fbpx

string of misguided moves has led what once was considered the king of the Internet to spiral downward to the point of irrelevance.

In fact, if it weren’t for bad news (shrinking earnings, invasive hacks) Yahoo wouldn’t be in the news at all, which brings us to the recent news that the company provided and allowed U.S. intelligence agencies to read through Yahoo user emails.

Let’s be clear. We’re not talking about tracking terrorists or undesirables here. We’re talking about Yahoo handing over the right for the US and likely other friendly governments to scan all incoming emails in search of red flag phrases or keywords.

Think about this for a second. All those emails you’ve written and received with discussions about politics and people that were assumed to be private and meant as inside jokes for you and your friends were being filtered through CIA headquarters.

Kind of makes you wonder what you’ve written in the past few years, doesn’t it?

Yahoo was recently hacked exposing people's data
Yahoo was recently hacked exposing people's data

Imagine becoming a person of interest because you make a meaningless comment to your mother, brother or best friend that uses a few unintentionally scary keywords.

Hmmm, that likely puts just about everyone on a government “watch” list.

Everything you write, public or private, not only is now available to be held against you in a court of law – it all becomes part of your “permanent record,” that nasty electronic dossier on you that lives forever in the hands of those who watch.

Yahoo has of course been pummeled in all the headlines for what unfolded.

But Yahoo alone isn’t the problem. They didn’t create the practice of online snooping. That’s been going on just about as long as the Internet itself.

Neither did they elevate the offense. The telecommunications industry led by AT&T, Verizon, Samsung and countless others has been caught infringing on privacy rights numerous times this year.

It is well documented that millions of dollars has changed hands between the US government and large telecoms in exchange for the annual set of communication records of their customers.

Then there’s Facebook.

Facebook has been watching you
Facebook has been watching you

Facebook the 'privacy villain of the year'

Two weeks ago, the European Digital Rights (EDRi), a coalition of civil rights organizations, presented the social media giant with its “privacy villain of the year” award.

Facebook has been looking at all your content, your pictures, contacts, and words since inception. It has experimented with manipulating the content you see and the emotions you express, tracked what you’re playing on your smartphone while digitally identifying you in photos, and much more. Facebook even tracks non-members.

Gmail left the door open from the start
Gmail left the door open from the start

And what about Google?

Google claims it wants to help you in every way possible. They are a search engine, a smart thermostat, a map, a video site, a place to create content and socialize and much more.

The list goes on and on with what they do and offer based on their many acquisitions.

What they don’t tell you in any way obvious, is that they scan every slice of Google that you use. All that information . . . becomes part of your “permanent record.” They argue it’s useful in order to customize your experience.

Google is doing everything they can to subvert your right to be forgotten. They seem to know literally everything you’re doing and what the temperature in your house is.

Remember, this is the same Google that was fined millions of dollars by several different countries when they literally stole IP addresses and WiFi passwords from citizens’ homes as they drove by in their quest to map the world. By this time we are all exhausted by the mind-numbing targeted ads and content we receive. Who is that really useful to? To them of course.

While it lacked the tech back then it doesn't now
While it lacked the tech back then it doesn't now

This isn't a new thing

The real scary part is that in many instances, this was the intention from day one.

Look at the patent Google filed for Gmail in 2005. Google put its cards face up there, spelling out that while it then currently lacked the technology to scan emails and attachments, it left the door open to in the future.

Today they’ve been scanning for years. Data brokers enjoy over 1,500 pieces of data on all of us, thanks to services like Google and Facebook. And now as we’ve learned, it is Yahoo’s turn to offend.

These huge companies I prefer to call “data vacuums.” Their members are products sold to their customers – data brokers, advertisers, and as we often learn later, governments.

They willingly sacrifice their users in exchange for dollars, no matter who the customer. It gives a black eye to technology in general.

This hasn’t been lost on Silicon Valley.

Within 24 hours of the news about Yahoo, companies such as Microsoft, Twitter, and yes, Facebook and Google, quickly denied following any such practice themselves, claiming they would fight such government demands up to the Supreme Court.

While hypocritical in many ways, these tech giants are smart enough to know who butters their bread and that the perception of trust outweighs the reality of it. But isn’t it the government who ultimately ends up with the data if a company is intentionally spying on us and building a huge record about each of us?

WhatsApp is now owned by Facebook
WhatsApp is now owned by Facebook

WhatsApp is tracking you

Ah the irony of it all. A few weeks ago Facebook egregiously announced that they had changed WhatsApp’s privacy policy and are now tracking all WhatsApp members.

