Tag: hacker

Brits arrest DT hacker

Britain’s National Crime Agency (NCA) has arrested someone for last year’s cyber-attack which infected nearly one million Deutsche Telekom routers.

The NCA fingered the collar of the 29 year old Brit at one of London’s airports, the coppers said in a statement.

The attack on Deutsche Telekom, Germany’s largest telecom company, took place in late November. Internet outages hit as many as 900,000 of its users, or about 4.5 percent of its fixed line customers.

German security experts thought the internet outages that have hit hundreds of thousands of Deutsche Telekom customers in Germany were part of a worldwide attempt to hijack routing devices.

Dirk Backofen, a senior Deutsche Telekom security executive said the attack was not an attack against Deutsche Telekom. “It was a global attack against all kinds of devices. How many other operators were affected, we don’t know,” he said.

Deutsche Telekom said the problems seemed to be connected to an attempt to make customers’ routers part of the Mirai botnet.

Russian hackers seek to game Euro elections

After their success in helping get Donald (Prince of Orange) Trump elected in the US, Tsar Putin has set his Russian hackers gaming the EU elections, a US DoJ bloke has warned.

A former Justice Department official who served in the Obama administration said European countries must be willing to respond forcefully to efforts by Russia or others to use cyber-attacks to meddle in their elections.

While the US was also aware that attacks were taking place they didn’t manage to stop Putin getting a bloke who owes him and his chums money from getting elected.

Former Assistant Attorney General John Carlin, who ran the national security division at the Justice Department and oversaw the pursuit of cyber criminals, said the United States did not do enough to deter the hacking and leaking of Democratic Party emails during the 2016 presidential campaign.

“What we did was too late. We weren’t bringing deterrence at all to the table.”

Carlin warned that countries with upcoming elections should be prepared to offer forceful and timely responses to cyber-attacks.

“Pre-election, it’s vital that not just the United States but partners like Germany, like France make it clear what the red line is, that there’s going to be strong deterrence and that in terms of deterrence, our policy has got to be we are going to take action until the action stops,” Carlin said.

Elections are set this year in European countries including France, Germany and the Netherlands.

Dutch web developer back-doored his own websites

13.-Hacker-1-696x464A Dutch developer accessed the accounts of over 20,000 users after he collecting their login information via backdoors installed on the websites he built.

Inspector Knacker of the Dutch Yard said that he will be on the blower to the victims about the crook’s actions.

He was arrested on 11, 2016, in Zwolle, the Netherlands, and police proceeded to raid two houses the crook owned, in Leeuwarden and Sneek [surely sneak.ed].

Police say they received the first tips regarding the crook’s actions in November 2014, when a user complained about finding purchases someone else made on his behalf.

It looked like a cyber-fraud investigation but after two years of gathering data and expanding the investigation’s scope with the addition of digital forensics experts in the spring of 2016, realised what the crook was doing.

The 35-years-old suspect was hired to build e-commerce sites for various companies. After doing his job, the developer left backdoors in those websites, which he used to install various scripts that allowed him to collect information on the site’s users.

Police say that it’s impossible to determine the full breadth of his hacking campaign, but evidence found on his laptop revealed he gained access to over 20,000 email accounts.

The hacker used his access to these accounts to read people’s private email conversations, access their social media profiles, sign-up for gambling sites and access online shopping sites to make purchases for himself using the victim’s funds.

The suspect has been in jail since his arrest, and his pre-trial proceedings started last October.

 

Hackers rule the airline booking systems

the-great-air-robbery-movie-poster-1919-1020417131Insecurity experts working for German security outfit Security Research Labs has found that hackers appear to have the power to upgrade themselves to flying business class.

Writing in their company bog Karsten Noh and Nemanja Nikodijevic said that airline booking systems were designed back in the 1960s and have not been updated—that means that both airlines and the customers who use their services are extremely vulnerable to hackers wishing to gain access.

The main problem is that the Global Distribution System (GDS) used by the airlines is based on a restricted access code, a six-character Passenger Name Record (PNR), which customers are given when they purchase a ticket—it is also printed on all of their luggage.

The restricted part of the code means that the number and types of characters that can be used must fall within a predetermined range—that makes it easier for hackers using computers to run through all the possibilities. Since the customer’s last name is associated with the PNR, hackers can simply type in a common name, such as Smith, and then have the computer run through all the GDS character possibilities until a hit is found, allowing access to that person’s flight record.

This allows the hackers to change information on a flight record, which they  demonstrated by reassigning a reporter to a seat next to a politician on a real flight.

