Critical Vulnerability with NETGEAR WNR2000 Discloses admin credentials

NETGEAR WNR2000 permits a administrator to play out various sensitive functions in the web interface through an obvious CGI script named apply.cgi.

This script is invoked while changing Internet settings, WLAN settings, re-establish to industrial facility settings, reboot the switch, and so on.

However apply.cgi is not really a script, yet a function that is invoked in the HTTP server (uhttpd) when it gets that string in the URL.

Read more at GBHackers On Security

How a Single SMS with WAP Crap can Break your Samsung Galaxy phone

Security researchers from Contextis disclosed a bug in Samsung Galaxy phones that can be triggered remotely with SMS, which when combined give chances to ransomware peddlers.

Samsung Mobile Security Team rushed to settle the issues, giving a good example of how coordinated disclosure should happen.

Read More at GBHackers On Security

Browser Autofill Feature Poses Security Risks

Browser Autofill feature helps you to save your credentials like call, email, address, cellphone quantity, etc. so you don’t have to fill it manually time and again.Tragically, it’s helpful for attackers, as well.

Despite that maximum users see Autofill feature as a comfort that gives ease while filling out credentials, it is able to also result in large protection risks main to financial losses and a chance to personal facts.

Read More at GBHackers On Security

Indicator Of Attack(IoA’s) And Actvities – SOC/SIEM – A Detailed Explanation

IoAs is some events that could reveal an active attack before indicators of compromise become visible. Use of IoAs provides a way to shift from reactive cleanup/recovery to a proactive mode, where attackers are disrupted and blocked before they achieve their goal such as data thief, ransomware, exploit, etc.

IOAs focus on detecting the intent of what an attacker is trying to accomplish, regardless of the malware or exploit used in an attack. Just like AV signatures, an IOC-based detection approach cannot detect the increasing threats from malware-free intrusions and zero-day exploits. As a result, next-generation security solutions are moving to an IOA-based approach.

Read More at GBHackers On Security

KYOCERA Introduces Washable Smartphone

Rafre KYV40 is a successor to the first DIGNO rafre, which propelled in December 2015 as the world’s first hand-soap-washable smartphone.

Kyocera Corporation (President: Goro Yamaguchi)announced the arrival of the new rafre smartphone for Japanese service provider KDDI Corporation.This product is quite available only to the Japanese market.

Read More at GBHackers On Security

Project Wycheproof – Test crypto libraries against known attacks

Google announced Project Wycheproof – Test crypto libraries against known attacks, it is created and kept up by individuals from Google Security Team, however, it is not an official Google product.

Project Wycheproof incorporates more than 80 test cases, and Google says they have effectively revealed more than 40 security bugs.For instance, Project Wycheproof could recover the private key of broadly utilized DSA and ECDHC implementations.

Read More at GBHackers On Security

WordPress Publishes Critical Security Update XSS, SQL Injection vulnerabilities

WordPress 4.7.1 and earlier forms are influenced by various vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an infected site.

WordPress 4.7.2 is currently accessible. This is a security update for every single past version and WordPress strongly urge you to upgrade your website quickly.


WordPress versions 4.7.1 and prior are influenced by three security issues:

Read More at GBHackers On Security

Google switches to own Root Certificate Authority “Google Trust Services”

Google is switching to its own Root Certificate Authority for issuing its own TLS/SSL certificates for securing its web traffic via HTTPS, and not rely on intermediaries, as it was so for.

In the past years, Google has used certificates issued by several companies, with the lastly supplied by GlobalSign and GeoTrust.


Currently, Google is operating a subordinate Certificate Authority (Google Internet Authority G2 – GIAG2), which manages and deploys certificates to Google’s infrastructure.

Read More at GBHackers On Security

Undetectable ATM “Shimmers” Hacker’s Latest Tool for Steal your Chip Based Card Details

Latest warning coming out from canada about shopisticated For of  ATM skimming called “Shimmers”  targeted chip based credit and Debit cards to steal your entire card information.

Basic many skimming devices record your card information in plain text on the magnetic stripe on the backs of cards.

Shimmers have rendered the bigger and bulkier skimmers virtually obsolete, according to Const. Alex Bojic of the Coquitlam RCMP economic crime unit.