Facebook owns WhatsApp, by the way.

For WhatsApp users, you may want to run quickly – because you are now just another data nugget and your privacy, which was the very premise of WhatsApp, has been compromised mercilessly.

In your permanent record they now note who you are talking to, when/what time you are talking with them, and where you are when you are talking with them.

It just seems predictable that at some point some hacker is going to make public all of our permanent records. This could wreak havoc on our jobs, our relationships, our families, and so much more. It is likely – perhaps not today, but certainly in the coming years.

Going forward, incidents such as this latest Yahoo fiasco thankfully increase the demand for user control and privacy as a fundamental right.

People of the world want to have their personal privacy respected, and as Pew Research has recently reported, now more than ever.

The good news is that companies can easily enough produce apps that follow privacy-by-design principles.

I know this in practice. As founder of MeWe, the next-gen social network, we protected users with an industry-exclusive Privacy Bill of Rights.

It has no dossier on users, because it was built with no tracking, no algorithm and no target ads or content.

It is possible.

So what can we learn from Yahoo’s actions?

This whole episode is yet another symptom of an overall disease concerning the lack of privacy online that has spread to all corners of the globe.

Enough is enough already. The best way to cause corporate behavioral changes is to change our behavior as consumers.

We can take action, by terminating our accounts and marching away from these data-grabbing/selling entities and realign ourselves with companies philosophically aligned with the inalienable human privilege that democracy is intended to protect, the right to personal privacy.

Source : mirror

Categorized in Science & Tech

It pays to be a hacker.

Anyone interested in becoming a millionaire by hacking an iPhone or iPad should listen up.

A bug broker named Zerodium has tripled its payment for zero-day exploits, or hacks that can be immediately taken advantage of and are unknown to the rest of the world, the company told Ars Technica in an interview. Anyone who can hack a fully patched iPhone or iPad running iOS 10, Apple’s AAPL -0.86%  latest operating system, will receive a $1.5 million reward. Zerodium previously paid $500,000 for a zero-day exploit. The $1.5 million fee will be reserved solely for sophisticated exploits that give hackers full access to a user’s data and device.

In an interview with Ars Technica, Zeroidum’s founder Chaouki Bekrar said that sophisticated exploits in iOS 10 are about 7.5 times harder to achieve than those in Google’s Android operating system. That’s why, he says, Zerodium has pegged similar hacks on Android devices at a maximum fee of $200,000.

Get Data Sheet, Fortune’s technology newsletter

Zerodium is one of many so-called “bug brokers” operating in the security community. The company, which is joined by broker Exodus Intelligence, among others, pays individuals or companies that bring to it a fully exploitable flaw. After paying for the flaw, they then “own” the technique and sell it off to defense contractors, governments, and other groups.

Bug brokers have been criticized in the past for operating a potentially appealing way for malicious hackers to gain access to exploits that could target individuals and companies, though they’ve long argued they focus on selling technology to companies and governments, as well as cybersecurity vendors.

Despite these reassurances, the practice is concerning to those who don’t like the idea of companies selling technologies that allow them to be easily hacked. What’s more, the flaws aren’t typically disclosed to companies like Apple that can patch the flaw and break the hacking opportunity. That ultimately leaves millions of users around the world vulnerable.

Although Zerodium is paying a sizable sum for a flaw, there’s potentially a significant amount of money in being a bug broker. In a 2014 report in TIME, sister publication to Fortune, Exodus was said to have charged $200,000 per year to clients who wanted exploits on software.

The FBI is said to have paid $1 million to an unidentified company for access to a flaw that gave the agency access to data on the iPhone owned by San Bernardino attacker Syed Farook. Apple previously declined to offer the FBI access to the device.

But bug brokers aren’t alone.

Companies like Apple and Google GOOGL -0.14% also operate so-called bug bounty programs that reward users and security companies for finding flaws in their technologies. Earlier this year, Apple announced plans to offer rewards of up to $200,000 through its bug bounty program. However, unlike bug brokers, Apple uses the information to patch security flaws in its operating systems. Bug brokers use the flaw to generate revenue.

In addition to boosting its price on an iOS 10 hack, Zerodium has also increased its rewards for several software hacks. For instance, the company is now paying $100,000 for an attack on Adobe’s Flash, up from $80,000. An Apple Safari hack will net hackers $80,000, compared to a previous $50,000 reward.

