backtop


Print 9 comment(s) - last by mridion.. on Aug 15 at 6:30 AM


DNS servers recently got "p4wn3d by h4x0r$" who redirected normal Google traffic to a fake page with a clever money making ruse. Far more dire attacks could easily be carried out, according to top security exper Mr. Kaminsky.  (Source: voicegateway.com)
The latest in security news, including a big DNS vulnerability, putting virtually all internet users at risk

Crime Doesn't Pay In the End...
A ring of hackers who ripped off 40 million credit card numbers has been charged. The case may go on the record books as the largest hacking and identity theft case in history. In all eleven individuals were charged with hacking the records of nine major retailers.

The charges were issued in a Boston court and included conspiracy, computer intrusion, fraud and identity theft. The hackers’ modus operandi was to gain access to the networks and then to install "sniffer" programs to collect customers' credit card numbers, as the retailers processed credit and debit transactions.

Even more sinister, the ring sold information to criminal entities in the U.S. and in Eastern Europe. These entities used it to make fake cards complete with magnetic strips, which could be used to clean out the customers' bank accounts from ATM machines. Security experts were sympathetic but blame users for failing to check their bank records.

The retailers hit were TJX Companies, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes and Noble, Sports Authority, Forever 21, and DSW.

Virus University

Students at the Sonoma State University are being taught how to write viruses.  The syllabus, which reads like a thinly veiled attack against security kingpins McAfee, Symantec and their ilk who made close to $5B USD in revenue last year, encourages students to learn to write destructive viruses and then use that knowledge to develop independent security efforts.

Led by their Professor George Ledin, a Venezuelan who came to the U.S. after initially studying biology, the students delve into the darker side of computing.  Some students create keystroke monitors, others make programs to spam synthetic message boards.  Professor Ledin says security these days is a thuggish business akin to cryptography in the 70s and 80s.  However, not everyone agrees with his "the truth will set you free" philosophy and many of the antivirus firms are furious at him for creating what they say will become a legion of hackers.

Fake Flash Player Hits CNN.com, and Many More
In a complex attack, hackers first sent users spam email with links to what looked like CNN.com news feeds.  However when users go to the site and click on the news "stories" they get a message saying their flash player is incorrectly installed. While some savvy users decided to click "cancel", the clever hackers broke their will by trapping them in an endless loop.  Clicking "cancel" would yield a warning that the site would not display without the update, and clicking through the warning would bring the original message back up.

When the weary users finally accepted the update they instead get a piece of malware, which phones home to a central server, which installs loads more malware.  Over a 140 million bogus emails were sent in the last 2 days.  Also over 1,000 pages had been hacked to be used to display the links.  A Denver-based security company MX Logic Inc. helped to discover the attack and is investigating its origins.

Security Expert To RIAA: MAC Address != IPs
In the latest RIAA case, Zomba v. Does 1-11, the record industry's draconian enforcer was dealt another blow.  A security expert called upon in the case, said that MAC addresses could not be tied to IP addresses accurately, as some MAC addresses have multiple users.  The case is part of the RIAA's campaign to crack down on uncooperative colleges.  It was filed against Tuft's University for its DHCP systems which "were not designed to facilitate forensic examinations."

Massive DNS Vulnerability Compromises Virtually Any Site Email, Quickly Being Patched
Saving the best (or worst) for last, Dan Kaminsky of Seattle-based security consultant IOActive Inc. at the Black Hat hacker conference in Las Vegas gave details on Wednesday of how an attack on the DNS servers, which direct internet traffic by name, via a vulnerability he discovered could be used to compromise the entire internet.

The vulnerability had already been exploited by some.  Texan hackers had used the link to hack the DNS servers to send some Google.com users to a fake Google page, which used Google's search, but automatically clicked the links on the page hundreds of times, earning the hackers a big payday.

Many email servers were also susceptible to the DNS vulnerability.  Kaminsky said this would allow the attacker to put themselves between the sender and the receiver, allowing them to peruse their email.  Hackers can use this features to help them retrieve user passwords sent by email, a common practice among a broad variety of sites, even banking sites

Following the announcement Microsoft Corp., Cisco Systems Inc., Sun Microsystems Inc. and others quickly issued patches, though some internet providers have held off on fixing the problem, putting internet users at risk.

That's all for this time.  Please travel here for the last edition of the Security Post.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

DNS vuln
By ipay on 8/7/2008 11:24:39 AM , Rating: 2
Secure yourself against the DNS vulnerability by using OpenDNS ( http://opendns.com ).




RE: DNS vuln
By Jellodyne on 8/7/2008 11:48:02 AM , Rating: 2
My company switched to OpenDNS -- one problem is that OpenDNS is doing some fishy redirects. There's a page that flashes almost inperceptibly, usually when you hit a subpage of a site that's all white and has the word 'Web' in the upper left. Then you get your regular page. Most of the time you can't even register the redirect page. But if you use your back button it doesn't work, and when you pull down your 'back' history, there's an 'OpenDNS' page in there which shouldn't be. Why are they inserting their own redirect pages into my browsing stream?


RE: DNS vuln
By ipay on 8/7/2008 11:58:14 AM , Rating: 2
OpenDNS blocks (i.e. redirects rather than resolves) lots of sites, based on content filtering categories such as phishing sites, or whatever else your admin has decided to block. It's all configurable. I very much doubt anything untoward is going on, and if there's an annoyance issue, blame your admin. I've used OpenDNS since it started and have never had a real problem with it.


RE: DNS vuln
By mridion on 8/15/2008 6:30:57 AM , Rating: 2
CNN Flash Fake
By pauldovi on 8/7/2008 9:16:35 AM , Rating: 5
That's pretty clever if you ask me.




RE: CNN Flash Fake
By GoodBytes on 8/7/2008 11:16:14 AM , Rating: 1
I already feel into sites that does that. I simply kill the web browser with the Task manager. Or simply yet, I just keep Java-script disabled.


Now Hiring
By marsbound2024 on 8/7/2008 10:16:56 AM , Rating: 1
"The latest in security news, including a big DNS vulnerability, including a DNS flaw putting virtually all internet users at risk"

Proofreaders!!!




RE: Now Hiring
By marsbound2024 on 8/7/2008 3:03:27 PM , Rating: 3
Not sure why I got rated down, but that's ok. It is abundantly obvious that DailyTech needs to proofread more often. Any respectable news organization would. Is it too much to ask for?


I wish I knew before....
By Seemonkeyscanfly on 8/7/2008 2:54:35 PM , Rating: 3
quote "The retailers hit were TJX Companies, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes and Noble, Sports Authority, Forever 21, and DSW."

There's a BJ's wholesale club? Since when can you get BJ's at wholesale prices? Where's the club? Why do people keep these things from me????




"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki