Friday, 20 May 2011

Sony hit again with two hacks

Japanese ISP subsidiary is broken into, while phishers use Sony server in Thailand


An intruder has apparently broken into So-net, an internet service provider subsidiary of Sony, and stolen about $1,200 worth of virtual tokens.

So-net disclosed the compromise in an alert (written in Japanese) on its homepage on Thursday.
Meanwhile, security firm F-Secure today disclosed that it has also discovered a phishing site that's hosted on a Sony server in Thailand.

"Basically this means that Sony has been hacked, again," Mikko Hypponen, F-Secure's chief research officer, noted in the blog post. "Although in this case the server is probably not very important," he added.

News of the latest breaches come barely a month after Sony disclosed intrusions at its PlayStation Network and Sony Entertainment Online sites that compromised data on close to 100 million account holders.
A So-net spokesman told the Wall Street Journal, which broke the story, that the breach of the ISP is unlikely connected to the previous compromises.

The Sony-owned So-net ISP lets consumers accumulate reward points that can be redeemed for Sony merchandize and services. The intruders illegally redeemed points belonging to about 130 consumers. Another 73 accounts were compromised, but their points were not redeemed, the Journal noted.

In addition, about 90 email accounts are also believed to have been compromised in the breach
According to the Journal, an intruder using one IP address, tried to access So-net's point service close to 10,000 times before finally gaining access. So-net itself appears to believe that the intruder had usernames of account holders and used an automated program to generate possible passwords, the Journal said.

It's not immediately clear why the company apparently doesn't have a mechanism for flagging multiple failed attempts to access its systems.

The intrusions are believed to have taken place on May 16 and May 17. So-net discovered the breach on May 18, after receiving consumer complaints. So-net stopped the point redemption service following the discovery of the breach.

he latest breaches are relatively minor in scale compared to the massive breach at PSN and Sony Entertainment Online. Even so, it only adds to the company's embarrassment.

The earlier intrusions forced Sony to take its PSN service offline for several weeks while it struggled to identify the scope of the problems and how to fix them.

The company started re-launching the service this week but isn struggling to keep it running smoothly.

For instance, earlier this week Sony was forced to once again take a portion of its PlayStation network offline because of a programming error that could provide hackers a way to break into its networks.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at Twitter@jaivijayan, or subscribe to Jaikumar's RSS feed Vijayan RSS. His e-mail address is jvijayan@computerworld.com.



       

Wednesday, 4 May 2011

Bin Laden Virus To Wreak Havoc, Warns FBI

Osama is dead but is still wreaking havoc. If you get an e-mail containing bin Laden links, then it's a fake, says the FBI.


Click to enlarge

The FBI has issued a warning to computer users "to exercise caution when they receive e-mails that purport to show photos or videos of Osama bin Laden's recent death."

It warns users not to open unsolicited e-mails or click links contained within such messages, as it could be from an unknown sender.

There are several email and Facebook scams doing the rounds, one shows a Facebook page, claiming to be a video of "Osama bin Laden killed live on video."

Other emails have links saying: "See video in which Osama bin Laden is shown holding a newspaper with today's date and disprove his possible death reported by OBAMA" and another says "pictures-of-osama-dead.exe."

The news of the demise of bin Laden, the godfather of terrorism and leader of al-Qa'eda, and on the FBI's 10 Most Wanted List for more than a decade was met with jubilation across the world.

The emails, if opened, could contain a virus that could damage computers and the "malware" can embed itself in computers and spread to users' contact lists, thereby infecting their systems and could also capture personal information.

Users should also ensure they have up-to-date firewall and anti-virus software running on their machines to detect and deflect malicious software, the US's Internet Crime Complaint Center recommends.

IT security experts McAfee agrees, branding the mails "expected lures" in a blog.

"Beware of any verbiage, subject lines in emails, or links via Facebook or Twitter that contain words like these–as they will almost certainly get you into trouble," it warned. 
 
News of the death of bin Laden, confirmed by a simple tweet by a former White House staffer from his BlackBerry at 10.25 EST on May 02 sent news outlets around the world into a frenzy of activity and online searches in the US surpassed the recent interest in the British Royal Wedding.

The attack on the al-Qa'eda leader by US forces was first reported on Twittter by an IT consultant based in Abbottabad, Pakistan, who said "Helicopter hovering above Abbottabad at 1AM (is a rare event)."

He was finally caught in a hideout suburb near the town of city of Abbottabad, Pakistan.

"So I'm told by a reputable person they have killed Osama Bin Laden. Hot damn," Keith Urbahn, the former Chief of Staff of Defence Secretary Donald Rumsfeld wrote on Twitter.

However, Urbahn who also describes himself as a  Navy Reserve intel officer came in from criticism from one follower, who criticised the casual nature of the post without getting confirmation first, retweeting "I gotta say...you broke this first. Everyone was crediting you before it was confirmed. Nice work."