Apple did not respond to a request for comment on the Zerodium move.

Source : fortune

Categorized in Internet Privacy

The iPhone 7 is already out on the market and many think it may be Apple’s best iPhone yet with only one flaw. There is no support for one-hand typing.

The mere fact that iPhones are already following the smartphone trend of increasing display sizes means that Apple should also work on making texting or typing important documents on the devices easier for their consumers.

While there has been no official announcement yet, it seems as though Apple was actually working on a one-handed keyboard and an IT expert recently discovered it hidden under the iOS code.

iPhone 7 Worst Features

Since it was launched last month, the iPhone 7 received a lot of attention especially during the beginning of the rapid descent of the Samsung Galaxy Note 7 (RIP).

While there are those who loved the new iPhone and dubbed it the best in Apple’s infamous smartphone line, there are those who gave bad reviews if only because of a couple missed expectations.

One of the worst and probably the most cited bad features of the iPhone 7 is the lack of a headphone jack. In fact, it had been repeatedly mocked and compared with competing devices such as Google’s Pixel that some people might actually be convinced to switch sides.

Others criticize the device’s lack of improvements in terms of display resolution even as its screen size increased.

While Apple devices had a reputation for clear display a couple of years ago, it seems like the Cupertino-based company has neglected that part of their flagship device that competitors are beginning to take the title from them.

Finally, another bad thing about having a supersized Apple phone is the lack of one-hand typing support.

Just imagine, corporate employees and professionals opt for iPhone because of its sleek and elegant look only to discover it will make their work even more difficult as they will need to use both hands only to send messages or type in a couple of sentences on their phones. What a bummer, right?

Apple’s Secret One-Handed Keyboard

Fortunately, Steve Troughton-Smith, a game developer and IT expert, recently shared a discovery that could probably change all that.

In a Tweet, Troughton-Smith explained that Apple has actually been secretly working on one-hand typing support but has evidently left it to rot hidden under codes since they launched the iOS 8 in 2014.

At the time, Apple may have decided it was the right time to develop the feature. iPhones are beginning to increase in sizes that cannot be handled with one hand, with the iPhone 6 as proof to that point.

What is mind boggling about this is why Apple decided to keep the keyboard buried under code and not make it official which means iPhone users cannot use it.

That is, unless they decide to Jailbreak their devices with the following activation tweak on the codes.

Microsoft’s WordFlow

Of course, iPhone users also have the option to download Microsoft’s one-handed keyboard app WordFlow which is exclusively available for iPhone users.

According to the Wall Street Journal, this app has features that allow users to use their photos as the background image of their keyboards and curve their smart keypad to make one-hand typing a whole lot easier as WordFlow can lock on either left or right depending on the user’s preference.

Source : inquisitr

Categorized in Internet Privacy

Thanks to fake Gmail sign-in pages, hackers were able to dupe John Podesta and the entire Clinton campaign.

According to Naked Security, a technique known as spear phishing was used to hack into John Podesta and the entire Clinton campaign’s account. This hacking technique involves using fake Gmail sign-in pages and security alerts to trick the owner of the email into revealing his or her password to the person attempting to hack into the Gmail account. 

The Smoking Gun reports that when it came to John Podesta’s Gmail account, he received an email alert telling him that someone was trying to access his account from an unusual location. Basically, the email he received was asking him to change his password to secure his account.

With this hacking technique, John and the entire Clinton campaign was duped into believing the fake security alert and using the fake Gmail sign-in pages to give their login information directly to the hacker. From there, the hackers were able to log in to the Gmail accounts of anyone who used the fake Gmail sign-in page and do whatever they wanted to with the account.

Townhall reports that government officials using their private emails in order to avoid their emails becoming public record has become a very common occurrence. The hacking of Hillary Clinton and John Podesta’s private Gmail accounts put these two in the spotlight, but a former top State Department official acknowledges the fact that this is something nearly every government official does in order to avoid their conversations being a matter of public record.

Townhall goes on to report that the former State Department official claims that if something would be done to stop government officials from using their private email accounts for work-related matters, the issues with hacking wouldn’t have been a problem to begin with.

Nashville Chatter reports the same group of Russian hackers that was believed to have developed the fake Gmail sign-in pages and security alerts that hacked the Clinton campaign is responsible for a recent Microsoft bug as well. Microsoft was given a grace period of a week before Google’s Threat Analysis group made a public announcement about the vulnerability that was exposing people to malware attacks.

