Category: Security

Lithuanian phishes two big US tech companies

A 48-year-old Lithuanian scammer named Evaldas Rimasauskas managed to trick two American technology companies into wiring him $100 million.

According to the US Department of Justice, Rimasauskas  masqueraded as a prominent Asian hardware manufacturer and tricked employees into depositing tens of millions of dollars into bank accounts in Latvia, Cyprus, and numerous other countries.

What is amazing about this rather bog standard phishing scam is how much cash he walked away with and the fact it was the IT industry, which should have known better.

The indictment does not name and shame the companies.  The first company is “multinational technology company, specializing in internet-related services and products, with headquarters in the United States”. The second company is a “multinational corporation providing online social media and networking services”.

Both apparently worked with the same “Asia-based manufacturer of computer hardware,” a supplier that the documents indicate was founded some time in the late ’80s.

Representatives at both companies with the power to wire vast sums of money were still tricked by fraudulent email accounts. Rimasauskas even went so far as to create fake contracts on forged company letterhead, fake bank invoices, and various other official-looking documents to convince employees of the two companies to send him money.

Rimasauskas has been charged with one count of wire fraud, three counts of money laundering, and aggravated identity theft. In other words, he faces serious prison time of convicted — each charge of wire fraud and laundering carries a max sentence of 20 years.

 

Farmers turn to hackers to save them from tractor makers

US farmers are paying Eastern European hackers to crack their tractors so that they can actually repair them.

Tractor maker John Deere puts locks on its tractors because it does not want farmers to  perform “unauthorised” repairs on farm equipment. It wants the farmers to wait for one of its dealers to show up and repair it. They are also worried that the tractor maker could remotely shut down a tractor and there wouldn’t be anything a farmer could do about it.

A licence agreement John Deere required farmers to sign in October forbids nearly all repair and modification to farming equipment, and prevents farmers from suing for “crop loss, lost profits, loss of goodwill, loss of use of equipment … arising from the performance or non-performance of any aspect of the software”.

The agreement applies to anyone who turns the key or otherwise uses a John Deere tractor with embedded software. It means that only John Deere dealerships and “authorised” repair shops can work on newer tractors.

However this does not sit well with farmers who feel that if they have bought a tractor they should be allowed to do with it what they like. So they go to some dodgy part of the internet and pay for a crack from the nice man in the Ukraine.

This saves a fortune in time and money. If you want to replace a transmission and you take it to an independent mechanic—he can put in the new transmission but the tractor can’t drive out of the shop. Deere charges $230, plus $130 an hour for a technician to drive out and plug a connector into their USB port to authorise the part.

 

FBI is investigating Russian gaming of the US election

 

The FBI is investigating how Russia used an internet army to bombard America with right-wing news and fake stories when candidate Donald (Prince of Orange) Trump was on the defensive during the 2016 election.

The Untouchables are concerned that some of those news outlets might have worked to help Russian operatives.

Led by the FBI’s Counterintelligence Division, the investigation is examining how stories from sites like Breitbart News, InfoWars, and the Kremlin-backed RT News and Sputnik News, were spread across the internet.

The investigation, the sources said, is examining whether certain far-right sites took any action to aid Tsar Putin.

In early January 2017, America’s intelligence agencies concluded Russia had mounted a disinformation campaign to influence the US election and picked out RT’s American division as one of the culprits.

FBI Director James Comey told a House Intelligence Committee hearing on the issue that Russia’s efforts were targeted to “hurt our democracy” and specifically “hurt” Democratic candidate Hillary Clinton and “help” current President Donald Trump.

Of course, he did a little bit of that himself during the election and managed to keep his job after Trump took office.

Investigators are now looking at millions of Twitter and Facebook posts carrying links to real stories, and others that mixed fact and fiction, on conservative websites sent out by social media bots. These computer programmes, of “bots,” were operated by Russia on multiple social media accounts and were programmed and coordinated to spread and amplify messages across the internet.

Russia apparently used these social media accounts to bombard the internet with pro-Trump stories at times during the campaign when he was on the defensive against Clinton.

