Tag: hacker

Hackers rule the airline booking systems

the-great-air-robbery-movie-poster-1919-1020417131Insecurity experts working for German security outfit Security Research Labs has found that hackers appear to have the power to upgrade themselves to flying business class.

Writing in their company bog Karsten Noh and Nemanja Nikodijevic said that airline booking systems were designed back in the 1960s and have not been updated—that means that both airlines and the customers who use their services are extremely vulnerable to hackers wishing to gain access.

The main problem is that the Global Distribution System (GDS) used by the airlines is based on a restricted access code, a six-character Passenger Name Record (PNR), which customers are given when they purchase a ticket—it is also printed on all of their luggage.

The restricted part of the code means that the number and types of characters that can be used must fall within a predetermined range—that makes it easier for hackers using computers to run through all the possibilities. Since the customer’s last name is associated with the PNR, hackers can simply type in a common name, such as Smith, and then have the computer run through all the GDS character possibilities until a hit is found, allowing access to that person’s flight record.

This allows the hackers to change information on a flight record, which they  demonstrated by reassigning a reporter to a seat next to a politician on a real flight.

The weakness means that a hacker could tie their frequent flyer number to a host of other flights and giving themselves credit for thousands of miles.

The researchers also reported that they have notified the makers of the three main GDS systems of their findings and expect that some of the holes in the systems will be fixed soon, while others may require a full rewrite, obviously taking a lot longer.

Businesses mostly pay up on ransomware extortion

KraysAn IBM Security report reveals that 70 percent of businesses will pay out if they are hit by Ransomware pay attackers, but there is hope in sight, as IBM’s Resilient Incident Response Platform adds a new Dynamic Playbook to help organisations respond to attacks.

According to a new security study, Biggish Blue is reporting that 70 percent of businesses impacted by ransomware end up paying the ransom.

The 23-page IBM Security study surveyed 600 business leaders and 1,021 consumers in the US, and 46 percent of business respondents reported that they had experienced ransomware in their organisations. Of the 46 percent that have been impacted by ransomware, 70 percent admitted that their organisation paid the ransom.

The amount paid to ransomware attackers varies, but of those business respondents that paid a ransom, 20 percent paid over $40,000, 25 percent paid between $20,000 and $40,000 and 11 percent paid between $10,00 to $20,000.

IBM’s study found that the propensity to pay a ransom varies depending on whether or not the victim is a parent. 55 percent of consumers that identified themselves as being parents said they would pay a ransom to recover access to photos that had been encrypted, versus only 39 percent for consumers that don’t have children.

IBM might be interested in attracting attention to the issue because it has a product it thinks can protect businesses from Ransomware attacks.  IBM’s Resilient Incident Response Platform (IRP) is being enhanced with a new Dynamic Playbook for ransomware.

Ted Julian, Vice President of Product Management and Co-Founder at Resilient, an IBM Company, explained that the basic idea behind the Dynamic Playbooks is to help provide organizations with an automated workflow or ‘playbook’ for how to deal with a particular security incident.

The Resilient platform also enables organisations to run simulations to practice responses to potential attacks. Being prepared and having a plan for how to deal with security incidents is a good way for organisations to help control both the costs and the risks of a potential attack.

“Part of the value is giving organizations a platform to practice incident response, get educated and in doing so, bring order to what would otherwise be a very chaotic process,” Julian said.

India tries to restore hacked embassy websites

15-days-yoga-meditation-and-trekking-retreat-in-the-indian-himalayasIndian officials are trying to restore the websites of seven Indian embassies in Europe and Africa that were hacked.

The websites saw their data put online, much to the country’s embarrassment.  The websites of Indian embassies in Italy, Switzerland, South Africa, Libya, Malawi, Mali and Romania were hacked by a crew who dubbed themselves Kaputsky and Kasimierz L.

External Affairs Ministry spokesman Vikas Swarup told reporters that it was “aware of the problem” and was trying to fix it.

Attempts were being made to track the IP addresses of the hackers, who posted online the names, email addresses, phone numbers and passport numbers of some embassy staff members.

This is the latest series of high-profile Indian websites to be hacked this year. Last month, Pakistan-based hackers targeted more than 7,000 Indian websites after India launched a series of attacks on terror camps in Pakistan. Also in October, the security of around 3.2 million debit cards in India was breached when hackers inserted malware through an ATM network.

Ukrainian hackers show what Putin is hiding

putin-buzz1While Wikileaks is currently the official organ of the Russian propaganda teams attempts to game the US election, Ukrainian hackers are stepping up to show what Putin is doing.

