Tag Archives: Hack

TeamViewer Has Been Hacked

Information,

TeamViewer LogoSometimes, you just need to do a quick remote log in to someone else’s computer. There are plenty of tools available for doing this. But most of them are either expensive to purchase or difficult to set up. Remote desktop app TeamViewer changed all that with a series of free cross-platform, lightweight apps that require only a couple of numeric codes in order to connect to a remote machine. This has made TeamViewer very popular, and in turn, an inevitable target for hackers.

Last week, threads began surfacing on Reddit written by TeamViewer users claiming they had been hacked thru the app. Most of the hacking claims had common points. Users who were initially away from their computers came back to find their machines were being remotely controlled and directed to website like PayPal, eBay, and Amazon. This instance was reported by Reddit user psiren66:

I was sitting on my couch at 12am and all of a sudden my machine light up.
It opened an eBay page ans started trying to buy iTunes cards. I noticed that teamviewer was running as it’s access. as soon as i touched my mouse they disconnected. I opened my teamviewer and roughly 50 accounts had been added to it.
Changed all my passwords instantly. and added two step verification to my email and teamviewer accounts.

At first, TeamViewer was denying that its platform had been hacked, blaming these issues on user error. But the company has since stated that it knows about the hacks and that they are “significant”:

TeamViewer spokesman Axel Schmidt acknowledged to Ars that the number of takeovers was “significant,” but he continued to maintain that the compromises are the result of user passwords that were compromised through a cluster of recently exposed megabreaches involving more than 642 million passwords belonging to users of LinkedIn, MySpace, and other services.

If you’re a regular TeamViewer user, you should consider changing your password and possibly adding two-factor authentication to your account. If you use the application sparingly, you may just want to remove it completely from your computer until you need it again. The application is a quick download and it’d only take a few minutes to reinstall.

Hack May Have Allowed Pizza Buyers to Eat For Free

Android, , ,

Dominos Pizza logoIf there’s one connection that was inevitable to happen it would be the joy of home-delivered pizza being paired with the convenience that only the internet can provide. First, it became possible to order pizza direct from a restaurant’s website without having to even place a phone call. And now it’s even easier to purchase a pie online using mobile apps on a smartphone or tablet. While pizza makers have been quick to embrace new technologies, Dominos Pizza might be a little gun shy to jump on the next bandwagon.

Earlier this week, a UK security consultant named Paul Price blogged about an order he’d place with Domino’s using the pizza chain’s Android app. Price was curious to understand more about how the app worked. Using the skills he’d developed as a consultant, he was able to access the app’s source code and watch what it did while processing his order. He was surprised to find that the app was actually handling his payment locally, on his device, as opposed to sending the information to the Domino’s server. By implementing a relatively simple hack, Price was able to circumvent the payment system by sending a signal back to the Domino’s site indicating that his order was paid for when in fact, no payment information was given.

This effectively gave Price the ability to order potentially unlimited amounts of pizza for free! Price contacted the store he’d ordered from and they confirmed that his pizza was baking and would soon be on its way. But honesty got the best of the man, and when his pizza arrived, he informed the delivery driver of the hack, and he paid in cash for the total cost of the order.

Domino’s has since closed the hole in its app that allowed for this exploit. But it did so quite some time after Price alerted the restaurant to his findings. There’s no telling how many others might’ve also discovered the hack and enjoyed free pizzas because of it.

GNC-2011-12-15 #729 Task Saturation @ 195%

Podcast, , , , , , , , , , , , ,

Things have been busy here in a good way. I have been pulling some 19 hour days. Hopefully by Sunday things are going to cool off just a bit and I can enjoy the holidays. I hope you will stay tuned in through the Christmas break as I will be cranking out shows throughout the holiday period. We introduce a new sponsor to the show tonight details below… I talk about GoDaddy.com coming on board as out CES 2012 Official Media Sponsor and the Special Offer!

Note: I am hiring 5 writers email me geeknews@gmail.com

Support my Show Sponsor: 5 Best Godaddy Promo Codes
30% Off on GoDaddy Products & Services cjcgeek30
$4.99 GoDaddy coupon for a New or Transferred .com domain cjcgeek99
$1.99 a month Economy Hosting with a free domain name. Promo Code: cjcgeek1h
$2.99 a month Managed WordPress Hosting with free Domain name. Promo Code: cjcgeek1w
Support the show by becoming a Geek News Central Insider

Subscribe Today: Audio | Video | Mobile Video | iTunes | Zune
Download the Show File

Follow me on Google+
Follow @geeknews on Twitter
Geek News Central Facebook Page
Purchase GNC gear from the Ohana Store!
Show Hotline 24/7 1-619-342-7365 or e-mail geeknews@gmail.com

Links to articles covered in this Podcast on the GNC Show Notes Page [Click Here]

Credits:
Jack Ellis – Executive Producer
Mike Baine – Associate Producer

Support CES 2012 Support Staff $25, $50, $100, Your Choice

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Google Podcasts | Stitcher | Blubrry | Email | TuneIn | RSS | More

Podcast (video): Play in new window | Download | Embed

Subscribe: Apple Podcasts | Google Podcasts | Email | RSS | More

Sony Issues Statement About the PlayStation Network

Hacker, Sony, , , ,

playstation network

2010 and 2011 have been rough years for Sony and for PS3 owners who use the popular PlayStation Network for online gaming.  The service has come under attack, and been taken down, on more than one occasion, and for extended time periods.  The latest attack began to hit the news yesterday, when it was learned that the service was again under attack.

Reports have ranged from DDOS attack to user account hacking, but earlier today Sony finally set the record straight about what is going on, how extensive the attack is, and what steps they are taking fix the problem.

According to Sony, the attack spanned three of their networks – the PlayStation Network, Sony Entertainment Network, and Sony Online Entertainment.  A total of approximately 93,000 users have been affected, and those accounts have now been locked by Sony.  It appears to have been a hacking attack – the perpetrators attempted to gain log-in access to accounts, and succeeded on 93,000 of them, which is actually a relatively small percentage.  At this time, Sony says that those users’ credit card data is still safe.

If you have a PSN account, even if you don’t think you were affected, I would still recommend changing your password.  Use a long password that incorporates letters, numbers, and symbols.  Although, Sony says credit information wasn’t gained, it would still be prudent to monitor you account closely and report anything that seems suspicious.

Below is full text of Sony’s announcement.

“12 October 2011

Tokyo, October 12 – Sony Network Entertainment International LLC and Sony Online Entertainment (SOE) have detected a large amount of unauthorized sign-in attempts on PlayStation®Network (PSN), Sony Entertainment Network (SEN) and Sony Online Entertainment (SOE) services. We discovered these attempts and have taken steps to mitigate the activity.

Less than one tenth of one percent of our PSN, SEN and SOE consumers may have been affected. There were approximately 93,000 accounts (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. As a preventative measure, we will be sending email notifications to these account holders and will be requiring secure password resets or informing consumers of password reset procedures.

Credit card numbers associated with these accounts are not at risk as a result of these unauthorized attempts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are continuing to investigate the extent of unauthorized activity on any of these accounts.

These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or sources. These were unauthorized attempts to verify valid user accounts on our services using very large sets of sign-in IDs and passwords. Between October 7 – 10 US Pacific Daylight Time, we confirmed that these were unauthorized attempts, and took steps to thwart this activity.

For the latest updates please visit http://blog.eu.playstation.com/

GNC-2010-11-08 #625 Back in the Saddle

Podcast, , , , , , , , , , , , , , , , , , , , , , ,

Feels good to be back in the full swing of the show. I am having a great trip here in Albuquerque and really enjoying myself, will be doing an Ohana meet up this coming Friday. If you want to come out to dinner and your in the local area drop me an email so I can pass location and time.

The following Sponsors support GNC your support of them is appreciated!
GoDaddy services saves you money, check out my Promo Codes Today.
Visit gotomeeting.com, click the try it free button & use promo code: Podcast.
Infusionsoft, leader in marketing automation software for businesses see how they can help your Business..

Subscribe Today: Audio | Video | iTunes | Zune
Download the Show File

Check me out @geeknews on Twitter
Follow me on Facebook
Geek News Central Facebook Page
My YouTube Channel
Purchase GNC gear from the Ohana Store!
Live Streams Justin.tv / Ustream.TV
Show Hotline 24/7 1-619-342-7365 or e-mail geeknews@gmail.com

Listener Links:
BackScatter Body Scanner.

