitimately earning respect. Earn what you have. 

Several of our Cleveland-area Team-franchises provide incentives at local restaurants or coffee shops if the home team wins, such as a free cup of coffee or a hamburger, etc.  We have enjoyed quite a few of these perks this Year.  And in reference to this, after the monumental Cavs win on Sunday, our youngest (age 5) looked at my wife and asked, “So what do we win?”

“What do we win?” my wife responded.

“We don’t win anything that you can hold or touch—we win things you cannot see.  We win this feeling of joy that is bubbling up and out of everyone around us.  We win the fist-bumps and high-fives of strangers who are wearing a Cavs shirt or are happy to see yours.  We win redemption after 52 Years of a city losing, having hopes dashed, being knocked down, being made-fun-of.  We win these smiles on mommy and daddy’s face that won’t go away because we feel so good that something great has happened in Cleveland.  We feel good because a team of ours played hard, fought hard, worked hard to win, and then THEY WON!”

My wife’s victory speech was a bit over our 5-Year-Old’s head, but perhaps it strikes a chord with you.

The Cavs worked for it.  When you work hard and good things come, it feels good.  It feels right. It feels like you have fulfilled your purpose.  Like you are worthwhile.  We all want to feel that.  I hope that we all can use the sense of accomplishment and victory from the Cavs Championship to fuel us in our day to day contests.  You know your challenge.  You know your opponent.  And we can be victorious too.
 
For me, I see my opponent.  Those with gifts in the technology area that use them maliciously to gain wealth, to swindle unassuming users, to wreak havoc on a society that could be blessed by their talents, instead of maimed, or even crippled by them at times.  Why they go to the dark side, I can’t figure out, but they are there, and I can’t imagine that there is any depth or sense of accomplishment with their “achievements”.  When things are not earned legitimately, there is no sense of satisfaction, or true pride.  Because our Creator created us in His image.  To glorify Him, to use our talents for good.  When we do—a synergy is created.  An intangible feeling, joy, adrenaline that comes from truth and doing your best to arrive at the truth.  Like LeBron said, it feels good to work for it.

We have heard it said to “Be the change you want to see in the world”.  Yes, let’s.

Deny the bitcoin profiting impulses that tempt us daily to take the low-road.  It’s a slow-fade with sin, and if we are not vigilant, we easily lose ground.

But victory strengthens (thank you, Cavs!), and we can all be made stronger by realizing our potential and by working hard.  Keep your guard up for the malicious Bitcoin Miner Family (within email attachments or by recklessly clicking on malicious/shorten Twitter URLs), and let’s make a choice to be encouraged by LeBron’s idea that “nothing is given. Everything is earned. You work for what you have.”

We can do that.  We were created to do that.  We will be blessed within our spirits for doing that.

 

Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4