Read More at GBHackers On Security

Enhanced Security – Facebook supports USB security keys

None of us need strangers getting to our account on the web. You may use a password manager or two-factor validation by SMS, yet there’s another way you can remain ensured – physical security keys.

Today Facebook reported that USB Key support is currently live.

Read More at GBHackers On Security

Gmail Blocks Javascript Attachments for Security Reasons

Gmail will block you from attaching Javascript files as Google hopes to extend the steadily developing security of their services.

Gmail already blocks the attachment of certain file types in emails for this very same reason, and those with the .js tag at the end will just be the latest added to the existing list of blocked attachments.

Read More at GBHackers On Security

Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability

The Google Forms WordPress Plugin fetches a published Google Form using a WordPress custom post or shortcode, removes the Google wrapper HTML and then renders it as an HTML form embedded in your blog post or page.

A PHP Object injection vulnerability was found in the Google Forms WordPress Plugin, which can be used by an unauthenticated user to instantiate arbitrary PHP Objects.

Read More at GBHackers On Security

Sophisticated Google Play Store Malware Affected over 10 Millions victims -Dont Download These Apps

New Android play Store Malware called HummingBad Download several million times by unsuspecting users and possible to gain all root access of the infected Android phone.

Check Point researchers have found a new variant of the HummingBad malware hidden in more than 20 apps on Google Play.


Earlier 2016, Check Point on customer’s devices was discovered this HummingBad Malware.According to the Check point Report,

Read More at GBHackers On Security

Share Files Anonymously using TOR and OnionShare

There is a bunch of reasons why people may look to share records anonymously, with the principal that rings a bell being the situation of informants or political activists attempting to keep up a strategic distance from abuse.

As we know there are various ways which you can share documents on the web. Google Drive, Dropbox, and other cloud storage choices are among the primary inclinations.Yet, these record sharing choices miss the mark with respect to anonymity.

Read More at GBHackers On Security

Malicious payload Evasion Techniques

This comparison is made by the payload ability to bypass the default security frameworks accessible on Windows machines and antivirus systems available, searching for an approach to get a payload that figures out how to be invisible at the same time to a few security systems.

Making an overall investigation of the outcomes acquired, Security researchers from iSwatlab make note of that TheFatRat gives the best outcomes, making a completely imperceptible payload

Read More at GBHackers On Security

Charger Ransomware that steals contacts and SMS messages from the user’s device – Energy Rescue

Mobile Security researchers from Checkpoint recognize a new ransomware called Charger embedded in app EnergyRescue.

Like other malware found before, Charger checks the local settings of the device and does not run its malicious logic if the device is situated in Ukraine, Russia, or Belarus.This is likely done to shield the designers from being arraigned in their own nations or being removed between nations.

Read More at GBhackers On Security

WhatsApp iPhone Users Can Queue Messages Without Internet and More

WhatsApp for iPhone has received an update which included many needed features for users. Recent update includes extended the sharing limit of WhatsApp photo and video to 30 at a time.

An overhauled and more valuable Storage Usage screen, and the capacity to queue messages – a feature which was available on Android for a long while now.

The most recent WhatsApp version 2.17.1 is presently accessible for download to all iPhone users (running iOS 7 or higher).

Read More at GBHackers On Security

Within five attempts Android device’s Pattern Lock can be cracked

New research from Lancaster University, Northwest University in China, and the University of Bath, which profited from subsidizing from the Engineering and Physical Sciences Research Council (EPSRC), shows for the first time that attackers can break Pattern Lock dependably inside five endeavors by utilizing video and PC vision algorithm.

Pattern Lock is a safety measure that ensures device, such as, cell phones or tablets, and which is favored by many to PIN codes or content passwords.

Read more at GBHackers On Security

Intrusion Prevention System(IPS) and Its Detailed Funtion – SOC/SIEM

Like an intrusion detection system (IDS), an intrusion prevention system (IPS) screens network traffic.An Intrusion Prevention System (IPS) is a framework that screens a network for evil exercises, for example, security dangers or policy compliance.

Vulnerability exploits normally come in the form of malicious inputs to an objective application or resources that attacker uses to block and pick up control of an application or System.