Russian bots and paid trolls used the timed release of information “to propagate stories underground and these stories appear to have been amplified by fringe elements of our media like Breitbart.

The investigation into the bots is just one branch of several investigations being run by the FBI probing Russia’s attempts to influence the 2016 election. Others are working to identify those behind the hacks and publication of the Democratic National Committee’s emails, leading Republicans, and Hillary Clinton’s campaign manager John Podesta.

Others are pursuing leads from informants and foreign communications intercepts about the Trump campaign’s contacts with Russian intelligence officers before the November election.

This is the first time that Comey has revealed officially that the FBI is investigating the Trump campaign.

Meanwhile Alex Jones of the conspiracy theory website InfoWars has claimed that the whole thing is a witch hunt by the left. “I’m not gonna sit here and say, ‘I’m not a Russian stooge,’ because it’s a ******* lie,” said on his talk show.

Trump insists that Obama was listening through his microwave

 

Donald (Prince of Orange) Trump is standing by his bizarre claim that former president Barrack Obama was listening into his election conversations through his microwave.

While every other member of the US Senate Intelligence Committee rejected Trump’s bizarre claim that the Obama administration wire-tapped him during the 2016 presidential campaign, Trump is sticking to his guns, or rather his nukes.

The top Republican in Congress, House of Representatives Speaker Paul Ryan, added his voice to a growing chorus of lawmakers saying there was no sign of a wiretap.

But White House spokesman Sean Spicer forcefully defended the president, citing news reports of intelligence collection on possible contacts between Trump associates and Russia in the presidential campaign.

“There is no question that there were surveillance techniques used throughout this,” Spicer said.

The Republican president has accused his predecessor, Democrat Barack Obama, of wiretapping him near the end of the campaign. An Obama spokesman said that was “simply false”.

“Based on the information available to us, we see no indications that Trump Tower was the subject of surveillance by any element of the United States government either before or after Election Day 2016,” Richard Burr, the Republican chairman of the Senate Intelligence Committee, and Senator Mark Warner, the committee’s Democratic vice chairman, said in a statement.

Ryan also said there was no evidence of surveillance.

“The point is, the intelligence committees in their continuing, widening, ongoing investigation of all things Russia, got to the bottom – at least so far – with respect to our intelligence community that – that no such wiretap existed,” the House speaker told reporters.

Pressed at the White House briefing on whether Trump would back down from his wiretap accusations, Spicer said: “He stands by it”.

Spicer also chastised the media for focusing so much attention on comments disparaging Trump’s claim about surveillance. He said reporters had not focused enough on comments from officials denying evidence of any collusion between Russia and the Trump campaign.

But that might have been because the news is really about Trump’s allegations that his associates had ties to Russian officials and the White House wants that buried. Trump fired his national security adviser, Michael Flynn, last month after he failed to disclose contacts with Russia’s ambassador before Trump took office on January 20.

An official familiar with the investigations by Congress and intelligence and law enforcement agencies said investigators had looked as aggressively and thoroughly as they could for evidence of any spying on Trump or his associates but had found none.

At least four congressional committees included the startling accusation in their investigations of possible Russian meddling in the election campaign and Russian ties to Trump and his associates.

IT security is still a man’s world darling

A new survey shows that while the IT world is pretty sexist, no part of it is worse than the IT Security industry, which is so backward it makes Neanderthals look like Homo Superior.

A report from the Centre for Cyber Safety and Education and the Executive Women’s Forum (EWF) said that not only do women make up one in ten of the cyber security workforce, they are paid much less despite having a better education than their sexist male colleagues.

The survey of more than 19,000 participants around the world finds that women have higher levels of education than men, with 51 percent holding a master’s degree or higher, compared to 45 percent of men.

Yet despite out qualifying them, women in cybersecurity earned less than men at every level and the wage gap shows very little signs of improvement. Men are four times more likely to hold C and executive level positions, and nine times more likely to hold managerial positions than women, globally.

More worrying is that 51 percent of women report encountering one or more forms of discrimination in the cybersecurity workforce. In the Western world, discrimination becomes far more prevalent the higher a woman rises in an organisation.