A Ukrainian group calling itself Cyber Hunta has released more than a gigabyte of emails and other material from the office of one of Vladimir Putin’s top aides, Vladislav Surkov.

It shows Russian fingerprints all over the Ukraine separatist movement, despite Putin’s denials.

The emails show in detail how Russia controlled virtually every detail of the separatist effort in the Russian-speaking regions of Ukraine, which has torn the country apart and led to a Russian takeover of Crimea.

Surkov has been a close aide to Putin for more than a decade, serving as both deputy prime minister and Putin’s deputy chief of staff. The hacked emails date from 2014 when he was Putin’s behind-the-scenes aide responsible for managing Russia’s most crucial operations.

He guided separatists not just in Ukraine, but in breakaway “republics” in Georgia as well. Surkov himself apparently doesn’t use email but the hackers downloaded the Outlook email accounts of his assistants.

There is a list of casualties in the Donbass region of Ukraine sent from a high-ranking separatist official, and a list of candidates for office in a sham election. One email notes that the individuals with asterisks next to their name were “checked by us” and are “especially recommended.” Days later, those same names were announced as having been “elected”.

One US official told NBC News that the material confirms much of what the US believed was going on at the time. Surkov’s name was the first on a list of Russians and Ukrainians placed under executive sanctions by President Obama in March 2014, citing his role in the separatist movement. The action froze his US assets in the United States and banned him from entering the country. Similar sanctions were imposed by the European Union.

US vigilante hacks off the Russians

1755420-jester_38A US vigilante hacker who is miffed that the Russians have been gaming the US elections knocked over the Russian Ministry of Foreign Affairs over the weekend.

A bloke calling himself the Jester after a comic book anti-hero gained access to the Russian government ministry’s website. And he left a message: Stop attacking Americans.

“Comrades! We interrupt regular scheduled Russian Foreign Affairs Website programming to bring you the following important message. Knock it off. You may be able to push around nations around you, but this is America. Nobody is impressed.”

MID.ru is the official website of the Russian agency that is in charge of maintaining that country’s international diplomacy — equivalent to the US Department of State.

Russian intelligence agencies have been accused of hacking into Democratic National Committee emails and the sites of other Democratic Party-linked organisations, leaking damning information to Wikileaks to sway the election away from Hillary Clinton.

Russia and President Vladimir Putin have denied involvement. But Jester said he knew better.

“Let’s get real, I know it’s you, even if by-proxy, and you know it’s you. Now, get to your room. Before I lose my temper.”

Jester has previous form in political hacking circles. He has taken down jihadist websites, hacking into communication forums, and identifying potential terrorist threats. Ex-FBI agents, who clearly have not read many comics have called him “the Batman of the internet”.

Jester said he chose to attack Russia out of frustration for the massive DNS cyberattack that knocked out a portion of the internet in the United States on Friday.

“I wanted to poke them in the eye and stop feeling like US is just taking it on the chin. Again, I’m not gonna sit around watching these fuckers laughing at us.”

Hi-Tech credit card kills off hackers

ot_motion_code_hd-100586257-primary.idgeA new bankcard created by French banks have just given hackers a huge headache.

At the moment, if hackers get their paws on your card it is payday until you register it has been stolen.  Normally by the time you get around to actually cancelling your card, it’s all too late.

The new cards being used by two French banks change the bankcard’s number every hour so that even if a fraudster copied them they are quickly out of date.  The three digits on the back of this card will change, every hour, for three years.  After they change the old numbers are worthless.

The idea dubbed MotionCode was dreamed up by Oberthur Technologies is the French digital security company that has developed the tech.

“MotionCode is exactly what you’re doing today – copying the three digits from the back of your card – but with a huge additional level of security.”

The only downside is that if you have memorised all your card numbers you will need to check them against the card every time. But since that only applies to one person we know, we are sure she will not be greatly inconvienced and will find other things to memorise instead.

Hacker group offers bounty on Trump tax returns

Donald-Trump-funnyUS presidentual hopeful Donald Trump does not want the world to see his tax returns so a hacker magazine has offered a $10,000 bounty to anyone who can get them a copy.

The 2600 magazine announced the bounty in a tweet posted shortly after the conclusion of the first presidential debate between Hillary Clinton and Donald Trump.

The magazine’s tweet also indicated that prospective participants could make use of PGP encryption to send files and that the source’s identity would be protected. Apparently 2600 was miffed that Trump’s comments about an overweight hacker is the cause of the bounty.

The editor of 2600, who goes by the name Emmanuel Goldstein said Trump has not released his tax returns, despite every presidential candidate having done that over the past however many decades, and somehow that’s just being swept under the rug. “Guccifer 3.0, if you’re out there, this is what we need: We need somebody to get in and get these returns,” he added.