However, it did turn out to in fact be true, although Urbahn downplayed the significance of the event, later tweeting "Stories about the 'death of MSM [mainstream media]' because of my 'first' tweet are greatly exaggerated."

He also cited his source his source as being from the media from "a connected network TV news producer."
 
Following the tweet, The White House confirmed the death soon after, which was followed by an official address by President Obama at 11.00 EST.  
 
 

Friday, 28 January 2011

FBI goes after Anonymous suspects

The FBI has carried out over 40 searches in an investigation into cyberattacks launched by the Anonymous group in support of whistle-blower site Wikileaks. 

The swoop on Thursday was part of an international police operation that included the UK Metropolitan Police Central eCrime Unit (PCeU), the FBI said. It follows the arrest of five young men in the UK on suspicion of involvement in the same Operation Payback series of distributed denial-of-service attacks (DDoS).

Anonymous FBI investigation

Anonymous's Operation Payback took down sites like visa.com after the company stopped accepting Wikileaks' payments. Credit: Elinor Mills/CNET News


"FBI agents today executed more than 40 search warrants throughout the United States as part of an ongoing investigation into recent coordinated cyberattacks against major companies and organisations," the FBI said in a statement on Thursday. "The victims included major US companies across several industries."

The Anonymous group of online activists has claimed responsibility for a series of successful attacks against websites belonging to businesses including Visa, MasterCard and PayPal, which stopped processing payments destined for Wikileaks.

The five men arrested in the UK have been granted police bail, the Met said in a statement on Friday. The three youngest — who are aged 15, 16 and 19 years old — must report to police on 13 April, while the oldest two — aged 20 and 26 — must report on 14 April.


Anonymous and DDoS: I predict a riot

The international police operation into the Operation Payback attacks was led by the PCeU, a Met spokeswoman told ZDNet UK. The other participants were: the FBI; the US Secret Service; and the national criminal police departments of the Netherlands — Korps landelijke politiediensten (KLPD), Sweden's Rikskriminalpolisen (RKP) and Germany's Bundeskriminalamt (BKA).

French authorities were also involved, according to the FBI.

Antivirus companies have put out updates to detect the Low Orbit Ion Canon (LOIC) tool thought to have been used in the attacks, the FBI said, adding that the US's National Cyber-Forensics and Training Alliance is helping in the investigation.



Wikileaks and Julian Assange. Shlomo ben Ami, Avigdor Lieberman, the Mossad... WikiLeaks documents expose US foreign policy conspiracies. All cables with tags from 1 5000 [DOES NOT CONTAIN TEXT OF CABLES] Inside WikiLeaks: My Time with Julian Assange at the World's Most Dangerous Website WikiLeaks: Removing the 'top secret' seal WikiLeaks Liberty Dark T-Shirt by CafePress

Tuesday, 4 January 2011

The "Mass Money Maker" - What Is All The Hype About?





What Are All These Mass Money Maker Emails About?
 
What Are Matt Bacak and Alen Sultanic Up To?
 
Review About Matt Bacak and Alen Sultanic’s Mass Money Makers



So, Mass Money Makers is just about to launch and it seems to like that everyone is on board.

I am sure that you will receive like ten more emails about it, but I got a sneak peek at the product, and want to give you my review.

So, what is Mass Money Makers?

It's based on a simple concept that works (and works well)...this concept is what allows us to rank on 1st page of Google within two to three weeks for just about any keyword out there...

...then we take those same rankings and get them to build massive (really massive) lists...which in turn are piped through "mass money funnels" and the end result is money.

Simple, yet very powerful. Indeed it is, and that's why they've simplified it into four core videos that are 2 to 3 hours each, where they break down everything in minute detail.

Can you get any better then that?

So in the end, I vote for Mass Money Makers. It's a great product, that really works.

If you've been looking for a way to make money online, then you really need to get in on it before the launch is completed.

When they first opened the doors, they said the software would be limited. I just got an update from them and as of now they only have 17 spots left!

I highly recommend that you get your hands on this software right now!

GO here:
 


Tuesday, 14 December 2010

FixRedirectVirus.org Has Finally Found a Solution For The Google Redirect Virus!


FixRedirectVirus.org is a software program designed to get rid of the Google Redirect Virus from your PC.
This application has been created by a computer technician in the UK who
had his computer infected with the virus. After spending months removing the infection, he created several effective ways to remove it, which have all been included in his popular program.

The "FixRedirectVirus.org" product is a software tool which interactively walks you step-by-step through to a series of high quality tutorials that will explain in layman's terms exactly how to get rid of the Google Redirect infection. The benefits of creating a program like this are that you are continually getting the most up to date techniques to remove the virus (the program is easier to update than a traditional "scanner"), you get to see exactly how to get rid of the virus step-by-step, and the program works on every PC.

