Saturday, 28 September 2013

Pirate Bay Co-Founder’s Sentence Cut In Half

Pirate Bay co-founder Gottfrid Svartholm Warg
Pirate Bay co-founder Gottfrid Svartholm Warg's prison sentence for hacking and fraud has been reduced from two years to one. (Photo: Reuters)
Pirate Bay co-founder, Gottfrid Svartholm Warg had his prison sentence for hacking and fraud reduced from two years to one. A Swedish appellate court made the decision on Wednesday after finding that one of the hacking charges against Svartholm Warg lacked sufficient evidence, the Associated Press reported. Namely, charges relating to the hacking of Nordea Bank AB were dismissed, while other hacking charges were upheld.

The Pirate Bay co-founder's sentence was cut in half because the Svea Court of Appeal said it could not rule out Svartholm Warg's claim that others could have remotely accessed his computer to hack into the Nordea Bank AB's servers. While the court dismissed the bank hacking charges, it upheld the conviction against Svartholm Warg of hacking into the servers of two other companies, Applicate and Logica, which handle sensitive information for Sweden's police force and tax authority. The Wall Street Journal reported that Svartholm Warg was originally convicted of hacking into all three companies' servers in June, resulting in the two-year sentence.  
The Pirate Bay is one of the world's biggest free file-sharing websites, giving millions of users a way to illegally download music, movies and software. Since launching the site in 2003, Svartholm Warg and fellow co-founder Fredrik Neij have been embroiled in controversy. In 2009, the co-founders, along with company spokesman Peter Sunde and businessman Carl Lundstrom, were given one-year sentences for copyright violation by a Swedish court and ordered to pay 46 million kronor ($6.5 million) in damages to the entertainment industry.
Svartholm Warg left the country while appealing that ruling. He was arrested in Cambodia in 2012 and deported back to Sweden after an international arrest warrant was issued against the Pirate Bay co-founder, per the AP. He served out his first sentence for copyright violation while under detention over his hacking charges.
But while the Pirate Bay co-founder might have had his sentence reduced in Sweden, he might not be out of hot water yet. Decrypted Tech reported that Svartholm Warg is facing extradition to Denmark, as he is a suspect in a breach that resulted in the theft of driving records and social security numbers. The Danish authorities expect to have Svartholm Warg in custody in a few days.

Saturday, 14 September 2013

61% Of Malware Attack Victims Lose Some Data Forever

Most IT users know that malware is dangerous but few are fully aware of the havoc it can wreak. A new survey from B2B International and Kaspersky Lab reveals the true scale of the malware problem: just 39% of victims manage to fully restore the data lost as a result of a breach.

As Kaspersky Lab points out, a quarter of malware attacks succeed in stealing or corrupting confidential information. In the case of 17% of victims all data is lost forever, while 44% manage a partial retrieval. This is cause for concern, considering the importance we attach to our data, Kaspersky Lab said. Among the survey respondents, 56% declared that they deemed their information more valuable than the machine storing it. The poll also showed that 10% of affected users have resorted to the services of outside experts in the effort to restore their lost data.

But a data recovery specialist may not always achieve complete success and sometimes nothing can be done. Even an expert will be helpless if the attackers have used a file encryptor. This malicious program encrypts the files on the user's computers and requires a unique key for decryption. This is the type of program known as ransomware because the attackers typically demand payment in return for the decryption key.

Computers and mobile devices have become an integral part of daily life so it would be virtually impossible not to store confidential information on digital devices. However, users can minimise the risk of data loss through regular back-ups and reliable anti-malware protection, Kaspersky Lab said.

Sunday, 21 April 2013

'BadNews' Android malware in approved apps may have been downloaded 9 million times!

A new breed malware has been discovered within at least 32 Android apps, which may have been downloaded up to nine million times!
The so-called 'BadNews' malware was outed by security firm Lookout Mobile Security in a blog post on Friday and the affected apps have now been removed by Google.
All of the apps found to contain the malicious code had been approved by Google, but it appears that the harmful elements had been added after the fact, disguised as updates.
Apps containing the BadNews code have been reporting back to a server and revealing sensitive information like the phone number and handset serial number.

'Bad guys are smart'

The affected apps include English and Russian-language games, dictionaries, wallpapers and were able to make it past the Google Bouncer software that scans the Play store for harmful apps.
Marc Rogers, principal security researcher for Lookout, told Ars Technica: "You can't even say Google was at fault in this because Google very clearly scrutinized all these apps when they want in.
"But these guys were cunning enough to sit there for a couple of months doing absolutely nothing and then they pushed out the malware.
"This is a wakeup call for us in the industry to say: 'Bad guys are smart as well and they'll take a look at the security models we put in place and they'll find weaknesses in them. That's exactly what they've done here."

Saturday, 16 February 2013

Facebook site infiltrated!

The Facebook security teams has confirmed that the social networking site was targeted in a "sophisticated attack" last month.

The digital intrusion apparently occurred when a small number of Facebook personnel visited a compromised mobile developer website.

"The site hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines," a Facebook rep explained.

"After analyzing the compromised website where the attack originated, we found it was using a 'zero-day' (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability."

Interestingly, Facebook says it wasn't not alone in the above-mentioned attack, as other sites were infiltrated as well.

However, the rep was also quick to point out that the social networking site had found "no evidence" of compromised user data.

"As part of our ongoing investigation, we are working continuously and closely with our own internal engineering teams, with security teams at other companies, and with law enforcement authorities to learn everything we can about the attack, and how to prevent similar incidents in the future," the rep added.