Type of site | Technology news and computer help |
---|---|
Available in | English |
Owner | Bleeping Computer LLC. |
Created by | Lawrence Abrams |
URL | www |
Registration | Optional |
Launched | 26 January 2004 [1] |
Current status | Online |
Bleeping Computer is a website covering technology news and offering free computer help via its forums that was created by Lawrence Abrams in 2004. [2] It publishes news focusing heavily on cybersecurity, but also covers other topics including computer software, computer hardware, operating system and general technology.
In 2018, Bleeping Computer was added as an associate partner to the Europol NoMoreRansom project for the ransomware information and decryption tools provided by the site. [3]
BleepingComputer was founded in 2004 after Abrams could not find existing technical support sites that could offer easy-to-understand instructions for his friends and family. [2]
The domain name bleepingcomputer.com originates from the sounds made by a broken computer and because a user might want to curse at a computer when it does not work properly. [2]
Since the CryptoLocker ransomware attack in September 2013, and a subsequent DDoS of the site due to its reporting on the new malware, [4] Bleeping Computer has been reporting on new ransomware families as they are released. [5]
The articles published at Bleeping Computer are categorized as news articles, tutorials and virus removal guides. Its content includes searchable databases for looking up Windows start-up programs and uninstall entries, as well as a free Internet forum to receive computer help.
The site covers news released by researchers and companies, but also performs in-house investigative reporting [6] and analysis of ransomware [7] and malware. [8]
Free decryptors to unlock files encrypted by various ransomware families have been released through the forums or the site's news section by third-party researchers. [9]
Government agencies have included Bleeping Computer cybersecurity articles and analysis in numerous advisories. [10] [11]
Bleeping Computer's reporting has been cited by major media that cover technology and IT security news. [12]
The site used to offer a malware removal training program [13] through its forums that teaches volunteers how to remove Windows infections using various tools, including Combofix, HijackThis, DDS, [14] OTL, GMER, Malwarebytes' Anti-Malware and Rkill, [15] developed by Abrams.
In October 2020, there were over 840,000 registered members on the site.[ citation needed ]
In early February 2016, Enigma Software, the developers of the anti-malware suite SpyHunter , filed a lawsuit [16] against Bleeping Computer in response to a negative review of SpyHunter, alleging a campaign to damage the reputation of their company and product. [17] Bleeping Computer requested financial aid from its readers to help pay legal fees arising from the lawsuit. [18] At the beginning of August 2016, Bleeping Computer filed [19] its own lawsuit against Enigma Software for an alleged long-running smear campaign against Bleeping Computer. [19] The lawsuit against BleepingComputer ended in settlement, with BleepingComputer removing Quietman7's posts on Enigma Software's product. [20]
ESET, s.r.o., is a software company specializing in cybersecurity. ESET's security products are made in Europe and provides security software in over 200 countries and territories worldwide. Its software is localized into more than 30 languages.
Ransomware is a type of cryptovirological malware that permanently blocks access to the victim's personal data unless a "ransom" is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem, and difficult-to-trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
Cryptovirology refers to the study of cryptography use in malware, such as ransomware and asymmetric backdoors. Traditionally, cryptography and its applications are defensive in nature, and provide privacy, authentication, and security to users. Cryptovirology employs a twist on cryptography, showing that it can also be used offensively. It can be used to mount extortion based attacks that cause loss of access to information, loss of confidentiality, and information leakage, tasks which cryptography typically prevents.
Bitdefender is a Romanian cybersecurity technology company headquartered in Bucharest, Romania, with offices in the United States, Europe, Australia and the Middle East.
Malvertising is the use of online advertising to spread malware. It typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to push their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like. Malvertising is "attractive to attackers because they 'can be easily spread across a large number of legitimate websites without directly compromising those websites'."
The CryptoLocker ransomware attack was a cyberattack using the CryptoLocker ransomware that occurred from 5 September 2013 to late May 2014. The attack utilized a trojan that targeted computers running on Microsoft Windows, and was believed to have first been posted to the Internet on 5 September 2013. It propagated via infected email attachments, and via an existing Gameover ZeuS botnet. When activated, the malware encrypted certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. The malware then displayed a message which offered to decrypt the data if a payment was made by a stated deadline, and it threatened to delete the private key if the deadline passes. If the deadline was not met, the malware offered to decrypt data via an online service provided by the malware's operators, for a significantly higher price in bitcoin. There was no guarantee that payment would release the encrypted content.
TeslaCrypt was a ransomware trojan. It is now defunct, and its master key was released by the developers.
SpyHunter is an anti-spyware computer program for the Microsoft Windows operating system. It is designed to remove malware, such as trojan horses, computer worms, rootkits, and other malicious software.
Petya is a family of encrypting malware that was first discovered in 2016. The malware targets Microsoft Windows–based systems, infecting the master boot record to execute a payload that encrypts a hard drive's file system table and prevents Windows from booting. It subsequently demands that the user make a payment in Bitcoin in order to regain access to the system.
Kirk Ransomware, or Kirk, is malware. It encrypts files on an infected computer and demands payment for decryption in the cryptocurrency Monero. The ransomware was first discovered in 2017, by Avast researcher Jakub Kroustek.
REvil was a Russia-based or Russian-speaking private ransomware-as-a-service (RaaS) operation. After an attack, REvil would threaten to publish the information on their page Happy Blog unless the ransom was received. In a high profile case, REvil attacked a supplier of the tech giant Apple and stole confidential schematics of their upcoming products. In January 2022, the Russian Federal Security Service said they had dismantled REvil and charged several of its members.
Trickbot was a trojan for Microsoft Windows and other operating systems. Its major function was originally the theft of banking details and other credentials, but its operators have extended its capabilities to create a complete modular malware ecosystem.
Ryuk is a type of ransomware known for targeting large, public-entity Microsoft Windows cybersystems. It typically encrypts data on an infected system, rendering the data inaccessible until a ransom is paid in untraceable bitcoin. Ryuk is believed to be used by two or more criminal groups, most likely Russian or Ukrainian, who target organizations rather than individual consumers.
Emsisoft Ltd. is a New Zealand-based anti-virus software distributed company. They are notable for decrypting ransomware attacks to restore data.
Conti is malware developed and first used by the Russia-based hacking group "Wizard Spider" in December, 2019. It has since become a full-fledged ransomware-as-a-service (RaaS) operation used by numerous threat actor groups to conduct ransomware attacks.
Hive was a ransomware as a service (RaaS) operation carried out by the eponymous cybercrime organization between June 2021 and January 2023. The group's purpose was to attack mainly public institutions to subsequently demand ransom for release of hijacked data.
Clop is a cybercriminal organization known for its multilevel extortion techniques and global malware distribution. It has extorted more than $500 million in ransom payments, targeting major organizations worldwide. Clop gained notoriety in 2019 and has since conducted high-profile attacks, using large-scale phishing campaigns and sophisticated malware to infiltrate networks and demand ransom, threatening to expose data if demands are not met.
LockBit is a cybercriminal group proposing ransomware as a service (RaaS). Software developed by the group enables malicious actors who are willing to pay for using it to carry out attacks in two tactics where they not only encrypt the victim's data and demand payment of a ransom, but also threaten to leak it publicly if their demands are not met.
Royal is a cybercriminal ransomware organization known for its aggressive targeting, its high ransom demands, and its use of double extortion. Royal does not use affiliates.
BlackCat, also known as ALPHV and Noberus, is a ransomware family written in Rust. It made its first appearance in November 2021. By extension, it is also the name of the threat actor(s) who exploit it.