Tag Archives: Hacker

Europol Announced the Arrest of Two Ransomware Hackers



Eurpol announced in a press release that a coordinated strike between several law enforcement agencies resulted in the arrest in Ukraine of “two prolific ransomware operators known for their extortionate demands (between €5 and €70 million)”.

The law enforcement groups involved included the French National Gendarmerie, the Ukranian National Police Force, and the United States Federal Bureau of Investigation, with the coordination of Europol and INTERPOL.

According to Europol, the results of this included: 2 arrests and 7 property searches; seizure of US $375,000 in cash; seizure of two luxury vehicles worth €217,000 and asset freezing of $1.3 million in cryptocurrencies.

From the Europol press release:

The organized crime group is suspected of having committed a string of targeted attacks against very large industrial groups in Europe and North America from April 2020 onwards. The criminals would deploy malware and steal sensitive data from these companies, before encrypting they files.

They would then proceed to offer a decryption key in return for a ransom payment of several millions of euros, threatening to leak the stolen data on the dark web should their demands not be met.

The Record reported the arrests of the two members of a ransomware gang took place on September 28, in Kyiv, Ukraine’s capital. Of the two suspects who were arrested, one is a 25-year-old believed to be a crucial member of a large ransomware operation.

The names of the two suspects who were arrested have not been released. The Record reported that officials declined to name the suspect’s affiliation to any particular ransomware gang, citing an ongoing investigation. That information came from a Europol spokesperson.

It seems to me that this investigation is just beginning, and that Europol (and the rest of the assisting law enforcement agencies) are intending to continue their efforts. If the agencies are able to determine who else was involved in these crimes, I hope that those people face whatever legal consequences are appropriate.


272 million emails and passwords leaked from Gmail, Hotmail and more



It seems that not a day goes by without some security news, usually in the form of a breach. There have been some big ones too, from Target to Home Depot, as well as online ones, including the embarrassing Ashley Madison one.

Now we have the latest news, and it’s up there with the largest in history. 272 million emails and passwords from the likes of Gmail, Hotmail and others have been leaked.

Before you panic too much, realize that the data obtained consisted largely of data that had been seen before. Hold Security, which broke this news, claims that “Only 0.45 percent is new, meaning that only 1 out of 200 credentials are ones we have never seen before”.

The hacker was simply trying to unload the data and contacted the security firm asking only 50 rubles, which is less than $1 US. Not wanting to contribute anything to this cause the Hold Security company negotiated and received the information for free.

Hold claims “When we peel back the layers and dig deeper, we find that the hacker is holding something back from us. Within several days of communication and after a couple more strategically timed votes on his social media pages, he shared more useful information. At the end, this kid from a small town in Russia collected an incredible 1.17 Billion stolen credentials from numerous breaches that we are still working on identifying. 272 million of those credentials turned out to be unique, which in turn, translated to 42.5 million credentials — 15 percent of the total, that we have never seen before”.

Yes, this has the potential to be very bad, but right now we just don’t know. We also don’t know why the hacker was trying to unload it so quickly and then ended up giving it away. Stay tuned as this unfolds.


Two Million Passwords Stolen by Hackers



Trustwave logoOn November 24, 2013, researchers at Trustwave discovered that hackers have obtained up to 2 million passwords for websites like Facebook, Google, Yahoo!, Twitter (and others). Researchers learned this after digging into source code from Pony bonnet. It appears that information about this has only been made public very recently.

Here’s some quick stats about some of the domains from which the passwords were stolen:

* Facebook – 318,121 (or 57%)
* Yahoo! – 60,000
* Google Accounts – 54,437
* Twitter – 21,708
* Google.com – 16,095
* LinkedIn – 8,490
* ADP (a payroll provider) – 7,978

In total, Pony botnet stole credentials for: 1.58 million websites, 320,000 email accounts, 41,000 FTB accounts, 3,000 remote desktops, and 3,000 secure shell accounts.

According to Trustwave, around 16,000 accounts used the password “123456”, 2,221 used “password” and 1,991 used “admin”. Now is a good time to go change your passwords into something strong and secure.

Doing so won’t make it entirely impossible for hackers to crack it, but it could make it more difficult. Trustwave noted that only 5% of the 2 million passwords that were stolen had excellent passwords (meaning the passwords had all four character types and were longer than 8 characters).


Twitter banning Bit.ly, other URL Shortners on Direct Messages (DM)



Twitter logoToday I was trying to send a direct message to a friend. Included was a bit.ly link to a page I needed him to see. For some reason, Twitter kept saying there was an error and cannot send the DM. After checking his page to make sure he was still following me and sending a couple test DMs successfully, I realized the problem was the bit.ly link.

I did a search and found that indeed – Twitter was blocking DMs with bit.ly links. They found many different links could not be sent via DMs. CBS.com was one of those who were blocked by Twitter DMs.

