Tag Archives: cyber warfare

Poor neo-Nazis: Booted by GoDaddy, hijacked by Anonymous

The Verge

Source: The Verge

"Neo-nazi news site the Daily Stormer has been given 24 hours to move its domain to a new host after its current provider, GoDaddy, said it would cut off support. The decision was made in response to a Daily Stormer article about Heather Heyer, who was killed during the Charlottesville protests this weekend. In a statement sent to TechCrunch, GoDaddy said the article 'could incite additional violence' and thus violated the company’s terms of service. … It also appears that hackers, who claim to be from Anonymous, have taken over the Daily Stormer website, saying they plan to shut it down within 24 hours. The hackers claim to have been targeting the site for months, but took action because of the Charlottesville protests." (08/14/17)

https://www.theverge.com/2017/8/14/16142384/daily-stormer-site-go-daddy-hosting-providers-hackers-anonymous

Report: Messaging apps with surveillance malware made it onto Google Play store

Source: Fortune

"Researchers at the security firm Lookout have identified a family of malicious smartphone apps, referred to as SonicSpy. At least three versions of the malware, which is able to remotely control infected phones, made it onto Google’s Play store. Anyone who installs the compromised apps will find they have full messaging functionality. But in the background, according to Lookout, the apps are able to hijack a variety of basic phone functions. That includes making outbound calls, sending text messages, and harvesting call logs, contacts, and Wi-Fi data." (08/13/17)

http://fortune.com/2017/08/13/malware-google-play-android-surveillance/

The FBI booby-trapped a video to catch a suspected Tor sextortionist

Source: Motherboard

"Malware and hacking tools are established parts of the Federal Bureau of Investigation's toolkit when it comes to unmasking criminal suspects on the Tor anonymity network. In a new case revolving around someone blackmailing children, FBI agents sent the suspect a digitally-poisoned movie file that obtained the target's real IP address. … Monday, prosecutors announced charges against Buster Hernandez, 26, of Bakersfield, California. Hernandez is charged with threats to use an explosive device and sexual exploitation of a child. He is suspected of using the moniker 'Brian Kil.' Since 2015, Brian Kil has used social media, email, and VoIP to communicate with a number of underage female victims and extort sexual photos from them, according to the criminal complaint. Under duress, some victims sent explicit images and videos to Kil." (08/08/17)

https://motherboard.vice.com/en_us/article/gyyxb3/the-fbi-booby-trapped-a-video-to-catch-a-suspected-tor-sextortionist

WannaCry ransomware: Hackers behind global cyberattack finally cash out Bitcoin windfall

Source: ZDNet

"Almost three months on from the WannaCry ransomware outbreak, those behind the global cyberattack have finally cashed out their ransom payments. The WannaCry epidemic hit organisations around the world in May, with file-encrypting malware powered by a leaked NSA exploit attacking Windows systems, infecting over 300,000 PCs and crippling systems across the Americas, Europe, Russia and China. … In the weeks since the attack, the wallets containing the money extorted by WannaCry were left untouched, but August 3 saw the bitcoin wallets containing the ransoms suddenly start to be emptied. At the time of withdrawal, the value of the wallets totalled $140,000 thanks to changes in the valuation of bitcoin." (08/03/17)

http://www.zdnet.com/article/wannacry-ransomware-hackers-behind-global-cyberattack-finally-cash-out-bitcoin-windfall/

Amazon suspends sales of BLU phones due to alleged spyware; BLU denies wrongdoing

Source: Android Police

"BLU is one of many low-end phone manufacturers, known for its dirt-cheap unlocked Android phones. But back in November, a security firm discovered spyware on some BLU phones sold in the United States, prompting Amazon to stop selling the affected devices until the issue was resolved. But it looks like BLU is, once again, in trouble with Amazon. The retailer is ceasing sales of some BLU devices (there are still some available for purchase, at the time of writing) following an announcement from security firm Kryptowire at the recent Black Hat security conference. You might remember Kryptowire — it's the group that found spyware on BLU phones last year. The firm revealed that the original spyware, developed by Chinese company Adups Technology, is still present on BLU phones." (07/31/17)

http://www.androidpolice.com/2017/07/31/amazon-suspends-sales-blu-phones-due-alleged-spyware-blu-denies-wrongdoing/

Kaspersky launches its free antivirus software worldwide

Source: Engadget

"Kaspersky has finally launched its free antivirus software after a year-and-a-half of testing it in select regions. While the software was only available in Russia, Ukraine, Belarus, China and in Nordic countries during its trial run, Kaspersky is releasing it worldwide. … The company says the software isn't riddled with advertisements like other free antivirus offerings. Instead of trying to make ad money off your patronage, Kaspersky will use the data you contribute to improve machine learning across its products." (07/26/17)

https://www.engadget.com/2017/07/26/kaspersky-free-antivirus-software-worldwide-launch/

Scammer uses fake Tor browser to lure victimst to supposed Dark Web marketplace

Source: BleepingComputer

"A malicious app disguised as a modified version of the Tor Browser is targeting users looking to buy illegal products off the Dark Web. Discovered by BleepingComputer's Lawrence Abrams last week, this malicious app is distributed using YouTube videos that teach non-technical users how to buy products from a Dark Web marketplace called The Rodeo. Instructions in the YouTube videos tell users to download the Rodeo Browser, which is a modified version of the Tor Browser specifically built to let users access The Rodeo marketplace." (07/13/17)

https://www.bleepingcomputer.com/news/security/scammer-uses-fake-tor-browser-to-lure-victims-to-supposed-dark-web-marketplace/

Millions of Verizon customer records exposed in security lapse

Source: ZDNet

"An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned. As many as 14 million records of subscribers who called the phone giant's customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra'anana, Israel-based company. The data was downloadable by anyone with the easy-to-guess web address. … Privacy watchdogs have linked the company to several government intelligence agencies, and it's known to work closely with surveillance and phone cracking firms Hacking Team and Cellebrite." (07/12/17)

http://www.zdnet.com/article/millions-verizon-customer-records-israeli-data/

Someone named Jayden K. Smith is not trying to hack your Facebook

Source: Mashable

"Here's a story you've probably heard before: A viral hoax is spreading on Facebook, that, when you stop and think about it, really doesn't make any damn sense. Monday's hoax involves a supposed hacker named Jayden K. Smith. … users are warned about an incoming friend request from a user named 'Jayden K. Smith,' who is reportedly a hacker. Then the user is encouraged to share the warning with all of their friends to protect one's Facebook network from Jayden." (07/10/17)

http://mashable.com/2017/07/10/facebook-viral-hoax-jayden-k-smith/

Vault 7: WikiLeaks dump reveals how the CIA can track your exact location

Source: Wired

"How many people specifically know where you are right now? Some friends and family? Your coworkers, maybe? If you're using a Windows laptop or PC you could add another group to the list: the CIA. New documents released on Wednesday as part of WikiLeaks' series of CIA hacking revelations detail a method the agency uses to geolocate computers and the people using them. The agency infects target devices with malware that can then check which public Wi-Fi networks a given computer can connect to at a given moment, as well as the signal strengths of those networks. From there, the malware compares the list of available Wi-Fi options to databases of public Wi-Fi networks to figure out roughly where the device is. The leaked documents detailing the project, which is known as ELSA, date back to 2013, and specifically address laptops and PCs running Windows 7. But experts say that the technique is straightforward enough that the CIA could have a version of it for every Windows release." (06/29/17)

http://www.wired.co.uk/article/wikileaks-cia-tracking