Tag: russian

Spy probe starved of resources

The Senate’s main investigation into allegations of Russian meddling in the 2016 US presidential election has little funding and staff, which will make it hard to get a decent a clear result.

According to Reuters the investigation has been given only seven staff members and as a result progress has been sluggish and minimal.

A weak Senate investigation could renew calls by some Democrats and other Trump critics for a commission independent of the Republican-led Congress to investigate the allegations.

The intelligence committees of the Senate and House of Representatives have taken the lead in Congress in examining whether Russia tried to game the election in Republican Trump’s favour, mostly by hacking Democratic operatives’ emails and releasing embarrassing information, or possibly by colluding with Trump associates.

Previous investigations of national security matters have been much larger in terms of staffing according to a review of official reports produced by those inquiries.

The House committee formed to investigate the 2012 attacks on a US diplomatic mission in Benghazi, Libya, that killed four Americans had 46 staffers and eight interns.

The Senate Intelligence Committee’s years-long study of the CIA’s “enhanced” interrogation techniques during President George W. Bush’s administration had 20 staff members, according to the panel’s official report.

The special commission separate from Congress that reviewed the intelligence that wrongly concluded former Iraqi President Saddam Hussein possessed weapons of mass destruction ahead of the 2003 invasion of Iraq involved 88 staffers.

Russian super-hacker gets 27 years

The US Justice Department has announced that a 32-year-old Russian “superhacker” has been sentenced to 27 years in prison for stealing and selling millions of credit-card numbers.

Roman Valeryevich Seleznev, 32, aka Track2, son of a prominent Russian politician, caused more than $169 million worth of damage to business and financial institutions in his hacks, the DoJ claims.

He was convicted last year on 38 counts of computer intrusion and credit card fraud.

Acting Assistant Attorney General Kenneth Blanco said that his investigation, conviction, and sentence demonstrates that the United States will bring the full force of the American justice system upon cybercriminals like Seleznev who victimize US citizens and companies from afar.

“And we will not tolerate the existence of safe havens for these crimes – we will identify cybercriminals from the dark corners of the internet and bring them to justice.”


Canadians refuse bail for “Yahoo hacker”

A Canadian judge denied bail to a 22-year-old man whom the United States wants to extradite to face charges of involvement in a massive hack of Yahoo email accounts.

Karim Baratov, a Canadian citizen who was born in Kazakhstan, was considered a flight risk by Justice Alan Whitten, who remanded Baratov in custody until May 26.

The United States claims that Baratov worked with Russian intelligence agents who paid him to break into at least 80 email accounts, including those of specific targets with non-Yahoo accounts.

The judge said that Baratov had no reason to stick around as he could continue his wealth-generating activities anywhere in the world.

Baratov faces US charges including conspiracy to commit computer fraud, conspiracy to commit wire fraud and identify theft, and could face decades in a US jail if found guilty on all charges.

His lawyer Amedeo DiCarlo says that it was not him, and he would consider appealing the bail decision if the court is unable to schedule a expeditious extradition hearing.

Federal prosecutor Heather Graham told the court that the attorney general of Canada will be ready to proceed with an extradition hearing by June 12, according to media reports.

The United States last month charged two Russian intelligence agents, Baratov and another alleged hacker over the 2014 theft of 500 million Yahoo accounts, the first time the US government had criminally charged Russian spies for cyber offenses.

The other alleged hacker is Alexsey Belan, one of the FBI’s most-wanted cyber criminals, who was arrested in Europe in June 2013 but escaped to Russia before he could be extradited to the United States, according to the US Justice Department.

Russian “spammer” and Trump suspect finds pain in Spain

Inspector Knacker of the Barcelona yard has fingered the collar of a Russian programmer following US allegations of large-scale hacking.

Pyotr Levashov was held in Barcelona and has been remanded in custody.

Spanish coppers claim Levashov controlled a botnet called Kelihos, hacking information and installing malicious software in hundreds of thousands of computers.

The arrest was part of a “complex inquiry carried out in collaboration with the FBI”, police said.

Levashov is subject to a US international arrest warrant and a Spanish court will hear whether he can be extradited.

Much of his activity involved ransomware – blocking a computer’s access to certain information and demanding a ransom for its release.

Levashov’s wife Maria told Russian broadcaster RT that the arrest had been made in connection with allegations that Russians had hacked the US presidential election.

She claimed that Spanish coppers had told her that it was all about a “a virus which appears to have been created by my husband and is linked to [Donald] Trump’s victory”.

Agence France-Presse  quoted a source close to the matter in Washington as saying that Levashov’s detention was “not tied to anything involving allegations of Russian interference with the US election”.

Several cybersecurity experts, including Brian Krebs, have also linked Levashov to a Russian spam kingpin, who uses the alias Peter Severa.

