It has happened again one Americas most popular bitcoin exchange Bitfloor ( bitfloor.com ) has been compromised and close to 250k USD or 25k bitcoins has been stolen from the sites servers in an attack which is turning out to be very embarrassing for the owner. View full post on Cyber War News
View full post on The Cyber Wars
SpyEye is a computer Trojan horse that specifically targets online banking users. Like its older cousin, Zeus, SpyEye is no longer being developed by its original author, but is still widely used by cybercriminals in their operations, according to Kaspersky Lab. View full post on…
View full post on National Cyber Security
SpyEye is a computer Trojan horse that specifically targets online banking users. Like its older cousin, Zeus, SpyEye is no longer being developed by its original author, but is still widely used by cybercriminals in their operations, according to Kaspersky Lab. View full post on…
View full post on National Cyber Security
A computer hacker stole Social Security numbers for 280,000 Utahns and swiped names, addresses and birth dates for 500,000 others, state officials said today.
Officials announced the dramatically higher estimates at a news conference, the Salt Lake Tribune reports. Utahns covered by Medicaid or the Children’s Health Insurance Program (CHIP) who sought health care in the past four months are the most likely victims of the identify theft, officials said.
They first believed that the data theft, which occurred late April 1, involved only 24,000 Medicaid payment claims or eligibility inquiries. That estimate grew to more than 182,000 and included people covered by CHIP, among others.
A hacker traced to Eastern Europe first accessed a weakly protected computer server at the Utah Department of Health on March 30. The thief downloaded about 224,000 files, some of which contained hundreds of records, said health department spokesman Tom Huduchko, the Associated Press says. The breach was discovered April 2.
In a statement, the Department of Technology Services explained that a “configuration error occurred at the password authentication level, allowing the hacker to circumvent DTS’s security system.”
The stolen Social Security numbers did not include other personal information, he said. But the files had other data for 500,000 additional individuals.
The DTS noted in an FAQ (pdf) that claims payment and eligibility inquiries “contain sensitive, personal health information from individuals and health care providers. Such information could include Social Security numbers, names, dates of birth, addresses, diagnosis codes, national provider identification numbers, provider taxpayer identification numbers, and billing codes.”
The revised figure means that roughly one in four Utahns may have had their individual information compromised.
State officials will be contacting affected residents. Those whose Social Security numbers were stolen will receive a year of free credit-record monitoring. The news release has more information.
Article source: http://content.usatoday.com/communities/ondeadline/post/2012/04/hacker-steals-data-on-780k-from-utah-state-computer/1?csp=34news
View full post on National Cyber Security » Computer Hacking
All information provided by the Lower Makefield Township Police Department
View full post on credit report fraud – Yahoo! News Search Results
View full post on National Cyber Security
OK, so you're going to court to defend yourself against being in possession of some drug or medication that you shouldn't have had, and you have a lawyer. How do you pay for that lawyer?
View full post on credit card scam – Yahoo! News Search Results
View full post on National Cyber Security
OK, so you're going to court to defend yourself against being in possession of some drug or medication that you shouldn't have had, and you have a lawyer. How do you pay for that lawyer?
View full post on credit card scam – Yahoo! News Search Results
View full post on National Cyber Security
A new breed of malware has taken data theft one step further – it now grabs document and spreadsheet files and uploads them to a cloud-based file hosting service.
Computer security firm Trend Micro said the new malware it recently encountered particularly sends the stolen files to Sendspace.com.
“Sendspace was recently used for dropping stolen data but wasn’t done automatically by malware. As reported late last year, hackers used Sendspace for rounding up and uploading stolen data… However, this is the first time we’re seeing malware being used to upload stolen data to the file hosting and transfer site,” it said.
In this attack, the infection starts with a malicious file, Fedex_Invoice.exe, detected as TROJ_DOFOIL.GE.
Trend Micro said the filename suggests the malware is used for a spam campaign using messages disguised as a FedEx shipment notification.
Once executed, TROJ_DOFOIL.GE downloads and executes
TSPY_SPCESEND.A, a “grab and go” Trojan that searches the local drive of an affected system for MS Word (document) and Excel (spreadsheet) files.