Terry Myerson, the executive VP of Microsoft Windows, claims a sophisticated group of hackers was exploiting a Microsoft bug. This group of hackers has since been identified as the same group who caused the DNC and Clinton campaign data breaches. Microsoft is currently working on fixing the bug, but Terry Myerson is urging Windows users to upgrade their operating systems to Windows 10 in order to protect their devices from this potential threat.

Microsoft is currently working with Adobe and Google in order to create security patches to protect the lower levels of Windows. There are several versions of the security patches currently being tested. These patches will be released on November 7 for Windows users.

Do you find it embarrassing that government officials were hacked by nothing more than fake Gmail sign-in pages and security alerts? More importantly, do you think government officials should be able to use their private Gmail accounts in order to avoid their conversations becoming public record? Share your answers to these two questions in the comments section below.

Source : inquisitr

Categorized in Internet Privacy

CYBERCRIMINALS linked to the Russian government were behind the recent attacks that exploited a critical vulnerability in the Windows operating system, Microsoft has claimed.

Microsoft has confirmed that a number of cyber attacks by notorious hacking group Strontium have taken place.

The group, which has also been linked to the unprecedented hacking campaign aimed at disrupting and discrediting the upcoming US election, is believed to have exploited a newly discovered Windows security flaw.

Google published details about the critical vulnerability in Windows earlier this week – something Microsoft isn't too happy about.

The US search engine's Threat Analysis department disclosed details of the critical vulnerability in a post on its security blog.

The glitch can be used to bypass the security sandboxing used in the Windows32K system, Google has claimed.

Google said it reported the bug to Microsoft 10 days ago, but the Redmond firm has done nothing to address the issue.

Google has already patched its Chrome web browser against the bug, and Adobe has issued a fix for its Flash software.

However Windows itself is still vulnerable – something that Microsoft claimed hackers used to execute the spear phishing.

In spear phishing, an attacker will typically send targeted messages – typically via email – that exploit known information to trick victims into clicking on malicious links or open tainted attachments.

Microsoft chided rival Google for going public with details of the vulnerabilities before it had time to prepare and test a patch to fix them.

"Google's decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk," Microsoft said.

Microsoft-WIndows-Exploit-706214.jpg

Microsoft says hacking group Strontium has exploited the vulnerability highlighted by Google

Microsoft's disclosure of the new attacks and the link to Russia came as Washington accused Moscow of launching a cyber campaign to disrupt the US election.

The US government last month formally blamed the Russian government for the election-season hacks of Democratic Party emails and their subsequent disclosure via WikiLeaks and other entities. Russia has denied those accusations.

Microsoft said a patch to protect Windows users against the newly discovered threat will be released on November 8th – Election Day.

It was not clear whether the Windows vulnerability had been used in any of the recent US political hacks.

Representatives of the FBI and the Department of Homeland Security could not immediately be reached for comment.

Google disclosed the serious security flaw on Monday, following its standing policy of going public seven days after discovering "critical vulnerabilities" that are being actively exploited by hackers.

Google gives software companies 60 days to patch less serious bugs.

Source : express

Categorized in Science & Tech

Edward Snowden, the whistleblower, is of the belief that, in all probability, Russia is responsible for the alleged US National Security Agency (NSA) hack.

Hackers allegedly got hold of digital arsenal or malware deployed by Equation Group, the cyber espionage unit that has links with the NSA.

Hackers who called themselves Shadow Brokers put up the leaks, which consisted of exploits and malware widely-used firewalls from manufacturers such as Cisco, Fortinet, Juniper, and TopSec, for an auction.

Former NSA contractor Edward Snowden took to Twitter to substantiate his theory.

Edward Snowden, who is in exile in an undisclosed location in Russia, started sending a series of tweets by saying that NSA’s malware staging server had been hacked earlier on as well, but the take has been published for the first time now.

Kaspersky, a security firm, said that the original files are likely from the Equation Group with links to the NSA.

According to Dave Aitel, a former NSA employee who also pointed out that Russia might be involved; this could be a diplomatic move in the wake of blaming Russia for hacking the US Democratic Party’s computers.

In a tweet, Edward Snowden said that the leak is most likely a warning that someone would be able to prove the US responsible for attacks originating from this malware server.

Meanwhile, an analysis released by Kaspersky pointed out that it believes with a great degree of certainty that the tools obtained by Shadow Brokers are related to Equation Group’s malware.

