Search
Day Trading For Hackers - Via StopBadware Blog:
Brian Krebs at the Washington Post has this nifty piece about a website that appears to be set up to allow malicious hackers to buy and sell traffic to/from particular websites. As the post explains:
Set up a free account at Robotraff and you’re ready to buy or sell Web traffic. Got 30,000 hacked personal computers under your thumb? Super! Now you can use those systems to generate a steady income just by pointing them at Web sites requested by a buyer.
read more »
Web firm sounds alert on criminal data trove - Via Reuters:
LONDON (Reuters) - A Web security firm said on Tuesday it had tipped off international banks and police after finding a huge trove of stolen business and personal data amassed on a server in the space of just three weeks.
Finjan Inc said it had notified the U.S. Federal Bureau of Investigation, police in various countries and more than 40 financial institutions in the United States, Europe and India about the discovery of the so-called "crimeserver".
"This server was running for about three weeks and within this period it managed to collect 1.4 gigabytes of data. It is indeed the largest treasure we've found in this very short time," Yuval Ben-Itzhak, chief technology officer of the California-based firm, said in a phone interview from Israel.
The stolen data consisted of 5,388 unique log files including 1,037 from Turkey, 621 from Germany, 571 from the United States, 322 from France, 308 from India and 232 from Britain. read more »
500 Thousand MS Web Servers Hacked - Via Slashdot:
andrewd18 writes "According to F-Secure, over 500,000 webservers across the world, including some from the United Nations and UK government, have been victims of a SQL injection. The attack uses an SQL injection to reroute clients to a malicious javascript at nmidahena.com, aspder.com or nihaorr1.com, which use another set of exploits to install a Trojan on the client's computer. As per usual, Firefox users with NoScript should be safe from the client exploit, but server admins should be alert for the server-side injection. Brian Krebs has a decent writeup on his Washington Post Security Blog, Dynamoo has a list of some of the high-profile sites that has been hacked, and for fun you can watch some of the IIS admins run around in circles at one of the many IIS forums on the 'net."
(Read Original Article - Via Slashdot.)
Kraken Infiltration Revives "Friendly Worm" Debate - Via Slashdot:
Anonymous Stallion writes "Two security researchers from TippingPoint (sponsor of the recent CanSecWest hacking contest) were able to infiltrate the Kraken botnet, which surpasses its predecessors in size. The researchers have published a pair of blog entries: Owning Kraken Zombies and Kraken Botnet Infiltration. They dissect the botnet and go so far as to suggest that they could cleanse it by sending an update to infected hosts. However, they stopped short of doing so. This raises the old moral dilemma about a hypothetical 'friendly worm' that issues software fixes (except that the researchers' vector is a server that can be turned off, not an autonomous worm that can't be recalled once released). What do you think — is it better to allow the botnet to continue unabated, or perhaps to risk crashing a computer controlling a heart monitor somewhere?"
(Read Original Article - Via Slashdot.)
The Cybercrime Economy - Via Security Blog - InformationWeek :
Dot-coms daunted by the financial downturn would be well advised to look to the cybercrime economy.
Cybercriminals "have very sound business models," said Joe St Sauver, manager of Internet2 Security Programs through the University of Oregon at an RSA Conference panel on Wednesday, "better than many corporate business plans I routinely see."
The conference session, "Deconstructing the Modern Online Criminal Ecosystem," offered interesting insight into the way the Internet's black market works. read more »
Cybercrime Is a Franchise Model That Scales - Via Slashdot :
Presto Vivace notes a report from the RSA conference on the cybercrime economy, and it's not an optimistic one. Part of the problem is that in many places cybercrime pays much better than legitimate work, including security research.
"As the panelists explained, a single spam message might be tied to as many as 10 separate organizations and perhaps five suppliers. Every task in the criminal economy has become a separate specialty. Some people sell e-mail lists, others sell lists of compromised IP addresses, there are sellers of credit card numbers, and those who sell access to bot nets. Then there are those who handle product fulfillment for spammers, and those who specialize in laundering money."
(Read Original Article - Via Slashdot.)
Security Expert Gives Computer Intruders a Taste of Their Own Medicine - Via Threat Level:
SAN FRANCISCO -- Malicious hackers beware: computer security expert Joel Eriksson might already own your box.
Eirksson, a researcher at the Swedish security firm Bitsec, uses reverse engineering tools to find remotely-exploitable security holes in hacking software. In particular, he targets the client-side applications intruders use to control Trojan horses from afar, finding vulnerabilities that would let him upload his own rogue software to intruders' machines.
He demoed the technique publicly for the first time at the RSA conference Friday. read more »
Zombie Computers Decried As Imminent National Threat - Via Threat Level:
SAN FRANCISCO -- Across the world, thousands of home computers have been conscripted into zombie computer gangs that cyber criminals use to spam, attack and defraud others on the net and causing considerable consternation to law enforcement and security professionals alike, who count the so-called botnets as the most vexing net threat today.
Today's botnet herders have hundreds of thousands of computers at their command and use technically sophisticated ways to hide their headquarters, making it easy for them to make millions from spam and credit card theft. They can also be used to direct floods of fake traffic at a targeted website in order to bring down a rival, extract protection money or less frequently, used to make a political point in the case of attacks on Estonia and the Church of Scientology,
Security pros and government officials are now describing the latter attacks, known as Distributed Denial of Service attacks, as serious threats to national security -- despite the fact that's its very clear that DDOS attacks on a public website are just the latest craze in "cyberwar" hysteria. read more »
U.S. To Pitch 'Phase One' of Net Monitoring Plan at RSA - Via Threat Level:
Just how dangerous is the online world?