After talking with the creator of FixRedirectVirus.org, we found that 100's of people havealready benefitted from this tool and he gets many thank-you emails every day. If you have the Google Redirect Virus, it's definitely worth trying out this solution, and you can see our review on the right panel:

Click Here To View FixRedirectVirus.org




Tuesday, 7 December 2010

Postcard from Hallmark Virus Hoax


By Mary Landesman, About.com Guide

Description:

A hoax. The Postcard from Hallmark virus hoax is a knock-off on the old A Virtual Card for You hoax. It contains many telltale signs of a virus hoax. The Postcard from Hallmark hoax includes a link to a Snopes article which is worded in such a way that it appears the hoax warning is legitimate. It isn't. While greeting card scams do exist, they don't bear any resemblance to what's outlined in the hoax. Following is one example of the Postcard from Hallmark virus hoax:

Example of hoax email:

THIS ONE IS FOR REAL...

http://www.snopes.com/computer/virus/postcard.asp

Hi All,
 
I checked Snopes (URL above:), and it is for real!!

Get this E-mail message sent around to your contacts ASAP.

PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS!

You should be alert during the next few days. Do not open any message with an attachment entitled 'POSTCARD FROM HALLMARK,' regardless of who sent it to you. It is a virus which opens A POSTCARD IMAGE, which 'burns' the whole hard disc `C' of your computer. This virus will be received from someone who has your e-mail address in his/her contact list. This is the reason why you need to send this e-mail to all your contacts It is better to receive This message 25 times than to receive the virus and open it.

If you receive a mail called' POSTCARD,' even though sent to you by a friend, do not open it. Shut down your computer immediately.

This is the worst virus announced by CNN. It has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard disc, where the vital information is kept.

COPY THIS E-MAIL, AND SEND IT TO YOUR FRIENDS. REMEMBER: IF YOU SEND IT TO THEM, YOU WILL BENEFIT ALL OF US.


Remember: Hoaxes are a waste of both time and money. Do your friends and family a real favor and please don't forward them on to others. And if you are tempted to forward something 'just in case', read the article Toxic Excuses instead.

Friday, 1 October 2010

FBI arrests more than 80 cyber criminals after computer virus siphons $3m from U.S. accounts

More than 80 people have been charged in connection with $3million being stolen from American bank accounts by hackers in eastern Europe.

The con artists used computer viruses to steal user names and passwords from unsuspecting victims, and then used the information to siphon off money from their accounts.

Foreign students were used in the heist to open up bank accounts in the U.S., which  were then used to transfer money that had been stolen in the cyber-theft scheme.

Dozens charged in international $3million computer virus scam
Vulnerable: Hundreds of unsuspecting computer users were targeted in a cyber theft scheme that raided $3million from bank accounts using Trojan viruses

In court papers unsealed in the U.S. District Court in Manhattan, 37 offenders were charged with their roles in hacking into dozens of victims' accounts.

Charges included conspiracy to commit bank fraud, money laundering, false identification use and passport fraud.

Fifty-five others have been charged after a year-long investigation by the FBI.

Attorney Preet Bharara compared cyber criminals to classic bank robbers, saying: 'The mouse and the keyboard can be far more effective than the gun and the mask..
Mr Bharara revealed that the victims of the attacks included five banks and dozens of individuals across America.

Ten people were arrested early today - nine in the New York area and one in Pittsburgh. The others had already been arrested with at least 17 being fugitives.

The FBI said the cyber attacks included malware known as the Zues Trojan, which was typically sent as an email to computers at small businesses and offices.

Once the email's attachment was opened, the virus embedded itself in the victims' computers to secretly monitor their computer activity.

The virus recorded their keystrokes and captured their user names and passwords when they next logged into their online bank accounts.

The Trojan program also stole passwords for email log-ins and social networking websites that ordinarily only the user would know.
Individuals known as 'money mules' were used in the States to actually steal the money from individual accounts.

Mr Bharara said those arrested consisted almost entirely of mules and four people who managed them.

'The Zeus Trojan allegedly allowed the hackers, from thousands of miles away, to get their hands on other people's money - with far less exertion than a safe cracker or bank robber'

New York District Attorney Cyrus Vance said people from Russia, Ukraine, Kazakhstan and Belarus had come to the States on student visas.

They were then recruited through social networking sites and newspaper ads to fraudulently open hundreds of bank accounts.

The money stolen from the victims would then be deposited into those illegal accounts and transferred in smaller amounts elsewhere.
Authorities said those who actually set up the bank accounts would keep up to ten per cent for themselves, sending the rest to those higher up in the scheme.

Mr Vance said: 'This advanced cyber crime ring is a disturbing example of organised crime in the 21st century - high-tech and widespread.'

Gregory Antenson, commanding officer of the city police department's Financial Crimes Task Force, said the police had shown up at a bank in the Bronx in February to investigate a suspicious $44,000 withdrawal.
This investigation then led them into the international probe that was already under way.
Janice K. Fedarcyk, assistant director in charge of the FBI's New York office, said: 'The Zeus Trojan allegedly allowed the hackers, from thousands of miles away, to get their hands on other people's money - with far less exertion than a safe cracker or bank robber'.


Source:www.dailymail.co.uk