This is because the sample elements that those hackers released for the purpose of verification displayed Equation’s unique characteristics.

On their part, Shadow Brokers are organizing an auction to dispose off the key for the remaining data, which according to them is encrypted.

Wikileaks, the whistleblowing website, has also said that it is in possession of the same data and that it will release it in due course.

However, the hackers have suggested that the Wikileaks’ claim may not be true. When asked as to why anyone should trust them, the hackers said that the risk would be higher if there is no trust.

They also noted that people have to take the risk if they like the reward, but there are no guarantees as they could win or lose.

Mr. Aitel listed out the reasons as to why he was almost certain as regards the link between the malware leak and hacking of the computer of the US Democratic Party, which led to the resignation of a few senior leaders of the party in one of the blog posts published by him.

They included the auction’s timing as it is being done nearly three years after the information was stolen, experts opined.

According to him, high-level officials in the political field in the US were upset about the Democratic Party hacks.

In a post published recently, he noted that only those who are experts in the field of operational security or those who are desirous of taking advantage of the bugs would ever keep quiet about something big like this for a long time.

Edward Snowden explained through his tweets that security services commonly attempted to target the hacking tools of each other in order to create “fingerprints” which would help them detect the same in the future.

He also noted that no one knows as to why they did it, but his suspicion is that this has to do more with diplomacy than intelligence and is linked to the escalation of the DNC hack.

Edward Snowden, who suggested that the leak could be a warning sign, also added that the NSA leak could have significant consequences as far as foreign policy matters are concerned, particularly if the operations targeted any of the US allies and elections.

In addition, the NSA hack might be a ploy to influence the calculations of decision makers who are wondering as to how they should respond to the DNC hacks.

According to Edward Snowden, the leak appeared as though somebody is sending a message that the attribution game could get messy very fast.

The comments of Edward Snowden however should be taken with a pinch of salt.

Source : darkwebnews

Categorized in Internet Privacy

One of the main issues that affect Information and Communication networks today is the increasing prevalence of cybercrimes.

Cybercrimes are deliberate efforts to access and leverage information technology networks by unauthorized parties primarily for unlawful reasons.

The main motivation behind cyber-attacks is often damage, sabotage, ransom or theft.

In September 2016, The Los Angeles Times published a report about a hacking incident on WestPark Capital, an investment bank based in Los Angeles, California. 

The hacking attack was orchestrated by the hacking group known as TheDarkOverlord, who has leaked around 20 documents online.

According to reports, the CEO of WestPark Capital, Richard Rappaport, declined to pay the initial ransom that the hacking group requested.

This decision prompted TheDarkOverlord to release the files, and it threatens to disclose much more if their demands are not met.

WHO IS THEDARKOVERLORD?

At the moment, the real identity of TheDarkOverlord remains unknown. It is even not clear whether this entity is a group of hackers or a lone hacker.

TheDarkOverlord, conveniently named after a comic book villain, came into the public limelight when the hacking group attempted to extort healthcare facilities in June this year.

The hacking group claimed to have stolen 10 million patient’s insurance records including three medical databases containing information relating to more than 600,000 patients. The data contained everything from social security numbers, contact information, addresses, medical records, and insurance coverage.

TheDarkOverlord threatened to sell this information on the online black market if the ransoms were not paid.

The ramifications of this data breach were significant as the information could be easily used for criminal activities including fraud and identity theft.

True to their word, the hacking group did put the information on offer in batches going upwards from $100,000.

These events earlier this year show that TheDarkOverlord is serious about leaking the WestPark Capital’s data.

During the healthcare systems hack, this hacking group apparently called a number of the patients and informed them that their information was going to be leaked or sold online.

A journalist who communicated with the hacker through an encrypted chat was a testament to this.

As such, the data breach at WestPark Capital could have serious consequences for the affected parties.

THE WESTPARK CAPITAL CASE AND ITS IMPLICATIONS

The WestPark Capital hacking incident reveals a worrying direction in cybercrime.

TheDarkLord released about 20 files, containing background checks on key individuals, Social Security numbers, non-disclosure agreements, contracts, reports, internal presentations, and private stock offering information.

According to estimates by John Bambenek, the initial ransom that the hacking group demanded was more than $1 million.

Bambenek is the threat systems manager for Fidelis Cyber Security.

This amount could be the “handsome proposal” made to Richard Rappaport that TheDarkOverlord was referring to during their online chat with Motherboard.

The bank’s failure to pay this amount is probably the motivation behind the hacking group leaks.

It is relatively safe to assume that investigations are currently underway to find out exactly how the hacking group managed to execute the data breach.

According to a report by FTSE Global Markets, Jamie Moles, a cyber-security consultant, speculates on the possible weak link that could have facilitated the hack.

Moles pointed out the network perimeter security implemented by WestPark Capital.

The investment bank’s failure at limiting the number of IP addresses authorized to access their network remotely could have been their undoing.

The hacking group themselves stated that their access to WestPark’s data was aided by vulnerabilities in Microsoft Remote Desktop Protocol lending credibility to Jamie Moles’s speculations.

However, without conclusive data from the investigations, the hacking methodology remains open to debate.

This attack stands out as it adds to this year’s trend in online extortion.

For some time, institutions have mostly been focusing on ransomware attacks. Ransomware attacks are whereby cybercriminals encrypt company data and demand ransom for its decryption.

While these types of attacks can be mitigated through backup systems and other cyber security measures, the WestPark Capital attack where data is stolen is much more difficult to manage.

Since hacking groups like TheDarkOverlord usually threaten to damage a company’s reputation, payment of the ransom would be the path of least resistance for many organizations.

It seems like cybercrime is getting more and more sophisticated and may prove to be a major networking pain point in years to come.

Source : darkwebnews

Categorized in Deep Web

Franchises, resellers, customer service, collaboration tools, and training -- professional hacking organizations are now operating like any other business.

The clichéd image of a cybercriminal is one of a lone hacker, huddled over a computer in their parent's basement. Today, that stereotype couldn't be further from the truth, because -- now more than ever -- cybercrime is carried out by gangs running sophisticated operations.

The most organized criminal groups, such as those active on the dark web, are operating like legitimate businesses, with departmentalized teamwork, collaboration tools, training, and even service agreements between malicious software providers and their hacker customers.

"When you start to see malware kits that have customer service agreements and warranties associated with them, you know that you've moved into a pretty professional space," says Nathaniel J Gleicher, former director for cybersecurity policy for the White House's National Security Council.

Like the legitimate software market, cybercrime is now a huge economy in its own right, with people with a range of skillsets working together towards one goal: making money with illicit hacking schemes, malware, ransomware, and more. It's essentially an extension of 'real world' crime into cyberspace, and it's come a long way in recent years as groups have become bigger, more specialized, and more professional.

"There's been a substantial amount of improvement and innovation in the way attackers go after networks and, as cybercrime has professionalized, you've seen individuals develop a particular set of skills which fit into a broader network," says Gleicher, now head of cybersecurity strategy at Illumio.

"You have people who are managing and distributing credit card information, people who are cracking bank accounts, people who are managing remote access toolkits, to people who specialize in social engineering. There're very specific skillsets," he adds.

But it's not just gangs of hackers anymore: the cybercriminal ecosystem has evolved to the extent that it supports roles you'd expect to find in any large business.

"Advanced cybercrime groups now mirror legitimate organizations in the way they operate, with networks of partners, associates, resellers, and vendors. Some groups even deploy call center operations to ensure maximum impact for their scamming efforts," says Sian John, chief strategist for EMEA at Symantec.

That overlap with the world of business is also true of the tools cybercriminals use to communicate and collaborate, with different groups -- whether they're responsible for orchestrating phishing campaigns or stealing and cloning card data -- coordinating their actions for maximum effect.

"They're very much acting like a business. We're seeing that they very much collaborate and communicate via encrypted instant messaging systems," says Jens Monrad, senior intelligence analyst at FireEye.

Advertisment

become-an-internet-research-specialist

However, such systems aren't open to anyone, as the dark web is still very much a closed space. "They're still using various internet forums, some which are only available if you have enough street credibility or that you have to pay for to demonstrate how you're willing to collaborate on their terms," Monrad says.

Terms and conditions have very much become a part of the increasingly professionalized world of cybercrime, where cybercriminals are now leasing out or franchising their malicious software as a service and making just as much money -- if not more -- than when they were selling it themselves.

"The franchises take that technology, but rather than hosting it in the country where it's being developed, they'll ask the developers if they can take some of their services and host them in places they can't get to and let them take a cut. It's exactly the same as an independent software company: they have their own channel programme," says Bharat Mistry, cybersecurity consultant at Trend Micro, who describes such operations as "full-on enterprises on the underground".

This practice of hosting services to allow foreign cyberattackers to more easily commit cyberattacks against local targets has been observed in China and Russia. It's systemic of what has become a global trade meaning, like the largest enterprises, cybercriminal outfits are able to operate around the clock.

With 24-hour operations in what looks increasingly like a service-based business, cybercriminals are even recruiting people to work as customer service operatives -- although many of these 'employees' will be unaware they're working for a criminal group.

"Some groups deploy call center operations to ensure maximum impact on their scamming efforts and, in some instances, employees of the call center are oblivious to the fact they are working for criminal groups executing low-level campaigns like tech support scams," says Symantec's Sian John.

If traced by the authorities, the people unwittingly aiding these criminal activities might be fined or worse. But while these individuals might be discovered, the gangs they are working for often remain in the shadows.

Cybercrime credentials

While those at the bottom are unskilled, the professionalization of cybercrime has brought about another initiative you'd expect to see in any legitimate business operation: training courses. These programs are offered on the dark web in exchange for Bitcoin, the preferred currency of organized cybercriminal groups.

"There are online training courses you can pay for which show you how to go about hacking a website and infiltration. Everything which happens in physical enterprises is happening in the cybercriminal underground," says Trend Micro's Mistry, adding "it's only a matter of time" before this becomes a widespread activity within the professional cybercriminal economy.

Special report: Cyberwar and future of cybersecurity

Special report: Cyberwar and future of cybersecurity

You can download our full special report as a PDF in magazine format. It's free to registered ZDNet and TechRepublic members.

"We should assume any training techniques which are being used in legitimate organizations are being used in cybercriminal organizations as well," agrees Illumio's Gleicher.

Gleicher investigated and prosecuted cybercriminals during his time at the US Department of Justice and therefore has first-hand experience of just how sophisticated these schemes have become.

"What I found most interesting in the rise of professionalization is, as you're tracking these institutions, you quickly find they're based in multiple countries and they have sophisticated coordination frameworks to work together," he says.

What he took away from the experience was that cybercriminal operations are becoming increasingly niche, with groups conducting every type of cyberfraud using strategic business techniques that rival those used within corporations.

"They're working together in this really clockwork way, they'll specialize. So if you see an organization which runs fraud scams, something as simple as selling fake cars online, they're going to specialize in that and they're going to have teams of people creating legitimate looking websites, and teams of people communicating with prospective buyers who have effective enough English to appear legitimate," Gleicher says.

These trends suggest that hacking and cybercrime are no longer the domain of individuals seeking to make a nuisance of themselves. Cybercrime is now an industry involving major criminal groups, with ecosystems as well-structured as the corporations they're likely attempting to target. Organizations must therefore ensure their own defenses are up to fighting this threat.

Source : zdnet

Categorized in Internet Privacy

Five hackers are behind the most recent tech company hacks, according to a report from a cybersecurity research firm. This finding was announced after the recent Yahoo breach where a link was discovered, connecting the breach to previous exploitations.

Andrew Komarov, Chief Intelligence Officer of InfoArmor claims many of the reports on recent database breaches are considerably inaccurate. The hacks executed against Yahoo, Dropbox, LinkedIn, and Tumblr are all attributed to “Group E,” a small European hacking group. The Group E hackers perform large-scale database breaches and profit from selling the information to the highest bidder.

In an interview with the The Register, Komarov says that Group E deals with brokers to sell the massive data hauls. One such broker is registered on several underground communities as “tessa88.” Tessa88 was the first recorded individual to mention Yahoo had been hacked and that accounts were for sale. The broker then acted as a proxy between Group E and potential buyers on the deepweb.

dataforsale\

Shortly after the LinkedIn breach was publicized, tessa88 posted on an underground forum that Yahoo credentials were available. By following conversations on these hidden forums, InfoArmor was able to discover the aforementioned connection between breaches.

Advertisment

become-an-internet-research-specialist

The forum user who routinely interacted with tessa88 proceeded to list the database dumps for sale on various marketplaces. In this case, the listings were posted on TheRealDeal marketplace.

InfoArmor explains:

The actor “Peace_of_Mind” (PoM), well known for his activities at “The Real Deal Market” (TRDM) and “The Hell” forum, after identifying his post regarding the stolen data at one of the underground forums, contacts tessa88 and proposes some sort of cooperation [partnership] in exchange for some of his data.