Of course, this is because of Twitter allowing n0n-followers to DM people. You have to opt-in to the option, but with this you can get messages from many different people.

The Twitter error Message Needs to Be Fixed

So direct messaging with a link could come back saying the person might not be following you. That could be totally confusing – especially if you know they are. I almost chalked it up as a twitter database error but decided to check and see if there was any changes.

The only advantage of allowing non-followers to DM is if your Twitter account is a corporate one or you have over 10,000 followers and don’t want to follow them all back.

The Problem with Blocking Bit.ly – the Mask-Around

Spammers are smart and/or intuitive. Instead of using bit.ly, they’ll use another system that gets around the twitter issue. Twitter might then block that, but in the meantime, you don’t see a bit.ly link – you see a My.website link. Give a spammer/hacker 2-3 days with an $8 /year website domain and they could make enough to buy another $8 domain and start the process over again.

Of course this is a very common problem with url shorteners. Tiny URL added spam block and virus protect tools shortly after they started. Bit.ly also has some preventative measures (using companies like Sophos, Verisign, Websense and more). Still, they are not responsible for 3rd party content using their links.

Bottom Line – Don’t click on unknown links

Usually bad links start with “Hey, is this you” or “I got a way you can make money” which really translates to “I got a way for ME to make money using you”. If you choose to opt-in to letting anyone DM you, keep in mind you will get spam in your message box. If you don’t feel confident you can sniff out the good from bad, then simply don’t check the box.


SpyEye hacker extradited to the U.S.



bigstock-Computer-Hacker-in-suit-and-ti-31750772

The United States has had little luck with landing Kim Dotcom or Julian Assange, but it has managed to grab a hacker. Hamza Bendelladj, known online as Bx1 is an Algerian hacker who was captured and extradited from Thailand. He was arrested back in January while moving through the Bangkok airport on his way from Malaysia.

Bendelladj stands accused of hijacking customer accounts at more than 200 financial institutions using the SpyEye program. Alleged totals of more than 100 million USD over the past five years have been indicated. SpyEye allowed the attacker to alter web pages displayed in a person’s web browser and trick them into entering personal data.

Variants of both SpyEye and Zeus have been used by criminals to automate the process of transferring money.  Bendelladj faces 23 charges from a 2011 indictment. He arrived in Atlanta on Thursday and was arraigned on Friday. He faces up to 30 years in prison and as much as a 14 million USD fine. Security researcher Brian Krebs has posted a PDF of the indictment on his site.

Image: Computer Hacker by BigStock


GNC-2011-10-24 #716 Back to Basics



Back to basics on this show and, I tighten up the timeline. Lots of tech as always and a huge number of comments have come in pre-show… Today I try pulling unique articles from Google+. Hope you like the new sources.

Support my Show Sponsor: 5 Best Godaddy Promo Codes
30% Off on GoDaddy Products & Services cjcgeek30
$4.99 GoDaddy coupon for a New or Transferred .com domain cjcgeek99
$2.99 a month Economy Hosting with a free domain name. Promo Code: cjcgeek1h
$2.99 a month Managed WordPress Hosting with free Domain name. Promo Code: cjcgeek1w
Support the show by becoming a Geek News Central Insider

Subscribe Today: Audio | Video  | Mobile Video | iTunes | Zune
Download the Show File

Follow me on Google+
Follow @geeknews on Twitter
Geek News Central Facebook Page
Purchase GNC gear from the Ohana Store!
Show Hotline 24/7 1-619-342-7365 or e-mail geeknews@gmail.com

Listener Links:
Tele-Coils
Netflix -800k
Ive versus Jobs
Jobs top Seller Amazon 2011.
Tsunami Debris & Hawaii.
Hard Drive Shortage.
Really See Through Walls.

Links to articles covered in this Podcast on the GNC Show Notes Page [Click Here]

Credits:
Jack Ellis – Executive Producer
Mike Baine – Associate Producer


YouTube Hackers Invade Sesame Street, Replace with Porn



Sesame Street
Sesame Street Logo

Sunny Day, but the streets look different…

Visitors to the iconic children’s show “Sesame Street” on YouTube got a rude awakening on Sunday. All videos were deleted, and replaced with pornographic material. The header on the front page said “Sesame Street: It’s Where Porn Lives”. YouTube took instant action and brought down the site within the hour. At this moment, the page is still offline.

The blame has been running around as Reddit has a thread, blaming a person titled “MrEdxwx” . MrEdxwx has responded with a video stating his case that he did not hack Sesame Street.

Their Facebook Page has a public apology:

We apologize for any inconvenience our audience may have experienced today on ourSesame Street YouTube channel.  Our channel was compromised and we are presently working with YouTube/Google to restore our original content. We always strive to provide age-appropriate content for our viewers and hope to resolve this problem quickly.

This article was brought to you by the letters and numbers – H4cK0r.