For instance, an IPS may drop a packet that it decides to be noxious and hinder all further activity from that IP address or port, although there is no impact on genuine traffic.

Read More at GBHackers On Security

Discovered Critical Bug allowed to Delete any Videos from Facebook

Security researcher Dan Melamed came across the vulnerability in June 2016. The bug is some ways similar to a vulnerability discovered by another researcher around the same time. There’s just one major exception.

Dan Melamed said ,c  Dan Melamed In addition,  also had the ability to disable commenting on any video. This allows a bad actor the ability to delete videos on Facebook without permission or authentication.


The security researcher exploited the flaw by first creating a public event. On the Discussion part of the event, he uploaded a video and intercepted the POST request using Fiddler.

Read More at GBHackers On Security

DELETE yourself from the internet almost all traces with a mouse Click TECH DELETE yourself from the internet almost all traces with a mouse Click

Outlined by two Swedish developers, Wille Dahlbo and Linus Unnebäck, the site says it helps you ‘Clean up your reality’ by gathering every all the records and deleting them.

On the off-chance that you ever feel like online life is getting excessively, there might be an answer.


Deseat.me permits people to delete their online impression with the click of a button.

Read More at GBHackers On Security

Your Heart Beat As a Password -Smart or Stupid ?

Scientists from the Binghamton University in New York have explored with using a person’s heartbeat as a password for encrypting and then decrypting personal data.

Researchers say that each person possesses a unique electrocardiograph (ECG), which just like fingerprints and iris, can be used for authentication.

Binghamton researchers say that systems can be created that use these generally stable ECG measurements as keys for encrypting data and storing data.


Basically, scientists are proposing to replace random data (entropy) or static encryption keys with ECGs and use these unique parameters to secure a person’s data.

Read More at GBHackers On Security

Firefox 51 turns on Insecure Warning on HTTP Pages

The greatest redesign to the Firefox UI is the expansion of another marker for HTTP pages with secret key fields.

Previously, Mozilla has made arrangements for the Firefox program to show an insecure warning cautioning for HTTP sites/pages that have login form, however not empowered naturally in Firefox discharge or beta variants till now.


Beginning with Firefox 51, at whatever point clients will arrive on a login or enrollment page facilitated over HTTP, Mozilla will show a gray bolt with a brilliant red line crosswise over

Read More at GBHackers On Security

DELETE yourself from the internet almost all traces with a mouse Click

Outlined by two Swedish developers, Wille Dahlbo and Linus Unnebäck, the site says it helps you ‘Clean up your reality’ by gathering every all the records and deleting them.

On the off-chance that you ever feel like online life is getting excessively, there might be an answer.


Deseat.me permits people to delete their online impression with the click of a button.

Read More at GBHackers On Security

“Ransomware as a Service” Provide SATAN Ransomware in Dark web to Make Money

Security researcher Xylitol Discovered a new Ransomware as a Service, or RaaS, called Satan.This administration permits any wannabe criminal to enroll a record and make their own one of a kind tweaked variant of the Satan Ransomware.

Once the ransomware is made, it is then up to the criminal to decide how they will disperse the ransomware, while the RaaS will handle the payoff installments and including new components.

For this administration, the RaaS designer takes a 30% cut of any installments that are made by casualties. As indicated by the ad for the Satan RaaS, the designer will diminish their cut contingent upon the volume of installments got by a partner.

It’s all very business as usual, apparently, with the Satan RaaS system going as far as to offer record-keeping functionality like fee payment records and transaction tracking.

Read More at GBHackers On Security

Android Ransomware(King online) Locks Phone and Asks Ransom to unlock Phone

Now it time for Android devices, Android Ransomware(King online) Locks Phone and Asks Ransom to unlock Phone.

The fascinating turn on this ransomware variation is that it influences the Google Cloud Messaging (GCM) Platform, a push warning administration for sending messages to enrolled customers, as a component of its C2 infrastructre. It additionally utilizes AES encryption in the correspondence between the contaminated device and the C2 server.


There are a few things that emerge about this risk. The first is the humongous payment ask it approaches victims for, which is 545,000 Russian rubles

Read More at GBHackers On Security

Does Anna-Senpai, the Mirai Worm Author?