Russian hackers make a killing showing real ads to non-humans

humans-channel4-amc-sci-fi-tv-seriesRussian cybercriminals have built a new high-tech fraud business based on showing real ads to fake people.

So far the fraud has siphoned more than $180 million from the online ad industry.

Security outfit White Ops have named the technique “Methbot,” and said that it is a very advanced cyber operation on a scale no one’s seen before.

Eddie Schwartz, White Ops chief operating officer said that Methbot, so nicknamed because the fake browser refers to itself as the “methbrowser,” operates as a sham intermediary advertising ring.

Companies would pay millions to run expensive video ads. Then they would deliver those ads to what appeared to be major websites. What they didn’t know was that the criminals had created more than 250,000 counterfeit web pages no real person was visiting.

White Ops first spotted the criminal operation in October, and it is making up to $5 million per day — by generating up to 300 million fake “video impressions” daily.

According to White Ops, criminals acquired massive blocks of IP addresses — 500,000 of them — from two of the world’s five major internet registries. Then they configured them so that they appeared to be located all over the United States.

They built custom software so that computers (at those legitimate data centres) acted like real people viewing those ads. These “people” even appeared to have Facebook accounts (they didn’t), so that premium ads were served.

Hackers avoided ad-fraud blockers because the software mimics a real person who only surfed during the daytime — using the Google Chrome web browser on a Macbook laptop.

However, media experts noted that the additional fake 300 million “views” now existing in the advertising marketplace does put significant pressure on media companies who are competing over an audience that doesn’t really exist.

White Ops said its researchers traced back Methbot’s creators to individual hackers in Russia, but the firm would not release additional details on the record.

Russians behind Democratic party hack

putin-buzz1It is starting to look like Tsar Putin is deploying his hacker army in a bid to get Donald Trump elected.

The hacker , Guccifer 2.0, who claimed to compromise the DNC swore he was Romanian. But new research shows he worked directly for the Vladimir Putin government in Moscow.

The hacker stole emails from the Democratic National Committee and provided them to WikiLeaks. However according to security researchers at ThreatConnect “he” is a team of people working for Putin’s propaganda arm.

If correct it fits in nicely with a conspiracy theory that Donald Trump does not want to show his tax returns because they will reveal business dealings with at least one of Putin’s oligarch chums.

The emails revealed that party insiders plotted ways to undermine Sen. Bernie Sanders’ presidential bid.

Rich Barger, ThreatConnect’s chief intelligence officer said Guccifer 2.0 has made inconsistent remarks and given a version of how he penetrated the DNC networks that technically don’t make sense. For instance, the hacker claims to have used a software flaw that didn’t exist until December 2015 to break into the DNC networks last summer.

The hacker also refused to speak in Romanian, another indication that he wasn’t who he claimed to be.

The researchers concluded that Guccifer 2.0 is actually an “apparition created under a hasty Russian [denial and deception] campaign” to influence political events in the US.

“Maintaining a ruse of this nature within both the physical and virtual domains requires believable and verifiable events which do not contradict one another. That is not the case here. By tracing Guccifer 2.0’s Internet infrastructure, the researchers concluded he—or the group—is “a Russia-controlled platform that can act as a censored hacktivist. Moscow determines what Guccifer 2.0 shares and thus can attempt to selectively impact media coverage, and potentially the election, in a way that ultimately benefits their national objectives,” the researchers wrote.

A growing number within the Obama administration believe this was designed to embarrass Democrats, exacerbate tensions between Hillary Clinton and her former rival Bernie Sanders—as well as his voters—and ultimately to give a boost to Republican nominee Donald Trump.

On Tuesday, President Obama confirmed that the while the FBI is investigating, “experts have attributed this to the Russians” and that it was “possible” the leak was designed to help the Trump campaign.

The hack looks rather bad for Wikileaks which either knowingly or unknowingly has agreed to be a Russian stooge.  It was smugly saying how proud it was of getting the scoop. Its leader Julian Assange has made it clear that he does not like Hillary Clinton because she was among those pushing to indict him after WikiLeaks disseminated a quarter of a million diplomatic cables during her tenure as secretary of state. He said that Trump would be unpredictable, but Clinton would run things in a way he did not approve. We guess he wants Clinton to run all her decisions past him first because he is just so damn important.

Assange has rejected suggestions that the Russians were behind the DNC hack, saying the party’s server security was so weak, it could have been hacked by various groups.  So this comes down to whether or not you trust an ego-maniac who is on the run from coppers who want to ask him about a rape case and is desperate to get into the media at any cost.


Android App battery app gives you a Russian bride

Insecurity outfit Symantec has warned that an Android mobile application which claims to save your phones power, actually serves up a Russian bride site instead.

According to the Japan Times, the malware is called Denchi Nagamochi (For Longer Battery Life), the application is advertised as allowing you to make your battery last twice as long.