“The collected documents are then archived and password-protected using a random-generated password in the user’s temporary folder,” Trend Micro said.
After creating the archive, TSPY_SPCESEND.A sends it to Sendspace.com and the malware retrieves the Sendspace download link, and then sends the link to the command-and-control server, along with the generated password for the archive.
“Malware utilizing free online services are definitely not unheard of. Utilizing a public file hosting site is yet another clever way for cybercriminals to store stolen data as they do not need to set up a server that will store large amount of data,” Trend Micro said.
Possible new trend
It added such use of “extended networks” or external file storage infrastructures can fast become a trend with the criminals.
“We’ve seen dropsites/dropzones for stolen/exfiltrated data that are hosted also within domains owned by the cybercriminals. Now, we’re seeing legitimate ‘clouds’ being used by criminals where they can drop and pickup their loot,” it said.
It added this may be a serious concern for the security industry and users alike.
“Document theft and exfiltration are now not only seen in targeted attacks, but in mass campaigns as well,” it said. — TJD, GMA News
Article source: http://ph.news.yahoo.com/kind-malware-steals-uploads-docs-cloud-060408348.html
View full post on National Cyber Security » Virus/Malware/Worms
In case you’ve been sleeping under a rock (or were understandably distracted by what Anonymous is up to), you may not know that Israel and Saudi Arabia are currently in the middle of a hacker war. In addition to millions of e-mail accounts, bank accounts, and credit cards, information from Facebook, or more specifically, from the users of the world’s biggest social network, has been stolen.
Earlier this week, an Israeli hacker, who calls himself Hannibal online, managed to obtain the Facebook credentials (e-mail addresses and passwords) of 85,000 “helpless Arabs.” He then proceeded to post them on Pastebin, a simple website that allows anyone to upload text (usually code) for public viewing. He first posted 20,000 logins on Sunday, then 30,000 logins on Monday, then 10,000 logins on Tuesday, and finally 25,000 logins on Wednesday. On Thursday, Hannibal went silent.
I will not be linking directly to the Pastebin posts in question, because they do still have e-mail addresses and passwords that work, but I do believe the headers of Hannibal’s pastes are relevant.
January 15, 2012:
#######################################
20,000 Arabs Facebook Accounts
Hacked By Hannibal
(For more accounts follow me pastebin.com/u/hannibal)
Contact me : Hannibal@inbox.com
I have 30 Million EmailsPasswords of Arabs.
( Every day i will post 2000-100,000 Depends on my mood )
Enjoy it And Share#######################################
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
#######################################
#######################################
#######################################A warning to the State of Iran and Saudi Arabia *
In addition, I have 10 million bank accounts of the countries of Iran and Saudi Arab. If Iran continues to threaten Israel and already this week I will publish the private bank accounts and thus make them billions of dollars in damages estimated
#######################################
#######################################
#######################################
January 16, 2012:
Hello there
I noticed that poor intelligence of 0x omar and his friends.
State of Israel, not to worry, you’re in the hands of the world’s best hacker that I am.
I will continue to support the government of Israel will continue to attack the Arab countries
In addition, I received thousands of emails helpless Arabs, who are begging me to stop publishing the Facebook accounts because it violates their browsing experience.
I have about 30 million e-mails of Arabs with passwords I’ll post them throughout my life and my personal list is growing every day hundreds of thousands of emails
Also, I received hundreds of emails of senior politicians from France and other countries, who asked me not to publish the list of the 10 million my bank accounts.
So guys, if the state’s chief Benny Gantz, or Prime Minister Netanyahu declare cyber war, I will have to publish the list of 10 million bank accounts. In addition I also have about 4 million credit cards. Just give a command and i will do it !!
Well guys, I will continue the tradition of mine.
Today will publish about 30,000 accounts Facebook E-mails
Go Work Jews And Israel !
Begin to corrupt!
Your
Hannibalcontact email : hannibal@inbox.com
#############################################
New List Of 30,000 FacebookEmails Accounts Hacked By Hannibal
Date : 16.1.2012
############################################
January 17, 2012:
Here Hannibal
Currently, I published on 100,000 emails and Facebook accounts of Arabs and Muslims around the world
And I will continue to publish tens of thousands every day, after all I have got about 30 million e-mails of Arabs.