The weakness means that a hacker could tie their frequent flyer number to a host of other flights and giving themselves credit for thousands of miles.

The researchers also reported that they have notified the makers of the three main GDS systems of their findings and expect that some of the holes in the systems will be fixed soon, while others may require a full rewrite, obviously taking a lot longer.

Businesses mostly pay up on ransomware extortion

KraysAn IBM Security report reveals that 70 percent of businesses will pay out if they are hit by Ransomware pay attackers, but there is hope in sight, as IBM’s Resilient Incident Response Platform adds a new Dynamic Playbook to help organisations respond to attacks.

According to a new security study, Biggish Blue is reporting that 70 percent of businesses impacted by ransomware end up paying the ransom.

The 23-page IBM Security study surveyed 600 business leaders and 1,021 consumers in the US, and 46 percent of business respondents reported that they had experienced ransomware in their organisations. Of the 46 percent that have been impacted by ransomware, 70 percent admitted that their organisation paid the ransom.

The amount paid to ransomware attackers varies, but of those business respondents that paid a ransom, 20 percent paid over $40,000, 25 percent paid between $20,000 and $40,000 and 11 percent paid between $10,00 to $20,000.

IBM’s study found that the propensity to pay a ransom varies depending on whether or not the victim is a parent. 55 percent of consumers that identified themselves as being parents said they would pay a ransom to recover access to photos that had been encrypted, versus only 39 percent for consumers that don’t have children.

IBM might be interested in attracting attention to the issue because it has a product it thinks can protect businesses from Ransomware attacks.  IBM’s Resilient Incident Response Platform (IRP) is being enhanced with a new Dynamic Playbook for ransomware.

Ted Julian, Vice President of Product Management and Co-Founder at Resilient, an IBM Company, explained that the basic idea behind the Dynamic Playbooks is to help provide organizations with an automated workflow or ‘playbook’ for how to deal with a particular security incident.

The Resilient platform also enables organisations to run simulations to practice responses to potential attacks. Being prepared and having a plan for how to deal with security incidents is a good way for organisations to help control both the costs and the risks of a potential attack.

“Part of the value is giving organizations a platform to practice incident response, get educated and in doing so, bring order to what would otherwise be a very chaotic process,” Julian said.

India tries to restore hacked embassy websites

15-days-yoga-meditation-and-trekking-retreat-in-the-indian-himalayasIndian officials are trying to restore the websites of seven Indian embassies in Europe and Africa that were hacked.

The websites saw their data put online, much to the country’s embarrassment.  The websites of Indian embassies in Italy, Switzerland, South Africa, Libya, Malawi, Mali and Romania were hacked by a crew who dubbed themselves Kaputsky and Kasimierz L.

External Affairs Ministry spokesman Vikas Swarup told reporters that it was “aware of the problem” and was trying to fix it.

Attempts were being made to track the IP addresses of the hackers, who posted online the names, email addresses, phone numbers and passport numbers of some embassy staff members.

This is the latest series of high-profile Indian websites to be hacked this year. Last month, Pakistan-based hackers targeted more than 7,000 Indian websites after India launched a series of attacks on terror camps in Pakistan. Also in October, the security of around 3.2 million debit cards in India was breached when hackers inserted malware through an ATM network.

Ukrainian hackers show what Putin is hiding

putin-buzz1While Wikileaks is currently the official organ of the Russian propaganda teams attempts to game the US election, Ukrainian hackers are stepping up to show what Putin is doing.

A Ukrainian group calling itself Cyber Hunta has released more than a gigabyte of emails and other material from the office of one of Vladimir Putin’s top aides, Vladislav Surkov.

It shows Russian fingerprints all over the Ukraine separatist movement, despite Putin’s denials.

The emails show in detail how Russia controlled virtually every detail of the separatist effort in the Russian-speaking regions of Ukraine, which has torn the country apart and led to a Russian takeover of Crimea.

Surkov has been a close aide to Putin for more than a decade, serving as both deputy prime minister and Putin’s deputy chief of staff. The hacked emails date from 2014 when he was Putin’s behind-the-scenes aide responsible for managing Russia’s most crucial operations.

He guided separatists not just in Ukraine, but in breakaway “republics” in Georgia as well. Surkov himself apparently doesn’t use email but the hackers downloaded the Outlook email accounts of his assistants.