Lynn Terwoerds, executive director of the EWF said that companies who under-represent and under-use female talent were facing both a critical business issue.

They were also hindering the development of world class cybersecurity organizations and resilient companies, as well as the nation’s safety and protection.

Women who feel valued in their position are in organisations which provide training and leadership development resources.

US secretary of state catches a bad case of the Hillaries

The US Secretary of State has been caught doing the sort of thing that cost Hillary Clinton the election.

According to New York attorney General Eric Schneiderman, Rex Tillerson used an email alias of “Wayne Tracker” to secretly communicate with other Exxon executives about climate change while serving as CEO of Exxon Mobil.

New York attorney General Eric Schneiderman has been leading an investigation of Exxon Mobil cased on whether the company misled investors by publicly arguing against the reality of climate change even though its executives knew the science was accurate.

The investigation was triggered by news reports describing climate research the company undertook in the 1970s and 1980s, which affirmed the work of other climate scientists and showed that greenhouse gas emissions were causing climate change.

Exxon buried that work and spent the next couple of decades claiming that the science was unclear, although it has recently publicly acknowledged reality,it said.

The e-mails that were provided allowed the Attorney General to figure out that Tillerson used the account between 2008 and 2015 at least, but it didn’t appear on Exxon’s list of accounts for which records were preserved.

The letter also mentions 34 other e-mail accounts “specifically assigned to top executives, board members, or assistants” that the Attorney General thinks should have been included.

An Exxon spinner said that the e-mail address, Wayne.Tracker@exxonmobil.com, is part of the company’s e-mail system and was “put in place for secure and expedited communications between select senior company officials and the former chairman for a broad range of business-related topics”.

The Office of the Attorney General claims that Exxon has continuously delayed and obstructed the production of documents from its top executives and board members, which are crucial to OAG’s investigation into Exxon’s touted risk-management practices regarding climate change.

SAP releases patches

The software maker which makes esoteric expensive business programmes which no one is really sure what they do, has patched vulnerabilities in its latest HANA software.

The holes had a high risk of giving hackers control over databases and business applications used to run big multinational firms.

Vulnerabilities in big business software are more lucrative to attackers as these tools store data and run transactions. The flaws were “zero day” vulnerabilities and were the most critical ever found in HANA.  For those who came in late, HANA runs SAP’s latest database, cloud and other more traditional business apps.

The holes were spotted by the insecurity outfit Onapsis which said that the vulnerabilities lay in a HANA component known as “User Self Service” (USS) which would allow malicious insiders or remote attackers to fully compromise vulnerable systems, without so much as valid usernames and passwords.

It reported 10 HANA vulnerabilities to SAP less than 60 days ago, which the German software maker fixed in near-record time.

The resulting patch issued by SAP on Tuesday was rated by it as 9.8 on a scale of 10, “very high” in terms of relative risk to its customers. SAP is releasing five HANA patches this week to fix a range of vulnerabilities uncovered in recent months.

Onapsis Chief Executive Mariano Nunez praised SAP for doing such a great job by releasing fixes much faster than in past situations.

 

FBI allow a “paedophile” to go free

The Untouchables do not want to be touched by a court demands that it explain how its Tor hack works.

The court wanted to know how the FBI located a child porn suspect, and federal prosecutors responded by dropping all charges against a man accused of accessing Playpen, a notorious and now-shuttered website.

The case is one of nearly 200 cases nationwide that have raised new questions about the appropriate limitations on the government’s ability to hack criminal suspects. Michaud marks just the second time that prosecutors have asked that case be dismissed.

Annette Hayes, a federal prosecutor, wrote in a court filing that the government had to choose between disclosure of classified information and dismissal of its indictment.

“Disclosure is not currently an option. Dismissal without prejudice leaves open the possibility that the government could bring new charges should there comes a time within the statute of limitations when and the government be able to provide the requested discovery.”

The Department of Justice is currently prosecuting over 135 people nationwide whom they believe accessed the illegal website.

To find those them, federal authorities seized and operated the site for 13 days before closing it down. During that period, the FBI deployed a Tor exploit that allowed them to find out those users’ real IP addresses.

