Internet Criminals Targeting Smaller Companies

Last week Sony announced that its PlayStation Network fell victim to hackers. This was embarrassing for the company, worrisome for gamers and just proved that big companies remain targets. But last week Verizon also released its annual Data Breach Investigation and there was good news and bad news.

The good was that cyber criminals were far less successful in 2010, with the amount of data that was obtained or compromised falling dramatically last year. One reason cited is that law enforcement has begun to crack down on cyber crime, with one individual receiving a 20-year prison sentence last year. In total the Secret Service arrested more than 1,200 suspects last year for cyber crime violations.

So what’s the bad news? Instead of targeting large companies, it seems the new breed of cyber criminals is going after smaller companies that tend to be less well-guarded. According to reports, about 40 percent of the breaches were in the hospitality industry, 25 percent in retail and 22 percent in financial services.

Attacks against small business have been on the rise since 2008, and in according to a recent report from KnowBe4 in 2009 cyber criminals extracted nearly $400,000 from a Florida dentist’s account! Talk about a painful extraction.

But it was also a savvy style of attack, where Robert Thousand Jr. received thousands of calls to his business, home and mobile phones. These calls consisted of 30-second long recorded messages from a sex hotline – and these were done to keep Thousand’s phone lines tied up while cyber criminals made five transfers totaling $399,000 from a TD Ameritrade retirement account.

Cyber criminals also targeted lawyer Kimberly Graus, bypassing her anti-virus software to initiate $35,000 in wire transfers from a trust fund she managed. She was likely the victim of a phishing attempt, which installed malware that allowed hackers to capture her account passwords.

Both Graus and Thousand had virus protection in place, but today’s savvy hackers are finding inventive ways around it.

Part of the issue for small business is that identity theft is often a large component of the cyber crime. When fraud strikes it reportedly costs the average consumer $631 and take on average 130 hours to recover from identity theft

The good news is that help may be on the way. Last month President Barack Obama stated that he is looking to create an “identity ecosystem” that could include unique software that creates one-time digital passwords. This is part of the National Strategy for Trusted Identities in Cyberspace (NSTIC).

The most important thing to do is to always be on guard, and not to be the low hanging fruit for cyber crimina

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Internet Criminals Targeting Smaller Companies"https://www.voiceofgreyhat.com/2011/05/internet-criminals-targeting-smaller.html</a>

Microsoft Reports Increased Cyber Scams

Cyber criminals are increasingly targeting consumers with “marketing-like” approaches, according to the security intelligence report released by Microsoft.

As the general public becomes more aware of cybercrime, cybercriminals have gotten more sophisticated and continue to evolve their attack methods.

Microsoft’s latest report found that attacks were being run like marketing campaigns with fake product promotions, especially during events that generate a lot of media attention.

A “polarization” of cybercriminal behavior was discovered by the report, with a surge in the use of “marketing-like” deception tactics to steal money from people.

On one side, highly skilled criminals exploit the vulnerability in systems and networks of a targeted environment by acquiring special intelligence and using social engineering to trick intended victims in pursuit of a large payoff, the report says.

While on the other side are cybercriminals that use more “accessible methods, including social engineering tactics and leveraging exploits created by the more skilled criminals, to take a small amount of money from a large number of people.”

With the increased popularity of social networking, criminals create new opportunities to directly affect individuals as well as their friends, colleagues and family through impersonation, the report says.

In addition, these social engineering techniques trick people with false advertisements, fake security software, and pay-per-click schemes that generate cash when Internet links are activated, Microsoft reports.

"With more consumers and devices coming online every day, cyber criminals now have more opportunities than before to deceive users through attack methods like adware, phishing and rogue security software," Graham Titterington of Britain-based analyst firm Ovum told the AFP news agency.

"It's becoming increasingly difficult for consumers to decipher legitimate communications and promotions given the sophistication of tools criminals are using."

Rogue security software, or “scareware,” are virus software used to dupe Internet users by pretending to find viruses and other problems on computers and then offering to sell a program to fix the issue, according to AFP. In 2010, Microsoft reported that it detected and blocked this type of software on almost 19 million systems.

In addition, Microsoft reports that phishing targeted at online gaming sites reached a high of 16.7 percent of all phishing online. Phishing tactics, which use social networking as the “lure,” increased 1,200 percent from a low of 8.3 percent in January to a high of 84.5 percent in December of 2010.

Furthermore, Microsoft reports that Adware, which uses software crated to infect machines with pop-up advertisements, also increased by 70 percent from the second quarter to the fourth quarter of 2010.Two new Adware families that are the most prevalent malware in many countries, JS/Pornpop and Win32/ClickPotato, were responsible for the increase.

To guard against these growing threats, computer users are advised to update their computers with reputable security software, and by not clicking on links or opening files without making sure that they are safe.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Reports Increased Cyber Scams"https://www.voiceofgreyhat.com/2011/05/microsoft-reports-increased-cyber-scams.html</a>

UK is Enhancing Cyber Security to fight Against Hackers

The fight against cyber crime needs a stronger common international legal framework to enable perpetrators outside the country of their victims to be tracked down and punished, a British security official said on Tuesday.
James Brokenshire, a Home Office (Interior Ministry) Minister for Crime and Security, added in remarks to reporters that governments and companies had to work much more closely together to fight the "scammers, fraudsters and hackers" who were creating a truly global problem.
"Active international partnerships are central to tackling cyber crime," he said. "There needs to be an international response including international treaties, bilateral treaties and common agreements between countries." A priority for governments is to find ways of hunting criminals across borders and ensuring they are punished, but many nations lack a common definition of cyber crime or common legal standards that would enable prosecutions of criminals operating offshore. Security experts have long said the core problem has been that nations are thinking too parochially about their online security to collaborate on crafting global cyber regulation.
High-profile online assaults in recent weeks have targeted the International Monetary Fund, the U.S. Central Intelligence Agency and the U.S. Senate, and companies such as Citigroup and Lockheed Martin Corp. The raids have raised doubts about the security of government and corporate computer systems and the ability of law enforcement to track down hackers. Saying there should be "no safe haven" for online criminals, Brokenshire added that governments had to work with the private sector to provide technical expertise to police in those countries that lacked the resources to fight cyber criminals.

He was speaking at the launch of the International Cyber Security Protection Alliance (ICSPA), a global not-for-profit organisation that aims to channel funding, expertise and help directly to law enforcement cyber crime units around the world.The venture, which will seek funding from the European Union, governments of the United States, Canada, Australia, New Zealand and Britain, and private sector companies, plans to work in partnership with European police agency EUROPOL.
Rik Ferguson, Director of Security Research at Trend Micro said areas of concern to ICSPA included Brazil, which had expertise in banking malware, China, where computers were often used by criminals elsewhere to host attacks in third countries, and Russia and Ukraine.Companies supporting the venture include McAfee , Cassidian, Trend Micro, Yodel, Core Security Technologies, Visa Europe , Shop Direct group, A&REdelman, Transactis and Article10. Cyber crime costs the British economy some 27 billion pounds ($43.5 billion) a year and appears to be "endemic", according to the first official government estimate of the issue published in February 2011.
Brokenshire's call echoes remarks by U.S. Secretary of Homeland Security Janet Napolitano who said last week that cyber criminals were outwitting national and international legal systems that fail to embrace technological advances.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">UK is Enhancing Cyber Security to fight Against Hackers"https://www.voiceofgreyhat.com/2011/07/uk-is-enhancing-cyber-security-to-fight.html</a>

Cyber crime gets more personalised

Rajesh, a Bangalore-based software engineer received an e-mail from the Income Tax department saying that the department had reviewed his ‘tax fiscal payments’ for previous months and his ‘returns filed online’, and that he is eligible for a tax refund of Rs 40,135.50. However, what made him curious was the fact that he did not file his IT returns online.
The e-mail also contained a link for further details. He wasn’t convinced and checked the address of the sender; the id was same as that of the I-T department. However, when he clicked on the link he sensed he was the target of a cyber attack.
“I clicked the link, but when I saw some Brazilian ads on the website I got suspicious. Luckily, I didn’t reveal any important information,” says Rajesh.
Rajesh is one of the many tax payers in the country, who are facing such attacks at the beginning of the new financial just at the time of filing I-T returns. According to security experts, cyber criminals with an intention of stealing money and other personal information of netizens are becoming increasingly active. These perpetrators closely monitor netizens’ day to day activities on the Web and plan attacks. “Today’s phishing sites and spam e-mails are sophisticated enough to look identical to a legitimate e-mail and can easily betray you,” said a security expert.
A recent study by security solutions provider Websense says that 93 per cent of emails are spam. Of these, 2.5 per cent are phishing attacks. Another trend emerging is the attack based on search words. The search terms and trends vary based on the geography and seasons. For example, the subject lines of the recent spam mails and phising mails were Egypt revolution, Libyan unrest, and Japan tsunami among others.
Vinoo Thomas, technical product manager, McAfee Labs says: “Spammers and cyber criminals track most searched words and plan an attack accordingly. Earlier, the attacks were based depending upon festive seasons and other occasions, but now they are targeted at the individual level.”
As social media platforms such as twitter, Facebook and Orkut are gaining more acceptance, criminals also track these social networks and gather an individual’s personal information. Spear phishing is a more targeted and dangerous form of phishing attack. The e-mails are targeted at a particular user; the spear phisher thrives on familiarity by knowing the name, email address, etc.
“Criminals follow you on social networks, which gives them details about your location and background. This helps them reach you and send you spam mails,” said Anand Naik, Director, Systems Engineering, Symantec.
These days spam mails also originate with links of malicious sites, and on clicking them malicious content or codes are downloaded to the system. Spammers use URL shortening services to direct users to malicious links without their knowledge.
According to a data from Symantec, in March this year, 83.1 per cent of global spam was sent from botnets. Botnets have been and remain a destructive resource for cyber criminals. In addition to anonymous spam-sending, many botnets can be used for a number of other purposes, such as launching distributed denial of service attacks, hosting illegal website content on infected computers and installing spyware to track the activities of the users.
The study also said that India is among the top three countries for both infections for the five biggest spam-sending botnets — Rustock, Bagle, Festi, Cutwail and Lethic.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cyber crime gets more personalised"https://www.voiceofgreyhat.com/2011/04/cyber-crime-gets-more-personalised.html</a>

Every 14 Programs Downloaded by Windows Users Turns out to be Malicious

The next time a website says to download new software to view a movie or fix a problem, think twice. There's a pretty good chance that the program is malicious.
In fact, about one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5 percent of users ignore the warnings and download malicious Trojan horse programs anyway.
Five years ago, it was pretty easy for criminals to sneak their code onto computers. There were plenty of browser bugs, and many users weren't very good at patching. But since then, the cat-and-mouse game of Internet security has evolved: Browsers have become more secure, and software makers can quickly and automatically push out patches when there's a known problem.
So increasingly, instead of hacking the browsers themselves, the bad guys try to hack the people using them. It's called social engineering, and it's a big problem these days. "The attackers have figured out that it's not that hard to get users to download Trojans," said Alex Stamos, a founding partner with Isec Partners, a security consultancy that's often called in to clean up the mess after companies have been hacked.
Social engineering is how the Koobface virus spreads on Facebook. Users get a message from a friend telling them to go and view a video. When they click on the link, they're then told that they need to download some sort of video playing software in order to watch. That software is actually a malicious program.
Social-engineering hackers also try to infect victims by hacking into Web pages and popping up fake antivirus warnings designed to look like messages from the operating system. Download these and you're infected. The criminals also use spam to send Trojans, and they will trick search engines into linking to malicious websites that look like they have interesting stories or video about hot news such as the royal wedding or the death of Osama bin Laden.
"The attackers are very opportunistic, and they latch onto any event that might be used to lure people," said Joshua Talbot, a manager with Symantec Security Response. When Symantec tracked the 50 most common malicious programs last year, it found that 56 percent of all attacks included Trojan horse programs.
In enterprises, a social-engineering technique called spearphishing is a serious problem. In spearphishing, the criminals take the time to figure out who they're attacking, and then they create a specially crafted program or a maliciously encoded document that the victim is likely to want to open -- materials from a conference they've attended or a planning document from an organization that they do business with.

With its new SmartScreen Filter Application Reputation screening, introduced in IE 9, Internet Explorer provides a first line of defense against Trojan horse programs, including Trojans sent in spearphishing attacks.
IE also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, IE's SmartScreen has blocked more than 1.5 billion Web and download attacks, according to Jeb Haber, program manager lead for SmartScreen.
Haber agreed that better browser protection is pushing the criminals into social engineering, especially over the past two years. "You're just seeing an explosion in direct attacks on users with social engineering," he said. "We were really surprised by the volumes. The volumes have been crazy."
When the SmartScreen warning pops up to tell users that they're about to run a potentially harmful program, the odds are between 25 percent and 70 percent that the program will actually be malicious, Haber said. A typical user will only see a couple of these warnings each year, so it's best to take them very seriously.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Every 14 Programs Downloaded by Windows Users Turns out to be Malicious"https://www.voiceofgreyhat.com/2011/05/every-14-programs-downloaded-by-windows.html</a>

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai 

Yet again another infamous gang of cyber criminals who were behind the hack of more than $7 Million from exchange companies in Dubai get busted by the Dubai Police. The special Criminal Investigation Department (CID) of Dubai Police were behind these criminals for a long time, and after a certain period they successfully managed to track down and crack the cyber crime ring. Major General Khamis Matter Al Mazeina, acting chief of Dubai Police, said on last Sunday that a gang of Asians and Africans work with hackers in order to enter different websites and systems of different companies here in Dubai in order to transfer money inside and outside the country. “Cheques worth more than Dh6 billion have been found with the gang after their arrest,” he said. He also said that the gang was able to transfer more than Dh7 million from exchange companies in Dubai to their own accounts. From an exclusive report of Gulf News we came to know that the deputy director of the General Department of Criminal and Investigation for research, Colonel Salem Khalifa Al Rumaithi said the incident happened early this month when police received complaints about a scam and transfer of $2 million from a company’s account. “This was done through hacking the e-mails of this company by someone outside the UAE,” he said.

He said the hackers used to change the data of the transactions, billing, and then transfer the money into their accounts.

He said the first accused, an Asian identified as Kh. Q., used to receive the transferred funds. “He owns three luxury cars which he bought from the proceeds of such crimes,” he said. 

He said the role of the second suspect, another Asian identified as U.K., was to provide the gang with bank account numbers by creating fake companies on the internet and dealing with the victims’ accounts. “After the process of converting the money credited to the first accused U.K. used to take 3 per cent of the money and give the remaining to an African man who was the mastermind. According to Lt Colonel Saeed Al Hajeri, director of the electronic investigation department, the third suspect was identified as D.Q. from Africa.

“The role of this suspect was as a mediator between the gang members and manipulating the business processes and changing the bank accounts to any other account,” he said. The suspect admitted that he was part of the Dh4 billion scam and another Dh6 million scam.

Lt Col Al Hajeri said Dubai Police had taken the necessary measures to obtain sufficient information from the rest of the gang members who operate outside the country in African countries through Interpol. Brigadier Khalil Ebrahim Al Mansouri, director of CID, said the police team worked on arresting the gang quickly.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai"https://www.voiceofgreyhat.com/2013/03/Cybercriminals-Arrested-For-Stealing-7Million.html</a>

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York 

Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia. 

According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012. 

The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

Defendant	Age and Residence	Charges	Maximum Penalty
Nikita Kuzmin	25; Moscow, Russia	Conspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion	95 years in prison
Deniss Calovskis	27; Riga, Latvia	Conspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft	67 years in prison
Mihai Ionut Paunescu	28; Bucharest, Romania	Conspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud	60 years in prison

Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.

The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.

For Detailed Information Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York"https://www.voiceofgreyhat.com/2013/02/MasterMind-of-Banking-Trojan-Gozi-Charged.html</a>

Hackers, Crackers, Tramps & Thieves

Recently, we have saw a “hacker group,”, loosely known as Anonymous wage a denial of service attack (DDoS) against various companies that withdrew services to WikiLeaks. This was done in a supposed noble defense of WikiLeaks. Now it appears the same group has taken credit for attacks against Sony. Why attack Sony? Because Anonymous believes individuals should be able to modify PlaySation3 consoles and Sony’s says they no they shouldn’t be and are fighting the copyright infringement with legal action. It is sort of like I disagree with you and we end up in court and you then throw a rock through my window (funny…. I didn’t mean to bring Microsoft into the mix…LOL). Well apparently, more then a rock got thrown through Sony’s “window".It now appears that 2.2 million credits cards with CVV were stolen as well . Anonymous is now only claiming they broke the window, not that they stole anything. Who exactly are “hackers”?
Initially the term came to refer to individuals who pushed technology to its limits. Hacking was making technology (hardware/software) do more, more efficiently, etc. However, somewhere along the mix it began to be used as a term to describe individuals exploiting technology for illegal purposes. Latter the term crackers came to refer to hackers who did bad things, such as breaking into systems, causing damage, stealing data, etc. We also had the “color” system if you will, in part no doubt due to the old adage in Western movies, good and bad guys wear different colored hats. Yep you guessed it you have White Hat hackers (good guys) and Black Hat Hackers (bad guys). Of course, you also then have the Grey Hat Hackers (good or bad, depending upon what they are doing). As an old John Wayne fan I never really paid much attention to what hat he was wearing but that is beside the point.
In my opinion, hackers have come to enjoy a unique position in our society. For instance, there is no such thing as a “white hat” embezzler, drug dealer, or bank robber. The closest think I can think of is maybe Robin Hood, where he was a criminal but his ends justified his means (steal from the rich and give to the poor). I suppose there was some romanticizing about train/bank robberies, Jessie James or even Bonnie and Clyde. But in the end we still consider them criminals when all is said and done. We just don’t have other offender groups being described by their head apparel. I also am amazed being a hacker is viewed by some as the best pathway to becoming an IT security expert. It is sort of like someone being a burglar or robber as a path to a career as security professional. I guess these folks think honest hard work and education just doesn’t look as good as I was a criminal on a resume.
So what does this have to do with corrections? Well, many of these folks do get caught. They go before a judge and someone has to look at what was done and make a call. Answering it was illegal is easy. What do you do with them? Some would argue they are Robin Hoods, making information free for the world. Some believe they are just really smart and the corporations are the real corrupt ones. (See The Conscience of a Hacker)
Here is the problem I have. My Robin Hood didn’t burn Sherwood Forrest to help the poor. He also did not use the poor as pawns in his fight with the rich. Take a look at the Sony case. They have a right to protect their intellectually property. They were pursing the matter in court, following the law. A group of offenders breaks into Sony, allegedly to embarrass them. However, someone during the break-in, (more then likely the same folks that broke in) stole 2.2 million credits cards with CVV. There are reports that those card number are being sold. Sony looks bad for the security breach. But was it really necessary to harm Sony’s customers in the fight to make right? So, are hackers misguided “Robin Hoods”, out to defend us against the big bad corporations out there? Or are they what we normally call, common criminals?
On the other hand some of these “criminals” are what we call in the business, “success” stories. “rtm”who released the first Internet worm, later went on to get a doctorate and is a respected expert in the field. The “Condor” is an author and runs a successful information security consulting firm (not withstanding my comment about criminals becoming future security experts). The “Dark Dante” is a senior editor for a major publication as well as an accomplished author.
The bottomline to this discussion, is corrections must do what we always do. Condemn the acts but not the individuals. Hackers, whatever the reasons, are offenders, not modern Robin Hoods. They can be rehabilitated. They are however not modern day technological heroes. Making them sound like a quarter pounder with cheese does not change the fact they have no meat between the buns. Take care and be safe. Time for a cigar! 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Hackers, Crackers, Tramps & Thieves"https://www.voiceofgreyhat.com/2011/05/hackers-crackers-tramps-thieves.html</a>

BBC Server Compromised! Russian Hackers Broke Into FTP & Tried to Sell Unauthorized Access

BBC Server Compromised! Russian Hackers Hacked Into FTP & Tried to Sell Unauthorized Access on The X-Mass Evening 

Earlier we have seen world renowned media houses like CNN, NBC, Fox News, Washington Post, NY Times, NDTV and so on have fallen victim to hackers and cyber criminals. Now it was the turn for world’s largest and oldest broadcaster -British Broadcasting Corporation, widely known to us as BBC. Sources revealed that cyber criminals have managed to breach the security system of BBC and secretly took over a computer server at the BBC and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system. The attack was first identified by a cyber security firm named Hold Security LLC, in Milwaukee that monitors underground cyber crime forums in search of stolen information. However, it is still not clear whether the hacker stole any information or data or caused any damage to the site. In conversation with press Alex Holden, founder and Chief Information Security Officer of Hold Security told -"So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC.” So far the identity of hacker has not been confirmed, but the firm researchers observed a notorious Russian hacker known by the monikers "HASH" and "Rev0lver," attempting to sell access to the BBC server on December 25. However, BBC's security team managed to secure the site on Saturday, claims a person close to clean up efforts. One of the BBC spokesman refused to comment on the issue, he said, “We do not comment on security issues.” On the other hand, Justin Clarke, a principal consultant for the cyber security firm Cylance, said that while "accessing that server establishes a foothold within BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources.” So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC. But we all know that  ftp systems are typically used to manage the transfer of large data files over the Internet. That's why the chances of data breach cant not be denied at this time. For updates on this piece of news and other hot information of the cyber & tech world stay tuned with VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href="> BBC Server Compromised! Russian Hackers Broke Into FTP & Tried to Sell Unauthorized Access "https://www.voiceofgreyhat.com/2014/01/bbc-ftp-server-hacked-by-russian-hackers.html</a>

Cyber criminals, beware!!!

Digital forensic examiners will now be able to extract evidence from the computer of cyber criminals and preserve it to be provided to law enforcement authorities.

Ajman Medical District, in coordination with Drug Control and Registration Department, invited experts from the US Seattle-based Cyber Security Institute to provide training in digital forensics aimed at combating Cybercrime cases in the country.

Steve Hailey, President/CEO of the Cyber Security Institute (CSI) and Digital Forensic Examiner and Educator said the five-day training course which concluded on Thursday, trained members of several law enforcement agencies as well as employees of the Ajman Medical District on every aspect a competent forensic examiner needs to know in order to properly acquire, interpret and report findings related to digital evidence to be provided to court, police and attorneys.

The trainees were, at the end of the course certified as forensic digital examiners to provide evidence analysis on various cases of cyber crimes and also be witnesses in courts. They were introduced to concepts and techniques every computer forensics practitioner must master. CSI had earlier delivered the same course to IT professionals, the Department of Defense, law enforcement in the United States and the UAE, as well as the Ministry of Justice in the UAE.

The course attendees will receive five college credits from Edmonds Community College in Washington State, USA, for successfully completing the course. Edmonds Community College is recognised for providing cutting-edge training programmes for information security, digital forensics, and data recovery.

Hamad Al Shamsi, Director of Ajman medical district said that digital forensics capability is now essential within any organisation to combat fraudulent, illegal, and prohibited computer activity. This modern threat environment includes high risk for privacy invasion, financial crimes and identity theft. This environment dictates a need for legal, regulatory, and best practice requirements to preserve evidence and assure evidence is admissible in a court of law.

“Professionals from defence and intelligence agencies, law enforcement and corporations take our training because our hands-on case based instruction emphasises analytical problem solving skills and the practical knowledge required to process a case involving digital evidence from start to finish,” said Mike Andrew, CSI President of Training and Education.

“The Internet and its communications capability is the nervous system of any nation’s critical infrastructures, and is therefore extremely critical in maintaining economic productivity,” said Akram Ali, CSI Vice President of Global Business Relations. “Because of the economic importance that is associated with the Internet and its communications capabilities, criminals and sometimes a company’s own employees are looking for ways to exploit it for their own financial gain or to commit fraud. The use of technology to facilitate the commission 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cyber criminals, beware!!!"https://www.voiceofgreyhat.com/2011/05/cyber-criminals-beware.html</a>

Facebook Donates $250,000 to University of Alabama at CIA|JFR to Fight Against Cybercrime

Facebook Donates $250,000 to University of Alabama at CIA|JFR to Fight Against Cybercrime 

All of us, who are associated or directly involved in this cyber domain know very well that its almost impossible to stand against the rising cyber crime & cyber criminals. Then the very first question will arise and that is, what is the solution? The answer will be tie-up collaboration, unity in diversity. That means if we stand together and help each other, then definitely we can control cyber crime, not only that but also we can have a safe and secure cyber space. While talking about co-operation and collaboration then a live instance is here for you. It is your favorite social network, Facebook who stand against cyber criminals and donate $250,000 to help fight cyber crime. According to UAB News - The Center for Information Assurance and Joint Forensics Research at the University of Alabama at Birmingham has received a $250,000 donation from Facebook in recognition of the center’s role in tracking international criminals behind social-media botnet Koobface as well as other spammers. The donation, which comes from money Facebook has recovered from spammers located around the world, will be used to expand the new CIA|JFR headquarters. 

“As a result of numerous collaborations over the years, Facebook recognizes the center as both a partner in fighting Internet abuse, and as a critical player in developing future experts who will become dedicated cybersecurity professionals,” says Joe Sullivan, chief security officer at Facebook. “The center has earned this gift for their successes in fighting cybercrime and because of the need for formal cybersecurity education to better secure everyone’s data across the world.”  

Here we want to remind our readers that 'Koobface' was the most dangerous malware ever made to infiltrate Facebook made by few Russian hacker. The hackers, known as the Koobface gang, sent Facebook users attractive invitations to watch a funny or sexy video. When the unsuspecting users clicked the link, the message appeared saying that their computer’s Flash software needed updating. The “update” was in fact malware that hijacked the user’s clicks and delivered them to advertisers, making the hackers money -to the tune of over $2 million annually. According to Kaspersky Labs the network of infected computers included between 400,000 and 800,000 PC. Earlier in this year the entire Koobface gang was exposed and the C&C server of Koobface has been stopped prenatally by few German Researchers. 

With this story here we, the entire VOGH Team would like to congratulate the team at the University of Alabama at Birmingham on the donation from Facebook. More power to them and similar experts around the world, helping investigate cybercrime and making the online world a safer place! 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Facebook Donates $250,000 to University of Alabama at CIA|JFR to Fight Against Cybercrime"https://www.voiceofgreyhat.com/2012/10/Facebook-awarded-University-of-Alabama-to-Fight-Against-Cybercrime.html</a>

FBI is on high alert over a multi million dollar Chinese cyber crime operation

CYBER CRIMINALS with access to Chinese bank accounts have robbed US businesses of millions in dollars in the past 12 months by using malware that scarfs up banking details.
The US Federal Bureau of Investigation (FBI) has issued a stark warning about 20 incidents where banking credentials from smallish to medium-sized US businesses were harvested by malware like the Zeus Trojan and Spybot. The FBI said that the companies lost $11 million in these scams.
Often using reasonably cheap off-the-shelf malware, criminals can trap somebody in a company by compromising their computer with a phishing email or getting them to surf to a malicious website. The malware then gets to work, for example by keylogging crucial financial information like account numbers and passwords that the employee types in.
The FBI said that the criminal operation transferred the money to intermediary New York banks and then to the accounts of Chinese businesses that were registered as 'legitimate'. So far it's not known why these businesses received the transfers, that is, whether they were the final destinations or the money was transferred elsewhere.
Each wire transfer was able to shift hundreds of thousands of dollars, with the largest one nearly hitting the $1 million dollar mark. For smaller amounts money mules were used, poor unfortunates who fall for scams where they transfer money for the criminals involved, without realising it's stolen. µ

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">FBI is on high alert over a multi million dollar Chinese cyber crime operation"https://www.voiceofgreyhat.com/2011/04/fbi-is-on-high-alert-over-multi-million.html</a>

UK Implements Cyber Security Strategy (CyberCriminals Have To Face Internet Ban)

Newly implemented UK Cyber Security Strategy causes a lot for Cyber criminals. Cyber-stalkers, fraudsters and other criminals could be banned from accessing the internet, under proposals being considered by the Ministry of Justice and the Home Office. The government may broaden the scope of how it can enforce Serious Crime Prevention Orders to block criminals, sex offenders and others from accessing the internet, it announced on Friday.

"The Ministry of Justice and the Home Office will consider and scope the development of a new wayof enforcing these orders, using 'cyber-tags' which are triggered by the offender breaching the conditions that have been put on their internet use, and which will automatically inform the police or probation service," the government wrote in the strategy document. "If the approach shows promise we will look at expanding cyber-sanctions to a wider group of offenders."

To Download The UK Cyber Security Strategy PDF Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">UK Implements Cyber Security Strategy (CyberCriminals Have To Face Internet Ban)"https://www.voiceofgreyhat.com/2011/11/uk-implements-cyber-security-strategy.html</a>

Cyber criminals could be costing New Zealanders $4.7 billion per year

Cyber criminals could be costing New Zealanders $4.7 billion per year, with businesses taking most of the hit, according to AVG.

The company's 'security evangelist' Lloyd Borrett cited the findings of a UK report by the Office of Cyber Security and Information Assurance, and found that extrapolating the UK statistics by New Zealand's GDP and population resulted in a loss of $4.7 billion.

The report found that in the UK, £27 billion are lost to cyber criminals every year, with businesses bearing £22 billion of the cost.

In Australia the extrapolated figure was AUD$22 billion per year.

“The whole pubs, clubs, cafe industry in Australia is only $11 billion," Borrett said.

Merchants took most of the hit because of credit card fraud. The customer would usually call the credit card company and cancel any illegitimate transactions, so it was businesses that lost money.

"Now, a merchant, of course you've got to educate them to be aware and sophisticated and you say, 'well, don't deal with someone in Ghana'," Borrett said.

"I've set up online shops for a few small businesses, and you tell them, 'well, we just won't deal with anyone from those countries'."

The cyber crime industry was "bigger than the drug industry", Borrett said, and had ties to the mafia and organised crime.

NetSafe executive director Martin Cocker said New Zealand was becoming more at risk of cyber crime as it was attempting to become a "digital economy" through ultra-fast broadband.

"For us, the interesting question is 'how ready is New Zealand to become a digital society?'" Cocker said.

"Are small businesses aware of what they're getting themselves into when they move to e-commerce? Are consumers really aware of the risks that they face? The answer from the research is no, not really."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cyber criminals could be costing New Zealanders $4.7 billion per year"https://www.voiceofgreyhat.com/2011/04/cyber-criminals-could-be-costing-new.html</a>

Twitter Stimulates Online Crime

 

According to Kaspersky Lab the security company, ever-since the micro-blogging website Twitter was introduced during July 2006, numerous people have been utilizing it in their daily lives for communicating messages crafted within the standard 140 characters, published ITWeb in news on April 14, 2011.

Yet, in spite of the many flashy demographics along with an increased growth of Twitter, the website has had to fight a large number of malware incidences. These incidences are as varied as click-jacking, account compromising, Trojans, and hacks that have enabled cyber-criminals to use the service widely for launching assaults across the Web.

Says security researcher Timothy Armstrong at Kaspersky Lab, there has been many historical developments in the security of Twitter despite it being more-or-less young. Attacks on it have been varied such as hacked admins, trending topics and account compromises amongst others, he adds. ITWeb published this on April 14, 2011.

Further according to Timothy, during August 2008, cyber-criminals attacked Twitter wherein they crafted a malicious web-page containing an advertisement promoting one erotic film. So when anyone clicked on it, he became contaminated with a Trojan-downloader that disguised as an Adobe Flash update.

Also, during 2009, several versions of a Cross-Site Scripting (XSS) virus attacked Twitter. Innumerable messages apparently, signed off from Mikey emerged as the virus spread. Again in 2009, online crooks compromised Twitter trending subjects for delivering malicious software.

Thereafter, one fresh Koobface variant shortly facilitated in propagating its infection via Twitter accounts. Thus, when a contaminated member tried to access the website, Koobface compromised the communication session following which it masqueraded as that member and tweeted in contaminating his contacts.

Meanwhile, even with the lot of security measures adopted for aiding in lessening security threats, it appears that different stages of assaults will continue to hit social-networking websites. For, hackers still manage to invade the broadcasting arena easily because of its ready availability on social websites by abusing trending topics.

Given this, Armstrong concludes that it's thus important that users remain wary of the different kinds of malware, which Twitter has encountered owing to cyber-criminals' active exploitation of the site, reported ITWeb.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Twitter Stimulates Online Crime"https://www.voiceofgreyhat.com/2011/04/twitter-stimulates-online-crime.html</a>

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers

Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”

Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.

How It Happened:- 

Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.

As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 

In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.

-Source (Microsoft Official Blog)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet"https://www.voiceofgreyhat.com/2013/12/microsoft-shattered-zerozccess-botnet.html</a>

DHS Issues Malware Warning Impersonating FBI & US Cyber Command

DHS Issues Malware Warning Impersonating FBI & US Cyber Command

If you think that only innocent computer users are just the only target of cyber criminals, then you are absolutely wrong. Recently United States Computer Emergency Readiness Team, widely known as US-CERT; which is a part of Depertment of Homeland Security's (DHS) National Cyber Security Division has issued an emergency alert wile announcing a new effort by cyber criminals to spread Malware that impersonates Federal law enforcement (FBI) and other government agencies. The malware is a malicious software that installs itself on a users computer without a users permission or knowledge, “displays a screen claiming that a Federal Government agency has identified the user’s computer as being associated with one of more crimes,” reports the US-CERT alert. Explaining further, the malware then instructs the victim “to pay a fine to regain the use of the computer, usually through prepaid money card services.” The appearance of the message displayed on a users screen is intended to seem like a legitimate and official looking warning from the FBI or US Cyber Command. In turn, the impersonation effort by the cyber criminals seeks to leverage this to scare victims into paying the so-called fine immediately.

“Affected users should not follow the payment instructions,” US-CERT recommends, adding, “Users may also choose to file a complaint with the FBI’s Internet Crime Complaint Center.” 

In their release US-CERT states:-

“US-CERT is aware of multiple malware campaigns impersonating multiple U.S. government agencies, including the United States Cyber Command (USCYBERCOM) and the Federal Bureau of Investigation (FBI). Once installed on a system, the malware displays a screen claiming that a Federal Government agency has identified the user's computer as being associated with one or more crimes. The user is told to pay a fine to regain the use of the computer, usually through prepaid money card services.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">DHS Issues Malware Warning Impersonating FBI & US Cyber Command"https://www.voiceofgreyhat.com/2012/08/DHS-Issues-Malware-Warning-Impersonating-FBI.html</a>

Criminals and foreign spy agencies launched more than 1,000 cyber attacks on the MOD last year

Criminals and foreign spy agencies launched more than 1,000 cyber attacks on the Ministry of Defence last year in an effort to steal secrets and disrupt services, Liam Fox has revealed.
In a speech on Tuesday night, the defence secretary laid out the growing threat to the country from cyberspace, saying that government departments were now under sustained attack.
He underlined the problem by saying that "across the core defence networks there were an average of over a million security alerts every day".
These comprise mainly of spam emails that are blocked before entering government computer systems. But many turn out to be deliberate attempts to infiltrate and steal from the MoD's computer systems.
Last week the Guardian revealed that the UK is now developing a cyber weapons programme to give ministers an attacking capability in cyberspace.
It also emerged that the FBI is investigating allegations that the Google mail accounts of senior US government officials have been attacked by Chinese hackers.
In his speech, Fox set out why the government had committed an extra £650m for cyber security in last year's Strategic Defence and Security Review. He also warned more would need to be done to protect the UK's core infrastructure from cyber attack.
"Between 2009 and 2010, security incidents more than doubled," he said: "Was this in Afghanistan? No. This was in cyberspace and the target was the MoD. I and my senior colleagues are routinely alerted to incidents that could have had severe consequences if they'd not been stopped.
"Our systems are targeted by criminals, foreign intelligence services and other malicious actors seeking to exploit our people, corrupt our systems and steal information.

"To give you an idea of the challenge, last year we in the MoD blocked and investigated over 1,000 potentially serious attacks. "
Fox described it as the "war of the invisible enemy" and said the boundaries between government, business and every individual internet user were becoming blurred."This threat is growing in scale and sophistication. My department is a prime target. Across the core defence networks there were an average of over a million security alerts every day."
He said the opening of a new Global Operations and Security and Control Centre would help to coordinate the Whitehall response to cyber attacks, but conceded that government could not do this alone.
"We now see weekly reports of cyber attacks against businesses, institutions and networks used by people going about their daily lives," he said. "The cost to the UK economy of cyber crime is estimated to be in the region of £27bn a year and rising. These are attacks against the whole fabric of our society.
"There is no Maginot Line in cyber space ... our national intellectual property in defence and security industries is at risk from a systematic marauding. Not only could it severely affect the future success of British industry, our economic advantage, and the country's financial recovery, but also directly impacts upon our national security today."
Last week, the US government said it was intending to rewrite its military rule book to make cyber-attacks a possible act of war. In May, the chancellor George Osborne said foreign intelligence agencies were carrying out cyber-attacks on the Treasury, targeting it with programs designed to steal information.
Some experts have warned against government's over-exaggerating the problems in cyberspace, noting that 80 per cent of all such attacks can be thwarted with better computer 'hygiene' – such as people using less obvious passwords. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Criminals and foreign spy agencies launched more than 1,000 cyber attacks on the MOD last year"https://www.voiceofgreyhat.com/2011/06/criminals-and-foreign-spy-agencies.html</a>

Interpol, ITU & IMPACT Jointly Singed a Hostorical Agreement in Cybersecurity

Interpol, ITU & IMPACT Jointly Singed an Agreement to Exchange Information, Expertise & Enhance Cybersecurity

During the 81st INTERPOL General Assembly taking place in Rome, Italy a historical and very vital cooperation agreement has been singed. In an effort to further enhance cybersecurity around the world, International Multilateral Partnership Against Cyber Threats (IMPACT), the cybersecurity executing arm of United Nations’ specialised agency – the International Telecommunication Union (ITU) and the General Secretariat of the International Criminal Police Organisation – (INTERPOL), reached a historic milestone with the signing of a landmark ‘Cooperation Agreement’ between both international organisations. Through this Agreement, it allows both IMPACT and INTERPOL to exchange information, expertise as well as to enhance both organisations’ knowledge base in the field of cybersecurity. The Agreement will also see the cross promotion of capacity building activities aimed at the public and private sector and the civil society, with an objective to curb cyber crimes by protecting the cyber space and orchestrating a safer global community. 