Unfortunately today I received an email from Mohammad Reza Rahimi who threatens that would raise most of his men to find me and kill me
I assure you Mr. Fool, you can keep looking as you want, you will not find me even if you have a staff of 1,000 people who search for and carry out search for information about me.
I post today about 10,000 Facebook and email accounts.
In addition, I give hackers attacking the State of Israel a huge threat from me.
Soon I will reveal another surprise. The most cruel surprise. Be prepared to Arabs!
Follow me to get more updates : pastebin.com/u/hannibal
contact email : hannibal@inbox.com#################################################
New list of 10,000 Emails And Facebook Accounts Of Arabs Hacked By Hannibal
17.1.12
contact email : hannibal@inbox.com#################################################
January 18, 2012:
Hi
I now publish the letter he sent me deputy prime minister of Iran
Funny to me that he had time to go into a mailbox and curse and threaten me ..
Mr. Muhammad, you do not scare anyone! You never find me !!!!!
Say thank you at least who censored you the email ..
Link to the picture :
http://i40.tinypic.com/143mkpk.png
State of Iran, I’m so going to teach you a lesson soon
Today I post about 25 000 e-mail accounts and Facebook accounts of arabs to my new permanent procedure.. On Saturday night I will publish new list of 100,000 emails and Facebook accountsHannibal
contact email : hannibal@inbox.com#############################
New List Of 25,000 Emails And Facebook Accounts Of Arabs Hacked By Hannibal
18.1.12
#############################
Facebook’s automated systems quickly sprang into action this week. Some of the logins don’t work because users have already changed their passwords. Others still do, but Facebook prompts these users and tells them they’re trying putting in an old password (see screenshot above). In other words, while some of the accounts were accessed by other users after Hannibal stole them, Facebook appears to have (automatically) locked all these accounts down so nobody can access them. If you’re the owner of the account, you’ll have to go through the process of resetting your password so that you can access it again.
I have contacted Facebook for more information and will update you if I hear back.
See also:
Article source: http://www.zdnet.com/blog/facebook/israeli-hacker-steals-85000-facebook-logins-from-arabs/7758
View full post on National Cyber Security » Computer Hacking
5 January 2012
Last updated at 12:55 ET
More malware is worming its way onto social networks.
A computer worm has stolen 45,000 login credentials from Facebook, security experts have warned.
The data is believed to have been taken largely from Facebook accounts in the UK and France, according to security firm Seculert.
The culprit is a well-known piece of malware – dubbed Ramnit – which has been around since April 2010 and has previously stolen banking details.
Facebook told the BBC that it was looking into the issue.
The latest iteration of the worm was discovered in Seculert’s labs.
“We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further,” said the researchers on the firm’s blog.
“In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks,” it added.
‘Viral power’
Social networks offer rich pickings for hackers because of the huge amount of personal data that is stored on them. Increasingly malware is being updated for the social networking age.
“It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms. As demonstrated by the 45,000 compromised Facebook subscribers, the viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands,” said Seculert.
According to Seculert, 800,000 machines were infected with Ramnit from September to the end of December 2011.
Microsoft’s Malware Protection Center (MMPC) described Ramnit as “a multi-component malware family which infects Windows executable as well as HTML files… stealing sensitive information such as stored FTP credentials and browser cookies”.
In July 2011 a Symantec report estimated that Ramnit worm variants accounted for 17.3% of all new malicious software infections.
For Facebook users concerned that they have been affected by the worm, the advice is to run anti-virus software.
“It won’t necessarily be obvious that you have been attacked. The worm is stealing passwords so it is not going to announce itself,” said Graham Cluley, senior security consultant at Sophos.
Update – Friday 6 January, 10:22am: Facebook has responded to this article with the following statement:
“Last week we received from external security researchers a set of user credentials that had been harvested by a piece of malware. Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts.
“Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices. People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook.
“We encourage our users to become fans of the Facebook Security Page for additional security information.”
Article source: http://www.bbc.co.uk/go/rss/int/news/-/news/technology-16426824
View full post on National Cyber Security » Virus/Malware/Worms