A lot of DDoS movement on the Internet begins from supposed ‘booter/stresser’ administrations, which are DDoS-for-contract administrations which let even unsophisticated clients to dispatch high-affect assaults.

What’s more, as we will see, the perpetual rivalry for benefits in the outrightly illicit DDoS-for-contract industry can lead those included down some extremely abnormal ways, to be sure.
This kind of self-defeating behavior will be familiar to those who recall the original Morris Worm, NIMDA, CODE RED, Welchia, Blaster and SQL Slammer disruptions of yesteryear.

On September 22, 2016, “Kerbs On Security” was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks.

Read More at GBHackers On Security

Beware : Highly Sophisticated Gmail Phishing Attack Targeting Many Gmail Users

A new highly effective phishing technique targeting Gmail and other services has been gaining popularity during the past year among attackers. Over the past few weeks there have been reports of experienced technical users being hit by this.

This attack is currently being used to target Gmail customers and is also targeting other services.

The way the attack works is that an attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked using this technique. It may also include something that looks like an image of an attachment you recognize from the sender.

Read More GBHackers On Security

Press F3 for Money : “Ploutus” Dangerous ATM Malware Discovered

FireEye have recognized another variation of the Ploutus ATM malware, utilized for as far back as couple of years to make ATMs retch out money on charge.

Ploutus enabled criminals to empty ATMs using either an external keyboard attached to the machine or via SMS message, a technique that had never been seen before.

There are some previously unobserved version of Ploutus, dubbed Ploutus-D, that interacts with KAL’s Kalignite multivendor ATM platform.


The samples we identified target the ATM vendor Diebold. However, minimal code change to Ploutus-D would greatly expand its ATM vendor targets since Kalignite Platform runs on 40 different ATM vendors in 80 countries

Read More at GBHackers On Security

How To access Deep Anonymous web and know its Secretive and Mysterious activities

What is Deep Web

The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines for any reason.
The opposite term to the deep web is the surface web. The deep web includes many very common uses such as web mail, online banking but also paid for services with a paywall such as video on demand, and many more.
This part of the Internet is known as the Deep Web, and it is about 500 times the size of the Web that we know.

The Deep Web vs. The Dark Web

Deep Web is  the portion of the Internet that is hidden from conventional search engines, as by encryption; the aggregate of unindexed websites

The  Dark Web on the other hand, is defined as “the portion of the Internet that is intentionally hidden from search engines, uses masked IP addresses, and is accessible only with a special web browser: part of the deep web.” The key takeaway here is that the dark web is part of the deep web.

Read More at GBHackers On Security

Digital Weapons of NSA-linked Microsoft hacking tools leak by Shadow Brokers

The Shadow Brokers, a group of hackers that have stolen exploits and hacking tools from the National Security Agency (NSA), are now selling some of these tools, which include Windows exploits and antivirus bypass tools, on a website hidden on the ZeroNet network.

They group that claims to have stolen digital weapons once used by the National Security Agency published a trove of active Microsoft Windows software exploits .


The claimed misuses being used, alongside a complete rundown of filenames and registries were altogether shared by the confounding gathering the “Shadow Brokers,”

Read More at GBHackers On Security

Mobile Hacking Company “Cellebrite” Hacked and 900 GB Of Logins, Log Files Relesed by Hackers

In the latest case of a hacking company being hacked, details by the crew that claims to have spirited away login info and other data from the cell phone-cracking company.

According to a report from the Motherboard, an unnamed hacker has breached Cellebrite’s systems and managed to steal 900 Gb of data. The data includes the customer usernames and passwords, the data collected by the company from various mobile devices, and other technical information of the company.

All the stolen files and data is reportedly traded in some IRC chat rooms, but the hacker claims that he did not leak the data to the public. The motivation of the hacker is still not clear, but he seems to have dome this against the changes in surveillance legislation and the “recent stance taken by Western governments.”

