Crime Doesn't Pay In the End...
A ring of hackers who ripped off 40 million credit card numbers has been charged. The case may go on the record books as the largest hacking and identity theft case in history. In all eleven individuals were charged with hacking the records of nine major retailers.
The charges were issued in a Boston court and included conspiracy, computer
intrusion, fraud and identity theft. The hackers’ modus operandi was to gain
access to the networks and then to install "sniffer" programs to
collect customers' credit card numbers, as the retailers processed credit and
Even more sinister, the ring sold information to criminal entities in the U.S.
and in Eastern Europe. These entities used it to make fake cards complete with
magnetic strips, which could be used to clean out the customers' bank accounts
from ATM machines. Security experts were sympathetic but blame users for
failing to check their bank records.
The retailers hit were TJX Companies, BJ's Wholesale Club, OfficeMax, Boston
Market, Barnes and Noble, Sports Authority, Forever 21, and DSW.
Students at the Sonoma State University are being taught how to write viruses.
The syllabus, which reads like a thinly veiled attack against security kingpins
McAfee, Symantec and their ilk who made close to $5B USD in revenue last year,
encourages students to learn to write destructive viruses and then use that
knowledge to develop independent security efforts.
Led by their Professor George Ledin, a Venezuelan who came to the U.S. after
initially studying biology, the students delve into the darker side of
computing. Some students create keystroke monitors, others make programs
to spam synthetic message boards. Professor Ledin says security these
days is a thuggish business akin to cryptography in the 70s and 80s.
However, not everyone agrees with his "the truth will set you free"
philosophy and many of the antivirus firms are furious at him for creating what
they say will become a legion of hackers.
Fake Flash Player Hits CNN.com, and Many More
In a complex attack, hackers first sent users spam email with links to what
looked like CNN.com news feeds. However when users go to the site and
click on the news "stories" they get a message saying their flash
player is incorrectly installed. While some savvy users decided to click
"cancel", the clever hackers broke their will by trapping them in an
endless loop. Clicking "cancel" would yield a warning that the
site would not display without the update, and clicking through the warning
would bring the original message back up.
When the weary users finally accepted the update they instead get a piece of
malware, which phones home to a central server, which installs loads more
malware. Over a 140 million bogus emails were sent in the last 2
days. Also over 1,000 pages had been hacked to be used to display the
links. A Denver-based security company MX Logic Inc. helped to discover
the attack and is investigating its origins.
Security Expert To RIAA: MAC Address != IPs
In the latest RIAA case, Zomba v. Does 1-11, the record industry's
draconian enforcer was dealt
another blow. A security expert called upon in the case, said that
MAC addresses could not be tied to IP addresses accurately, as some MAC
addresses have multiple users. The case is part of the RIAA's campaign to
crack down on uncooperative colleges. It was filed against Tuft's
University for its DHCP systems which "were not designed to facilitate
Massive DNS Vulnerability Compromises Virtually Any Site Email, Quickly
Saving the best (or worst) for last, Dan Kaminsky of Seattle-based security
consultant IOActive Inc. at the Black Hat hacker conference in Las Vegas gave
details on Wednesday of how an attack
on the DNS servers, which direct internet traffic by name, via a
vulnerability he discovered could be used to compromise the entire internet.
The vulnerability had already been exploited by some. Texan hackers had
used the link to hack the DNS servers to send some Google.com users to a fake
Google page, which used Google's search, but automatically clicked the links on
the page hundreds of times, earning the hackers a big payday.
Many email servers were also susceptible to the DNS vulnerability.
Kaminsky said this would allow the attacker to put themselves between the
sender and the receiver, allowing them to peruse their email. Hackers can
use this features to help them retrieve user passwords sent by email, a common
practice among a broad variety of sites, even
Following the announcement Microsoft Corp., Cisco Systems Inc., Sun
Microsystems Inc. and others quickly issued patches, though some internet
providers have held off on fixing the problem, putting internet users at risk.
That's all for this time. Please travel
here for the last edition of the Security Post.