Making a high profile hacker arrest is respectable accomplishment, but bragging about it to his friends on the community forums is clearly a bad idea. I’m sure you didn’t need to be told this, but apparently it’s a lesson the Australian Police Department had to learn the hard way. In a recently televised take down broadcast on ABC’s Four Corners, Australian investigators raided, and sized computer equipment belonging to the administrator of an underground hacking forum located at r00t.y0u.org. Following the arrest, interrogators were able to obtain passwords, and began using the site as a honey pot to try and expose other potential suspects.
Unfortunately for Police word of the arrest leaked out quickly, and it didn’t take long for the community to discover something was up. Matters were further complicated when the police agency began taunting the forums visitors by saying “all member IP addresses have been logged, and arrests are being made”. Enraged by the comments, members of the hacker community broke into the system police were using during the investigation and supposedly gained access to intelligence contained within the federal police mainframe.
The hacker posted his own retort to the Australian police on pastebin.com mocking them for busting a couple of “script kiddies” and posted pictures of fake IDs and stolen credit card numbers lifted from police servers. The hacker continued by claiming “I couldn’t stop laughing on seeing that the federal police server was running Windows”. Apparently the MYSQL password was also left blank (opps!). Apparently this 30 minute long hack could have been faster if he “didn’t stop to laugh so much”.
Police claim the files were intentionally planted on the compromised system. Anyone buy that?
Two high-profile security professionals -- security researcher Dan Kaminsky and former hacker Kevin Mitnick -- were targeted by hackers this week in what appears to be an attempt to call into question the duo's credibility right on the eve of the Black Hat and DefCon security conference.
"There are people who just live press release by press release," the hackers wrote in note posted on Kaminsky's website. "And on top of it all, somehow you STILL have not got rid of Kevin Mitnick. The industry cares about virtualization one year and iPhones the next, every year forgetting the lessons it should have picked up in the last."
The hackers also stole personal data and posted it online, which included private emails between Kaminsky and other security researchers, very personal chat logs, and a list of files Kaminsky downloaded that pertain to dating and other topics, Wired reports.
After discovering a flaw in the DNS protocol, Kaminsky received the Pwnie award for the "Most overhyped security vulnerability" at Black Hat 2008. Mitnick was once considered "the most wanted computer criminal in United States history" by the government but has been accused by some in the hacking community as living off a dated reputation.
Social networking is all fun and games until someone hijacks your social security number, sells it to the seedy underground world of cyber-crime, and ultimately destroys your credit. But does that really happen?
According to a new study, it very well could. Researchers at Carnegie Mellon University showed how social security numbers can be guessed using information found in sites like Facebook, MySpace, and other popular Web portals. And it's not just a freak occurrence, either. Using information culled from such sites, researchers were able to predict, on the first try, the first five digits of a person's social security number 44 percent of the time for 160,000 people born between 1989 and 2003.
"We live in a precarious time, where knowledge of a Social Security number, along with other information about one's name and date of birth, is sometimes sufficient to impersonate another individual," said Alessandro Acquisti, the study's lead author, in an telephone interview with Bloomberg.
Sites like Facebook leave personal information visible by default when creating a profile, and it's the birth data that is particularly telling, as the first three digits are assigned based on where a person lived at the time of obtaining a Social Security card. Using this information, Acquisiti said "the first five digits are easy to predict."
Celebrities have been dropping like flies in recent weeks, with Michael Jackson, Farrah Fawcett, Ed McMahon, and Billy Mays all having parted ways with the living. If you follow feeds on Twitter, you may have thought a lot more passed on, making you wonder if there really is something unsanitary flowing in Hollywood's water. That's because hackers have been gaining access to celebrity accounts and sending out bogus death notices for the likes of Britney Spears, Ellen DeGeneres, Jeff Goldblum, and P. Diddy.
"Britney has passed today," the fake tweet announced on Sunday. "It is a sad day for everyone. More news to come."
After learning of the message, Spears' staff tweeted that the pop singer's account had been compromised and that "She is fine and dandy spending a quiet day at home relaxing."
To gain access to celebrity accounts, hackers took advantage of a vulnerability allowing them to try every pin combination possible until one worked. Twitter claims a "fix has been put in place to prevent ths from happening."
Google has confirmed that the error messages people received on Thursday when searching for details of Michael Jackson’s death, was initially perceived as an attack. Searches between 2:45 and 3:15pm were returned with "We're sorry, but your query looks similar to automated requests from a computer virus or spyware application. To protect our users, we can't process your request right now."