Read More GBHackers On Security

Vawtrak malware spread via toxic Word documents Beware poisoned parking tickets

Pernicious spam (malspam) utilizing Microsoft office records with Hancitor-based Visual Basic (VB) macros to send Pony and Vawtrak. Regardless it happens,And A report Said  this one from 2016-12-19, where Hancitor/Pony/Vawtrakmalspamwas disguised as a LogMeIn account notification ,And apparently, there’s been a recent lull in Hancitor/Pony/Vawtrakmalspam

Once Vawtrak infects a PC, it is capable of logging keystrokes, taking screenshots, and hijacking webcams. It also opens a remote access backdoor that allows anyone who controls it to steal files, digital certificates, and passwords from the victim’s computer..

Read More at GBHackers On Security

Interesting to see how Google recognize traffic Condition

Google recognize traffic Condition based on different sources starting from traffic sensors, algorithm on historical data and presently with the assistance of Crowd-sourcing, Google made a fine judgment of activity.

Google assemble live information from the crowd. Every one of those people who are presently utilizing Google Map or utilizing Android gadget with Location tracking or GPS enable, are inevitably giving anonymous information to Google with speed and area data.

Read More at GBHackers On Security

TOR and VPN Anonymous enough for Dark Web

Dark web is the World Wide Web content that exists on darknets, overlay systems which use public Internet yet we must particular software, configuration or approval to use. Let’s see TOR and VPN Anonymous enough for Dark Web.

Tor browser ensures you by bobbing your communication around an distributed system of transfers keep running by volunteers all around the globe: it prevents some person viewing your Internet connection from realizing what websites you visit, it prevents the websites you visit from learning your physical location, and it gives you a chance to get to websites which are blocked.

Read more at GBHackers On Security

Adobe & Microsoft released New Critical Security updates for software installed on hundreds of millions of devices

Technology giants Adobe, Microsoft  Tuesday each released security updates and issued an upgrade for Flash Player and for Acrobat/Reader. Microsoft discharged only four updates to connect around 15 security gaps to Windows and related programming.
From now and into the foreseeable future, a portion of the information focuses right now in the individual overhauls will be lumped into a “Security Updates Guide” distributed with every Patch Tuesday. FOR MORE: GBHACKERS

Ransomware that works offline – Meet the Spora Ransomware

Ransomware is a kind of malware that keeps or cutoff user’s from getting their System, either by locking the system’s screen or by locking the user’s files unless the ransom is paid.

 A new ransomware made it presence “Ransomware that works offline – Meet the Spora Ransomware”.
Spora ransoware was originally spotted by ID-Ransomware today, it got more attention because of its unique components and the abnormal state of refined skill in both usage and presentation.

Read More at GBHackers On Security

Loss Angles School Pay Ransom $28,000 to unlock files

It’s continually frustrating, obviously, to hear that a ransomware assault has again brought about a payout for offender.Loss Angles School Pay Ransom $28,000 to unlock files after hackers thrash their system.

The ransomware used in the attack encoded a huge number of documents on New Years Eve. This is one of the most noteworthy openly known ransomware requests to be paid.

Read More at GBHackers On Security

Browser Autofill Profiles are Open for Phishing Attacks

Autofill profiles in browsers are open to phishing vector that permit attackers to gather data from users through the hidden fields, which the browsers consequently loads with preset individual data and which the user unwittingly sends to the attacker when he submits a form.

These autofill profiles are the latest addition to modern browsers used currently which works by permitting the user to make a profile that holds distinctive insights about himself that he as a rule enters inside web forms.

Read more at GBHackers On Security

Intrusion Detection System (IDS) and Its detailed Function – SOC/SIEM

An intrusion detection system (IDS) is a type of security software designed to automatically alert administrators when someone or something is trying to compromise information system through malicious activities or through security policy violations.

An IDS works by monitoring system activity through examining vulnerabilities in the system, the integrity of files and conducting an analysis of patterns based on already known attacks. It also automatically monitors the Internet to search for any of the latest threats which could result in a future attack.

Read More at GBHackers On Security

Russia Demands Google and Apple to Remove Linkedin From Local App stores

The New York Times reports that Russia has forced Apple and Google to remove the LinkedIn mobile app from their Russian application markets, the latest chapter in a months-long campaign against the professional networking site.

In a week ago, China requested that The New York Times application must be removed from all Chinese App Stores, owned by Apple.

Read More at GBHackers On Security

Hacker disclosed GitHub secret key hunter – TruffleHog

A tool for finding secret keys with varying cryptographic strength in git repositories is published by Dylan Ayrey. By using this secret key hunter named TruffleHog, this hacker have disclosed GitHub secret keys.