Show Links:
Samsung Continuum.
Evernote for Android 2.0
IOS 4.2 IiPad Update.
Ads Ads and More Ads.
Washington Post iPad App.
Blip.TV hits 100 Million Video Views Monthly.
RockMelt Social Browser.
US Gov’t Naughty List.
Toshiba SSD for Macbook Air now Available.
Pilots told to Avoid Scanner.
Bundling Software in Danger?
Google Blocks Facebook!
Windows Phone 7 Launch and 2000 Apps.
7 Facebook Unfriending rules.
Google TV Gateway Fancast.com Blocked.
Nokia Shakes up Symbian Foundation.
Free Airborne Wifi On Google.
Hacker hits UK Navy.
Verizon to Broadcast Video on LTE?
Very Dangerous IE Bug!
IE Hack Kit For Sale.
TSA ban Toner and Ink.
Creative Commons big win in Belgium.
Patent Office gets more Screwed.
Ready for Mini Big Bangs.
Hey Best Buy Get Squared away on Roku.
Can you Fly?
48 Million iPads?
Bloglines Saved.
Limewire back from the Dead.
Boxee needs Cash.
Burglary Suspect Idiot.
Cassini Flying in Safe Mode.
Shuttle Pushes for Nov 30th Launch.
Laptops as Ovens.
Avidemux Editor.
Time Warner Look Back.
Zune Insider #93.

Send in your stories to geeknews@gmail.com and be sure to provide a link to your websites!

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Google Podcasts | Stitcher | Blubrry | Email | TuneIn | RSS | More

Podcast (video): Play in new window | Download | Embed

Subscribe: Apple Podcasts | Google Podcasts | Email | RSS | More

Major WordPress Attack Underway!

wordpress

If you are running an older version of WP version 2.8.3 or before you need to upgrade immediately. You risk having to re-install WordPress, this is a pretty major attack. If you host your blog at wordpress.com you are ok. This attack is reportedly growing by the hour.

Update:  Matt at WordPress and some remarks from Robert Scoble on how bad this Worm that is attacking older WordPress installs is!

Crux of this story here is you better have backups of your sites at all times!

GNC-2008-02-12 #347

Podcast, , , , , , , , , , , , , , ,

I have changed locations again and I am now in the greater Washington DC area and look forward to having dinner with folks in the DC area in Wed in Old Town.

Sponsors:
Special Promotion code 20% off on 1 Year Shared Hosting Plans use Godaddy Code Todd20
[Save 10% off on any order at GoDaddy.com!] Use Code Todd
[Try GoToMeeting free for 30 days at GoToMeeting.com/techpodcasts. No credit card needed.]

Twitter Me http://www.twitter.com/geeknews
My Facebook Profile
Comments to 619-342-7365 e-mail to geeknews@gmail.com

Listener Links:
Listen to the Show with This :)
Shared Bandwidth
OpenMoko

Show Notes:
User Supported Podcast
Apple OSX Updated
Artificial Energy Island
Starbucks Free WiFi
Future of Firefox
Windows Firewall (Comedy)
Android Review
3g iPhone should AT&T Bother?
YouTube Pirate Bay Video
Vista SP1 and Hackers Win
Are you a Work Maniac?
Our Internal Clocks
Brits Blow it!
Artifical Intelligence Air Traffic Controllers
Danish Pirate Bay Block Increases Traffic
Things you do not say to your Boss
DKIM to Stop Email Phishing
25 Firefox Extensions
Hadron Collider
Internet Advertising Climbs 27%
Microsoft responds to Yahoo
CNN iReport
Yahoo Shareholders
Teen Hacks iPhone Again
Yahoo + AOL
Engineer Charged with Espionage

Washington DC Meet Up on Wednesday the 13th meet between 6 and 6:30pm at King Street Blues, Old Town Address: 112 North Saint Asaph Street, Alexandria, VA 22314 (Between King and Cameron Streets) Phone: (703) 836-8800

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Google Podcasts | Stitcher | Blubrry | Email | TuneIn | RSS | More