The DOJ has called this exploit a “network investigative technique,” (NIT) while many security experts have dubbed it as “malware.” Defense attorneys want the NIT’s source code as part of the criminal discovery process.

Last year, US District Judge Robert Bryan ordered the government to hand over the NIT’s source code in Michaud. Since that May 2016 order, the government has classified the source code itself, thwarting efforts for criminal discovery in more than 100 Playpen-related cases that remain pending.

On the plus side many of the Playpen defendants have pleaded guilty, and only a few have had charges dropped altogether.

Blockchain gains as software giants form alliance

PMorgan Chase, Microsoft,  Intel and more than two dozen other companies have teamed up to develop standards and technology to make it easier for enterprises to use blockchain code Ethereum.

The move is seen as the latest push by large firms to move toward distributed ledger systems and a considerable move forward for the bitcoin based tech.

The Enterprise Ethereum Alliance (EEA) will work to enhance the privacy, security and scalability of the Ethereum blockchain, making it better suited to business applications, according to the founding companies.

Members of the 30-strong group also include Accenture, Banco Santander, Credit Suisse Group  and shedloads of other bankers and financial groups. The EEA joins a growing list of joint initiatives by large companies aiming to take advantage of blockchain, a shared digital record of transactions that is maintained by a network of computers rather than a centralised authority.

Companies in a wide range of industries are hoping that it can help them streamline some of their processes, such as the clearing and settling of financial securities.

Ethereum, a type of blockchain that can be used to develop decentralised applications, was invented by 23-year-old programer Vitalik Buterin. Several banks have already adapted Ethereum to develop and test blockchain trading applications.

Alex Batlin, global blockchain lead at BNY Mellon, one of the companies on the EEA board, said over the past few years banks and other enterprises have increased collaboration with the Ethereum development community, facilitating the creation of the EEA.

SThe EEA will collaborate with the non-profit foundation that promotes the development of Ethereum, the companies said.

Russian cyber treason charges are ancient

Treason charges against two Russian state security officers and a cyber-security expert are based on allegations made by a Russian businessman seven years ago.

The arrests concern allegations that the suspects passed secrets to US firm Verisign and other unidentified American companies, which in turn shared them with the US spooks.

Ruslan Stoyanov, head of the computer incidents investigation team at Russian cyber-security firm Kaspersky Lab, was arrested and charged with treason in December along with two officers of Russia’s Federal Security Service (FSB), Sergei Mikhailov and Dmitry Dokuchayev.

The arrests were a result of accusations first made in 2010 by Pavel Vrublevsky, a Russian businessman and founder of ChronoPay, an online payments company. Vrublevsky has told the press that that the arrests were a response to his claim that Stoyanov and Mikhailov had passed secrets on to American firms.

Verisign denies that it received any secret information. The firm’s iDefense unit compiled dossiers on cybercrime for clients including private firms and government agencies that include U.S. intelligence services, but it says its research did not contain classified information.

However, it did know Stoyanov, a former Russian cybercrime copper who later had a career as a consultant.

But Kimberly Zenz, a former analyst at Verisign’s iDefense unit who knows Stoyanov said that nothing like the arrangement as described by Pavel Vrublevsky ever took place.

Verisign Vice President Joshua Ray said his company acquired information in unclassified ways and does not believe its reports to government agencies and other customers included state secrets.

Kaspersky is just pointing out the charges against Stoyanov related to a period before he joined the company in 2012.

What is weird about the story is that the the Russian authorities had taken no action over the allegations made by Vrublevsky against Stoyanov and Mikhailov for so long.

The only coincidence is that the arrests came shortly after the United States accused Russia of trying to influence its presidential election through computer hacking.

It is thought that Moscow intends the arrests as a signal, in response to the US hacking accusations, that it would now take action against forms of cooperation that it previously tolerated.

After Vrublevsky first made his allegations against Stoyanov and Mikhailov, he was arrested and convicted on charges of organizing a cyber-attack on a rival Internet payments firm that competed with ChronoPay. He is now free on parole and has always denied guilt.