The tool, named as TruffleHog, can search for and locate keys containing high-entropy strings by digging deep into commit history and branches, as per developer

Read More at GBHackers On Security

Beware : Super Mario Run Android game is Actully Malware. Don’t Download it

Super Mario Run is anticipated to dispatch in the Google Play Store in the coming weeks, after beforehand going live on iOS on December 15, and cybercriminals are attempting to profit by the energy produced by Nintendo’s new title utilizing another influx of malware.

Introducing a honest to goodness amusement, the supposed Super Mario Run application for Android was intended to introduce Marcher, a sophisticated banking malware strain capable of stealing victims banking and credit card information. For that, the Trojan uses fake overlay pages on top of true blue applications.

Read More at GBHackers On Security

How to build and run a Security Operations Center

Today’s cybersecurity operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise.
This includes a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence reporting, and access to a rapidly expanding workforce of talented IT professionals.
Yet, most CSOCs continue to fall short in keeping the adversary—even the unsophisticated one—out of the enterprise.

Read More at GBHackers On Security

WordPress Plugin Stop User Enumeration does not stop user enumeration

User Enumeration is the capacity to automatically figure out if a given account is valid on a system.

By enumerating client accounts, you are at danger of locking out accounts after a predefined number of failed attempts.


Stop User Enumeration is a module stops client count dead , and furthermore it will log an event in your System log so you can use fail2ban to blocking the probing IP specifically at your firewall, an intense solution for VPS proprietors to stop beast constrain assaults and additionally DDOS assaults.

Read More at GBHackers On Security

Black Hat Hacker CyberZeist (@cyberzeist2) Hacked FBI website “FBI.gov” and data leaked Online

The infamous dark cap hacker CyberZeist (@cyberzeist2) has broken into the FBI site FBI.gov and spilled information on Pastebin

The Hacker released the FBI.GOV accounts that he found in a few reinforcement documents (acc_102016.bck, acc_112016.bck, old_acc16.bck, and so forth).


Spilled records contain accounts information, including names, SHA1 Encrypted Passwords, SHA1 salts, and messages.

Read More at GBHackers On Security

Russian spammer registered ɢoogle.com Domain using IDN Homograph Attacks

Nowadays spammer takes place to initiate an Advanced technique to create a spam and phishing emails to target a large number of community in worldwide and possibly leads to biggest attacks.

As a matter of first importance, it is normal for spammers to target Google Analytics with messages that induce the site proprietor to take after the connection

Read More at GBHackers On Security

Curious about what Facebook thinks about your photos – Checkout the Live Demonstration

This is an extremely straightforward Chrome Extension that makes it simple to see the labels that Facebook is naturally applying to you and your friend’s photographs.

Once you install Chrome and Firefox extension, all the photos you see on your Facebook timeline will automatically be overlaid with their tags, like this:

Read More at GBHackers On Security

DOS attack on Mac OS - Push fake alarms to Scare Users

One of the essential vectors for the delivery of technical support scams is malvertising. You’ll basically be browsing the web page then unexpectedly your program demonstrates a terrifying page guaranteeing your PC is infected.

Recently, there has been a pattern for scammers to cause denial-of-service attacks against user’s computers.


A lot of fake PC technical support campaigns finds their victims through cool calling. Be that as it may, these tricks are advancing to end up distinctly more like watering-opening methods, by demonstrating Malicious promotions for the assumed technical support.

Read More On GBHackers On Security

The Ransomware can Launch a DDOS attack – FireCrypt

Ransomware is a kind of malware that keeps or cutoff user’s from getting their System, either by locking the system’s screen or by locking the user’s files unless ransom is paid.To read more about Ransomware.

A ransomware family named FireCrypt will scramble the client’s documents, additionally attempt to dispatch an extremely weak DDoS assault on a URL hardcoded in its source code.

FireCrypt’s manufacturer named BleedGreen (seen underneath) and permits the FireCrypt creator to produce an exceptional ransomware executable, give it a custom name, and use a customized record symbol.

Read more at GBHackers On Security 

The Ransomware can Launch a DDOS attack – FireCrypt