The Cooperation Agreement paves the way for INTERPOL and ITU-IMPACT to effectively cooperate within the scope of their respective mandates and resources in the field of cybersecurity. This Agreement is also designed to provide a broad framework for such cooperation to take place and to establish a collaborative association, with a view to promoting cybersecurity capacity-building and addressing cyber threats on a global scale. Datuk Mohd Noor Amin, Chairman of IMPACT and Mr Ronald K. Noble, Secretary General of INTERPOL signed the Cooperation Agreement today, witnessed by ITU Secretary-General, Dr. Hamadoun I. Touré. With 144 countries now, part of the ITU-IMPACT coalition, IMPACT is entrusted with the task of providing cybersecurity support and services to ITU’s Member States and other organisations within the UN system. ITU-IMPACT’s global partnership now embraces over 200 industry, academia and international organizations. 

“This kind of cross-agency collaboration is essential to combating the increasingly serious problem of international cybercrime,” said ITU Secretary-General Dr. Hamadoun I. Touré. “For too long, cyber criminals have hidden behind national borders, hoping to escape detection or eluding the jurisdiction of national law enforcement authorities. This new partnership with INTERPOL represents a major step forward in our efforts to bring such criminals to book.”

Datuk Mohd Noor Amin, Chairman of IMPACT added; “The signing of this agreement is truly a landmark event for all of us. For the first time, we are effectively pooling together and merging the resources from INTERPOL’s community of police forces worldwide with ITU-IMPACT’s existing stakeholders from governments, telecommunications regulators, CERTs, ISPs, ICT industry and academia. ITU’s recent MOU with the United Nations Office of Drug and Crime (UNODC) further strengthens the partnership by potentially adding in judicial officers and prosecutors under the ITU-IMPACT umbrella. This coming together of various different, but important, stakeholders is vital if we are going to succeed against the cyber criminals and enhance international cybersecurity.”

-Source (PRWeb)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Interpol, ITU & IMPACT Jointly Singed a Hostorical Agreement in Cybersecurity"https://www.voiceofgreyhat.com/2012/11/Interpol-ITU-IMPACT-Jointly-Singed-Cybersecurity-Agreement.html</a>

Ransomware Found on Hacked GoDaddy Sites, Infecting Thousand of Users

Ransomware Found on Hacked GoDaddy Sites, Infecting Thousand of Users 

Users who have their websites hosted by GoDaddy again fallen victim of cyber attack. Researcher at ShopsLabs reported that cyber criminals have managed to hack the DNS records of GoDaddy hosted websites and thus they infected a large number of GoDaddy users with ransomware. Fraser Howard, a Principal Virus Researcher of SophosLabs stated that the hackers behind these attacks are “exploiting DNS by hacking the DNS records of sites, adding one or more additional subdomains with corresponding DNS entries (A records) referencing malicious IP addresses. The legitimate hostname resolves to the legitimate IP address, but the added sub-domains resolve to rogue servers.” By doing so, the criminals are able to set-up URLs that seem legitimate, potentially sneaking through security filtering systems and duping Internet surfers into believing they are harmless, he explained in a Friday blog entry. In some instances, multiple subdomains were added to each user’s account, with each of them redirecting viewers to at least one malicious IP address.  

Go Daddy customers who wish to check they have not been affected by these attacks should check their DNS configuration according to the Go Daddy support page. 

As soon as the attack has been spotted in the wild, GoDaddy released a statement included below :-

"Go Daddy has detected a very small number of accounts have malicious DNS entries placed on their domain names. We have been identifying affected customers and reversing the malicious entries as we find them. Also, we're expiring the passwords of affected customers so the threat actors cannot continue to use the accounts to spread malware.
We suspect that the affected customers have been phished or their home machines have been affected by Cool Exploit as we have confirmed that this is not a vulnerability in the My Account or DNS management systems.
Go Daddy highly recommends that US- and Canada-based customers enable 2-Step Authentication to help protect their accounts. Details on how to set up this feature are located at http://support.godaddy.com/help/article/7502/enabling-twostep-authentication.
If a customer suspects their account may have an issue, we encourage them to contact Go Daddy Customer Care or fill out the form at the following link: https://support.godaddy.com/support/?section=support. "

While talking about GoDaddy and cyber attack, then we would like to remind you that, this may not have been the first hacking attempt against Go Daddy this fall. Couple of months ago, a hacker from Anonymous claimed to have taken down the domain registry and web hosting company. However, one day after the attack, Go Daddy denied they had been targeted by cyber criminals. Last year in September several GoDaddy sites were compromised, there also the reason was a malware. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Ransomware Found on Hacked GoDaddy Sites, Infecting Thousand of Users"https://www.voiceofgreyhat.com/2012/11/Ransomware-Found-on-Hacked-GoDaddy-Sites.html</a>