Given that Guccifer  is most likely working for the Russian government who wants Trump elected and does not want his Russian business dealings revealed we don’t think he will be claiming the bounty any time soon.

Of course the chances of a hacker legally getting their paws on Trump’s mighty declarations are a little remote.  If Trump was short of cash he could also claim the bounty

The magazine claimed that the bounty would also be offered to Trump “or anyone in his campaign or family” in the event that his tax documents were provided to them. 2600 also indicated that it would welcome others to add to the initial amount offered as part of the Trump tax bounty. It also claimed to have received some interest from prospective contributors, interested in adding to the bounty. “This could easily become $100k or more. We can pay in dollars, bitcoin… or rubles,” the magazine wrote in a tweet.

Democrat hacker certainly Russian backed

russian-villagersUS government officials are almost 100 per cent certain that the hacker responsible for the recent Democratic email leaks is connected to a network of groups and individuals who are being shielded by the Russian government.

The hacker, who goes by Guccifer 2.0, is thought to be working with the hacking groups Fancy Bear and Cozy Bear. Though Guccifer 2.0 denies Russian involvement in the hack, both of those groups have known ties to the Russian government.

Guccifer 2.0 reached out to the Journal via direct messages on Twitter to explain his reasons for his actions. He hopes to expose political corruption and the ways that corporations influence policy. He also seeks to shed light on “global electronisation.”

But the Director of National Intelligence James Clapper said it “shouldn’t come as a big shock to people” that Russia was behind the hacks.

Matthew Rojansky, who director the Kennan Institute at the Woodrow Wilson International Center for Scholars, told the Journal agreed saying that this was a continuity of spy games and trolling and phishing for what the Russians call kompromat — compromising information — that has gone on for decades.

Hackers outsourcing their services to terrorists

Mr RobotCybercriminals are contracting themselves out to militant groups the means to attack Europe EU police agency Europol said on Wednesday.

So far such groups have yet to employ such techniques in major attacks, but there is nothing to stop them.  In fact, Europol said that there was little evidence to suggest that their cyber-attack capability extends beyond common website defacement.

In Europol’s annual cybercrime threat assessment coppers said that the Darknet had potential to be exploited by militants taking advantage of computer experts offering “crime as a service.”

“The availability of cybercrime tools and services, and illicit commodities (including firearms) on the Darknet, provide ample opportunities for this situation to change.”

Overall, the report found, existing trends in cybercrime continued to grow, with some of the European Union’s member states reporting more cyber crimes than the traditional variety.

“Europol is concerned about how an expanding cybercriminal community has been able to further exploit our increasing dependence on technology and the internet,” its director, Rob Wainwright, said in a statement. “We have also seen a marked shift in cyber-facilitated activities relating to trafficking in human beings, terrorism and other threats.”

“Ransomware” – programs which break into databases and demand payment for unlocking codes via virtual currencies such as Bitcoin – continued to expand as a problem, as did highly targeted “phishing” attacks to extract security data from senior figures – “CEO fraud” – and video streaming of child abuse.

Attacks on bank cash-machine networks were also increasing, the report found, as were frauds exploiting new contactless payment card transactions, while traditional scams involving the physical presence of a card had been successfully reduced.

Fappening Apple hacker pleads guilty

Jennifer-Lawrence-Nude-Celeb-Photo-LeakThe bloke who hacked Apple’s cloud accounts and nicked snaps of naked starlets has admitted charges a change of unauthorised access to a protected computer to obtain information..

Edward Majerczyk, 29, told U.S. District Judge Charles Kocoras on Tuesday that he targeted celebrities, going through personal information and downloading “sensitive images.”

His lawyer, Thomas Needham, did not immediately respond to a request for comment. The newspaper quoted Needham as telling the judge there was no evidence “of any effort by my client to sell or disseminate” any images.

So he did it for the Lols.

Representatives for Lawrence, Dunst, Solo, and Upton who were among the starlets hacked have not commented.

Assistant U.S. Attorney Joseph Fitzpatrick for the Northern District of Illinois said by e-mail that his office agreed to seek a nine-month prison sentence for Majerczyk, who lives near Chicago. He declined to comment further.

Majerczyk used a phishing scheme to illegally access more than 300 Apple iCloud and Gmail accounts to obtain photographs and other private information from more than 300 victims including high-profile female celebrities from November 2013 to August 2014.

The newspaper cited a spokesman for the US attorney’s office in Los Angeles as saying that the investigation was still ongoing into who leaked the private information online.