There is a list of casualties in the Donbass region of Ukraine sent from a high-ranking separatist official, and a list of candidates for office in a sham election. One email notes that the individuals with asterisks next to their name were “checked by us” and are “especially recommended.” Days later, those same names were announced as having been “elected”.

One US official told NBC News that the material confirms much of what the US believed was going on at the time. Surkov’s name was the first on a list of Russians and Ukrainians placed under executive sanctions by President Obama in March 2014, citing his role in the separatist movement. The action froze his US assets in the United States and banned him from entering the country. Similar sanctions were imposed by the European Union.

US vigilante hacks off the Russians

1755420-jester_38A US vigilante hacker who is miffed that the Russians have been gaming the US elections knocked over the Russian Ministry of Foreign Affairs over the weekend.

A bloke calling himself the Jester after a comic book anti-hero gained access to the Russian government ministry’s website. And he left a message: Stop attacking Americans.

“Comrades! We interrupt regular scheduled Russian Foreign Affairs Website programming to bring you the following important message. Knock it off. You may be able to push around nations around you, but this is America. Nobody is impressed.”

MID.ru is the official website of the Russian agency that is in charge of maintaining that country’s international diplomacy — equivalent to the US Department of State.

Russian intelligence agencies have been accused of hacking into Democratic National Committee emails and the sites of other Democratic Party-linked organisations, leaking damning information to Wikileaks to sway the election away from Hillary Clinton.

Russia and President Vladimir Putin have denied involvement. But Jester said he knew better.

“Let’s get real, I know it’s you, even if by-proxy, and you know it’s you. Now, get to your room. Before I lose my temper.”

Jester has previous form in political hacking circles. He has taken down jihadist websites, hacking into communication forums, and identifying potential terrorist threats. Ex-FBI agents, who clearly have not read many comics have called him “the Batman of the internet”.

Jester said he chose to attack Russia out of frustration for the massive DNS cyberattack that knocked out a portion of the internet in the United States on Friday.

“I wanted to poke them in the eye and stop feeling like US is just taking it on the chin. Again, I’m not gonna sit around watching these fuckers laughing at us.”

Hi-Tech credit card kills off hackers

ot_motion_code_hd-100586257-primary.idgeA new bankcard created by French banks have just given hackers a huge headache.

At the moment, if hackers get their paws on your card it is payday until you register it has been stolen.  Normally by the time you get around to actually cancelling your card, it’s all too late.

The new cards being used by two French banks change the bankcard’s number every hour so that even if a fraudster copied them they are quickly out of date.  The three digits on the back of this card will change, every hour, for three years.  After they change the old numbers are worthless.

The idea dubbed MotionCode was dreamed up by Oberthur Technologies is the French digital security company that has developed the tech.

“MotionCode is exactly what you’re doing today – copying the three digits from the back of your card – but with a huge additional level of security.”

The only downside is that if you have memorised all your card numbers you will need to check them against the card every time. But since that only applies to one person we know, we are sure she will not be greatly inconvienced and will find other things to memorise instead.

Hacker group offers bounty on Trump tax returns

Donald-Trump-funnyUS presidentual hopeful Donald Trump does not want the world to see his tax returns so a hacker magazine has offered a $10,000 bounty to anyone who can get them a copy.

The 2600 magazine announced the bounty in a tweet posted shortly after the conclusion of the first presidential debate between Hillary Clinton and Donald Trump.

The magazine’s tweet also indicated that prospective participants could make use of PGP encryption to send files and that the source’s identity would be protected. Apparently 2600 was miffed that Trump’s comments about an overweight hacker is the cause of the bounty.

The editor of 2600, who goes by the name Emmanuel Goldstein said Trump has not released his tax returns, despite every presidential candidate having done that over the past however many decades, and somehow that’s just being swept under the rug. “Guccifer 3.0, if you’re out there, this is what we need: We need somebody to get in and get these returns,” he added.

Given that Guccifer  is most likely working for the Russian government who wants Trump elected and does not want his Russian business dealings revealed we don’t think he will be claiming the bounty any time soon.

Of course the chances of a hacker legally getting their paws on Trump’s mighty declarations are a little remote.  If Trump was short of cash he could also claim the bounty

The magazine claimed that the bounty would also be offered to Trump “or anyone in his campaign or family” in the event that his tax documents were provided to them. 2600 also indicated that it would welcome others to add to the initial amount offered as part of the Trump tax bounty. It also claimed to have received some interest from prospective contributors, interested in adding to the bounty. “This could easily become $100k or more. We can pay in dollars, bitcoin… or rubles,” the magazine wrote in a tweet.