That question draws some 15,000 security professionals and IT bigwigs to San Francisco each year for the RSA Conference, taking place this week. There they learn about the newest threat to corporate networks, and are wooed by the makers of the newest flavor of corporate firewalls, intrusion detection devices and biometric doo-dads.
The answer they always get, not surprisingly, is that the online world is pretty darn dangerous, unless you use our products and services. What's new this year is that the U.S. government is joining the party with much the same pitch. The nation's intelligence and anti-terror agencies are newly determined to take a more active role in protecting the United States from cyberattack, and they're seeking new authority to monitor the internet in order to save it.
Secretary of Homeland Security Michael Chertoff is traveling Tuesday to the conference to pitch a program the Bush administration calls the Cyber Initiative. Slated for $154 million in funding this year, the plan would put the National Security Agency and DHS in charge of cybersecurity for all federal government agencies. read more »
International hacking network busted, Quebec police say - Via CBC News :
Computers in Manitoba, the United States, Poland and Brazil targeted in scam
Quebec provincial police say they've dismantled a computer hacking network that targeted unprotected personal computers around the world.
Police raided several homes across Quebec on Wednesday and arrested 16 people in their investigation, which they say uncovered the largest hacking scam in Canadian history.
The hackers collaborated online to attack and take control of as many as one million computers around the world that were not equipped with anti-virus software or firewalls, said provincial police captain Frederick Gaudreau. read more »
Largest Hacking Scam in Canadian History - Via Slashdot:
vieux schnock writes "Police raided several homes across Quebec on Wednesday and arrested 16 people in their investigation, which they say uncovered the largest hacking scam in Canadian history. (...) The hackers collaborated online to attack and take control of as many as one million computers around the world that were not equipped with anti-virus software or firewalls."
(Read Original Article - Via Slashdot.)
Mega-D Botnet Overtakes Storm, Accounts for 32% of Spam - Via Slashdot:
Stony Stevenson writes "The new Mega-D Botnet has overtaken the notorious Storm worm botnet as the largest single source of the world's spam according to security vendor Marshal. This botnet currently accounts for 32 percent of all spam, 11 percent more than the Storm botnet which peaked at 21 percent in September 2007. It started about 4 months ago but has been steadily increasing since then. It is also using news headlines to trick victims into opening the spam, a technique synonymous with the Storm worm."
(Read Original Article - Via Slashdot.)
CAPTCHAs: Humans vs. Bots - Via IEEE Security and Privacy:
A close examination of CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) use and the technology behind it.
Anonymous Hackers Shoot For Scientologists, Hit Dutch School Kids - Via Threat Level:
Dutch schoolchildren may be the first collateral damage of an online war being waged against the Church of Scientology by a motley crew of internet troublemakers who call themselves Anonymous.
Coordination broke down Friday among the loose affiliate of online troublemakers known as Anonymous as they tried to continue their ongoing attacks against Scientology.
The group has spent the last few days trying to keep down the scientology.org website via a distributed denial of service attack, posting sensitive Scientology documents around the web, and up-voting anti-Scientology stories on Digg. The attack, dubbed Project Chanology, has a wiki that attempts to tell Anonymous 'members' what to do, though the advice is ever-changing and often contradictory. read more »
Phishing Group Caught Stealing From Other Phishers - Via Slashdot:
An anonymous reader writes "Netcraft has written about a website offering free phishing kits with one ironic twist — they all contain backdoors to steal stolen credentials from the fraudsters that deploy them. read more »
Zombie Computer Army Targets Bank Account Passwords - Via Threat Level:
Every security geek's favorite zombie computer army from 2007 -- the Storm Worm botnet -- has a new trick for 2008, using its huge collection of infected computers to send out phishing emails directing people to fake banking sites that it cleverly also hosts on the computers it remotely controls. The phishing campaign caught the attention of both F-Secure and Trend Micro, who say Storm has never been involved in phishing up to this point. The new campaign may indicate, according to F-Secure, that Storm's controllers have figured out how to divide the massive army into clusters which it is now renting out to others.
The Storm Worm botnet got its start last January with a spam email purporting to have information about the storms that were battering Europe at the time. Users with unpatched Windows machines who clicked on the link in the email were infected with a Trojan that joined the machine to the zombie army. read more »
The 'Malware Economy' Evolves - Via Slashdot:
superglaze writes "ZDNet UK has a feature on how the malware economy is turning into a recognizable traditional IT economy. Leasing botnets? Malware support? Welcome to the new age of computing. read more »
FBI Cracks Down (Again) on Zombie Computer Armies - Via Threat Level:
The FBI announced Thursday it had indicted or successfully prosecuted eight individuals in a crack down on black hat hackers who use armies of zombie computers to commit financial fraud, attack web sites with floods of traffic and send spam. The crimes at issue involved more than $20 million in losses, according to the FBI.
The FBI dubbed the eight cases "Operation Bot Roast II" -- the second round of its investigations against botnets, one of the most dangerous threats online today. The first FBI crackdown on botnets was announced in June.
Hackers build their botnets by infecting computers with emailed trojans or with by infecting people through malicious code on web pages. They then tell the computers what to do from a central server or through chat applications. Botnet sizes vary, but the largest can comprise over a million computers, according to security researchers' estimates.
According to the FBI announcement, the individuals identified as part of Bot Roast II are as follows: read more »
Delicious
Digg
Reddit
Google
Yahoo
Technorati