The error messages lasted for about 25 minutes on Thursday, just long enough for Google to confirm what was actually going on. The search giant noted that the amount of traffic it saw on this topic was unprecedented, as millions around the world scrambled for accurate information, seemingly all at once. Yahoo has also confirmed that it hit an all-time record for unique visitors with over 16.4 million following the story. This blows away the previous record held by the Obama election day, with a paltry 15.1 million uniques.
The outpouring of sympathy online has been astonishing, and I’m sure Google will learn its lesson on this one.
After Obama’s website, black hats have now managed to sow the seeds of deceit in Google video search results. Security firm Trend Micro has discovered that that about 400,000 queries trigger Google Video search results that “have a single redirection point, and one that eventually leads to malware download and execution.” The black hats have been able to manipulate search results to their advantage using simple SEO techniques. For this purpose, they have reserved several domains and populated them with keywords.
According to Trend Micro, the malware executable, dubbed WORM_AQPLAY.A, proliferates using removable and network drives. The malware executable is disguised as an Adobe Flash installer. The malware only prompts the user to download the malicious Flash installer when he reaches one of the malefic video websites being run by the black hats.
Earlier this year, researchers for Finjan, a web security firm, said that stolen bank data had become "commoditized," with items like PIN codes and credit card information fetching only a fraction of what they used to pull in. Now Finjan warns of an impending "sharp rise [in cybercrime] in 2009 due to the current economic downturn, which makes financial gain from stealing data and selling online even more attractive."
Finjan's report (PDF) notes that cybercrime has evolved into a "booming global business" in 2008, and pointed out an early trend of unemployed IT personnel boosting their income by using crimeware toolkits sold by professional hackers. Finjan says the trend is only the beginning and as layoffs go on the rise in 2009, so too will cybercrime, both in the amount of attacks and the severity.
But not everyone is convinced of Finjan's gloom and doom future. ArsTechinca points out that Finjan's sources are up for interpretation, including a November 19 Forbes article cited in the PDF report. According to ArsTechnica, the Forbes article "doesn't really provide a solid foundation for Finjan's statement. While the piece does take note of various trends, occurrences, and vibrations in the malware market, the author notes that the data 'remains largely anecdotal.'"
Are we on the verge of a major cybercrime spike? Hit the jump and post your predictions.
While fears of a recession are the on the minds of those looking to make an honest living, unscrupulous hackers are thriving in an underground economy worth billions of dollars. The revelation comes as part of new report released today by Symantec titled "Report on the Underground Economy."
The eye-opening report reflects activity on underground economy servers observed by Symantec between July 1st, 2007 and June 30th, 2008. During that time, Symantec claims to have witnessed 44,752 unique samples of sensitive information publicly posted on various servers. These samples, which represent 10 percent of the total distinct messages, serve as proof that the seller in question has the information they claim to have, as well as to show potential buyers the quality of goods they can expect to receive.
According to Symantec, credit card information reigns supreme and accounts for nearly a third of the total. Credit cards were seen selling for as little as $.10 to $25 per card, despite an average advertised limit of $4,000. When added up, Symantec calculated the total potential worth to be in the neighborhood of $5.3 billion.
But that number doesn't take into account stolen financial accounts, which makes up 20 percent of the total. Stolen bank accounts were seen seling for between $10 and $1,000 with the average balance hovering at nearly $40,000. By Symantec's math, that puts the total worth at $1.7 billion, or around $7 billion for credit cards and bank accounts combined.
Microsoft last week released the fifth volume of its Security Intelligence Report (SIR) covering the period between January through June of 2008. The report, which purports to offer an "in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software," uses data derived from what Microsoft claims are hundreds of millions of Windows users, all of which is analyzed and laid out in a tidy 13MB PDF download.
According to the 150-page report, hackers are increasingly honing in on third party applications rather than attempting to attack Microsoft directly. Vulnerabilities in programs like RealPlayer, QuickTime, WinZip, and other non-operating system software provide hackers with a greater number of exploits requiring a low degree of complexity, the report claims.
"It is alarming to see that more than 90 percent of vulnerabilities disclosed in 1H08 affected applications, and nearly half of all industry vulnerabilities are rated as High Severity," Microsoft says in its report. "Additionally, 1H08 showed how threats are increasingly affecting a variety of vendors beyond Microsoft."
The report also notes several geographical trends in security threats. Among them, password stealers such are Win32/Bancos are most prominent in Brazil where the overall infection rate has risen an alarming 81.8 percent from 2H07 to 1H08. In the U.S., trojan downloaders, like Win32/Zlob, account for the largest single category of threat.