But really it harvests all your personal data and gives it to a website which is interested in letting you meet the woman of your dreams from Russia.

While you might be happy with your eventual choice, your Android phone will drain its battery as fast as it ever did.

Symantec snarled that the app “takes advantage” of users’ desire for longer battery time.

It warns that users should beware of applications which do something different from what they say they do.

Smartphone users first receive an email message featuring the application.

When it is downloaded a message pops up saying the application is not compatible with the type of smartphone in use. Meanwhile it has extracted all the names, phone numbers and email addresses on a user’s address book.

The whole thing was a sting run by a group running the “dating site”.

Symantec says the personal data are believed to have been collected by the group in order to send email messages about the dating site to potential customers. 

Russian arrested for Amazon attacks

Inspector Knacker of the Cyprus Yard has fingered the collar of a Russian who he thinks was involved in cyber attacks on Amazon and other online retailers in 2008.

According to the Seattle Times, Dmitry Olegovick Zubakha, 25, of Moscow, is charged with conspiracy to intentionally cause damage without authorisation to a protected computer and with being in possession of at least 15 unauthorised access devices.

He is also charged with aggravated identity theft in another case involving recieving stolen credit-card numbers in October 2009.

Zubakha mounted two denial of service attacks against Amazon.com on June 6 and June 9, 2008. The attacks flooded the online retailer’s computers with requests to display pages with large graphics and photographs and caused the servers to crash.

Zubakha and a co-defendant, Sergey Vioktorovich Logashov had used a similar attack on ebay.com and Priceline.com.

Apparently the pair bragged of the attacks on hacker forums.

Logashov rang Priceline.com and offered his expertise as a computer consultant to stop the attack.

Coppers worked out that more than 28,000 stolen credit-card numbers had been taken by the pair in other hacks.

Zubakha also is charged with aggravated identity theft for illegally using the credit card of a Lake Stevens resident. Logashov has still not been found.

If convicted they can face 10 years in prison and a possible $250,000 fine. Conviction on aggravated identity theft could add an additional mandatory two years on top of that. 

IBM signs deal to push MRAM development

IBM has signed a deal to team up with an MRAM manufacturer, with a view to collaborating on the development and production of the nascent memory technology.

There are a number of new memory types which are touted for long term use, and IBM seems to be putting some weight behind magnetoresistive RAM as a frontrunner.  There have been plenty of lab developments with MRAM and it could offer a viable altenative to current memory technologies.

IBM struck a deal has been struck with Crocus Technology which will see Crocus share its thermally assisted magnetic logic unit technology with IBM, which already has its own MRAM processing capabilities.

The deal will involve a patent licence which will enable the two to collaborate and develop MRAM, and push it into semiconductors.

The combination of the technology should open up new applications in non-volatile high density storage while offering low power consumption.

IBM says that MRAM has the potential to enable instant-on mobile computing with much longer battery life.

The joint venture between IBM and Crocus will lead to production through Crocus’ manufacturing venture, Crocus Nano Electronics (CNE).

It was announced last week that Crocus had appointed a new CEO for CNE, and plans to ramp up an MRAM fab for production in Russia. So there could be MRAM production in the not too distant future from IBM. 

Crocus had already announced that it will receive around $300 million in investment from a state-owned Russian fund, Rusnano, with a view to kick-starting production. 

No location has been set for the fab yet, but it will apparently be the world’s first for dedicated MRAM.

The fab will produce 90 nanometre and 65nm process using 300mm wafers.  It will begin operations in 2013, and will be capable of producing 500 wafers per week at first before expanding capacity to 1,000 wafer starts per week.

Poisoned links discovered on ICQ

A Kaspersky researcher has discovered a poisoned link to a legitimate e-business which creates a fake antivirus warning and encourages the downloading of dodgy software.

The ad that showed up in the ICQ window was for a women’s clothing company called Charlotte Russe and clicking on the ad directs to the company’s website.

Roel Schouwenberg, of Kaspersky said that once the advert was displayed another pop-up appeared in a new browser from “Antivirus8,” that said suspicious activity was detected on the system and it encouraged the user to download the program. In other words, scareware.

What has Kaspersky worried is that the scareware appears without the user doing anything that normally triggers such pop-ups.

At the moment the attack also does not appear to have an exploit included in it; just the usual unnecessary anti-virus software.

Another aspect to the attack is that the antivirus pop-up is hosted on a server that appears not to be associated with the retail company.

Schouwenberg said that the hacker went through the trouble of pretending to be this store to get the ad server yield manager to approve and run the ads.

Writing from his bog, Schouwenberg said the hacker went through a lot of effort to seem legitimate. Attacking the yield manager successfully and having fake anti-virus in the ICQ ads is high level and hard to get away with.

He thinks that there could be two fraud gangs associated with the attack – one responsible for the fake antivirus portion and the other responsible for getting the malware to be distributed via the ads on ICQ.