Subsequent to this engagement, the databases initially published for sale by tessa88 are then resold by Peace_of_Mind in TOR network at TRDM. This is an interesting example of cooperation between a Russian speaking threat actor and an English speaking actor, demonstrating that cybercrime is an entirely transnational issue.

By following this pattern, InfoArmor found that the most recent database breaches ended up for sale on TheRealDeal or the Hell Forum. The vendors who published the listings directly corresponded with tessa88. Komarov says tessa88 is the main connection between Group E and a second group known as “For Hell.”

678947475686789.jpg

The second group of hackers, using the same broker, consists of high profile hackers behind similarly scaled data breaches. One of the most recognizable members is thedarkoverlord (TDO), the notorious electronic healthcare record hacker. TDO hacked millions of healthcare records from companies spanning the United States and is the subject of several major investigations.

darkoverlord.png

The majority of the data sold by the For Hell group of hackers is simply data redistributed from Group E. An example of this can be seen in the relationship between Peace_of_Mind (POM) and tessa88. Following forum exchanges between the two, POM lists breached databases on TheRealDeal marketplace.

YahooPIC_4.png

The relationship between POM and tessa88 has been well-established by InfoArmor. However, the security firm identifies some distrust between tessa88 and the For Hell group:

Peace_of_Mind also makes claims regarding tessa88, as he determined that some of the acquired data was misrepresented or falsified, not including any additional information regarding successful decryption of hashes and/or having absolutely no relationship to resources he was claiming had been exposed. For example, “LeakedSource,” another partner of tessa88 acquired the same data through the chain of proxies and mentions that the published Dropbox dump for sale is actually Tumblr.

In August, POM listed the Yahoo dump on TheRealDeal marketplace.

YahooPIC_6.png

Yahoo never announced or acknowledged a hack until after POM began advertising the Yahoo dump. While the validity of POM’s dump is still unknown, Komarov claims the Group E attack compromised likely double what Yahoo announced. Evaluating the Peace_of_Mind claims regarding 200,000,000 compromises, the actual database includes 500,000,000 Yahoo users. The entirety of the database hacked by Group E has not been published online.

The Yahoo dump sold by POM is provided in the following structure:

YahooPIC9.png

Source: deepdotweb.com

Categorized in Deep Web

The search for Overwatch’s mysterious new character Sombra stagnated to a halt several weeks ago when the momentincrime website went up. Before that however, the shooter’s community was ablaze with activity. Game Detectives rallied together and actively cracked each clue Blizzard put out as part of their on-going augmented reality game.

Some people though, went too far. In their desperation to find answers, they resorted to hacking, which I don’t think Blizzard ever intended to be a part of the game.

Though admittedly, I can understand the confusion some fans had, or why they considered such hectic measures necessary to find answers. Sombra’s entire being (thus far) hinges on the fact that she’s an excellent hacker after all, so would it be too far fetched to think that actual hacking was necessary to find additional clues (not condoning it, just pointing it out)?

Some people seemed to think so. A small group of fans identified a Battle.net account that had the name Sombra in it, and they believed accessing it might yield new information on the mystery character.

“These users eventually came to the conclusion that they would need to use social engineering to break their way into the account using Blizzard’s support desk,” Game Detectives admin Epsilon told Kotaku.

The group managed to convince Blizzard that the account belonged to them. Naturally, it turned out to be nothing out of the ordinary. The account held no information on Sombra. Despite that, this rogue group shared its username and password to the Game Detectives Discord chat, which saw them being banned.

“Users sometimes get excited and try to take actions into their own hands,” Epsilon explained. Hacking tactics are against Game Detectives policy, admins maintain.

Another Game Detective, Svardskampe, says that the above has happened around four more times with other similar Battle.net accounts.

He described the technique as “social poking around in the Blizzard support section in order to convince the poor [support] guy to make those accounts available.”

Thankfully, this sort of activity has died down (I hope). Like I’ve said already, the search for Sombra has somewhat stagnated. Personally, I feel that Blizzard dragged it out for just a little too long. People do strange things (like hacking) when they get desperate for answers.

At least some sort of resolution is on the horizon. If this recent leak is anything to go by, we can expect to see Sombra make an appearance in Overwatch fairly soon. Hopefully innocent people’s accounts being hacked will cease immediately.

If anything, Blizzard can learn from this debacle, and sharpen up their account protection in future. I know I’m safe. There’s no character named HairyKnees, is there?

Source : lazygamer

Categorized in Internet Privacy
Page 3 of 4

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media