Within the last few hours, thousands of Twitter accounts have been involuntarily posting links and advertisements for acai berries. And while acai berries are an excellent source of antioxidants and vitamins, and are available for purchase with a simple click of the mouse (we’ve been hacked!); the source of these ads is much more nefarious, and stems back to the Gawker security breach we mentioned yesterday.

Read More →

virusIn recent years, hackers have increasingly targeted law firms and public relations companies in an attempt to steal their clients’ sensitive information. The hackers are using a sophisticated e-mail scheme that breaks into the company’s computer network and steals data often linked to overseas clients. As a result, the FBI has issued warnings towards the rising amount of computer hacks that have been occurring in law firms. Apparently it was a trend that started as early as two years ago but it has grown dramatically since then. The hackers are using a system known as “spear fishing,” which uses a personalized spam e-mails that can slip through common defenses.

“Law firms have a tremendous concentration of really critical, private information,” said Bradford Bleier, unit chief with the FBI’s cyber division. Infiltrating those computer systems, he said, “is a really optimal way to obtain economic, personal and personal security related information.”

Alan Paller, Director of Research at SANS Institute, a computer-security organization, stated that the hackers going after law firms often target companies that are negotiating a major international deal concerning anything from seeking a patent on a sensitive new technology to opening a plant in another country. While opening a “spear fishing” e-mail itself does not pose a danger, they often contain links or attachments that when opened will infiltrate the network or install malicious programs. The FBI warned that the attachments or links can appear to be anything from a photo to an executable program. The FBI also warns that while hackers used to work in solidarity, they are now working in transnational criminal organizations which pose a bigger threat to businesses.

(Via CW 14)

Read More →

hacked-computer-june081Since the dawn of computers, people have been worried about the viruses and hackers. Now there are companies specifically dedicated to preventing these hackers and viruses from affecting our computers. One report however, says that they aren’t doing nearly enough. SANS Institute states that the cybersecurity community is facing an epidemic of unpatched software especially with applications like Adobe, Flash, Java, and Microsoft.

The report found that exploitable bugs in those applications are often unpatched for long periods of time.

Read More →

hackers_cartoonsThere are dozens of websites online dedicated to making life difficult for your ex-boyfriend or girlfriend. But for Elaine Cioni that wasn’t enough. When Cioni found out that her already married husband had other girlfriends she went to Yourhackerz.com to help get a better look into his personal life.

For only $100 Yourhackerz.com provided Cioni with the password to her boyfriends AOL account, and then she continued to pay for his wife’s password as well as the password for at least one other girlfriend and even his two children. All of the victims had no idea what was happening. Cioni went even further, making harassing phone calls to her boyfriend and his wife using a “spoofer” service to disguise her voice. Cioni was prosecuted and is now serving a 15 month sentence.

But even though a suspicious girlfriend like Cioni is now behind bars, websites like Yourhackerz.com are still up and running and they present great risks towards computer safety. What is worse is that government officials say that there is not much that they can do about it. With e-mail quickly becoming the easiest way to communicate with people around the world it is scary to know that anyone can pay $100 bucks and hack into your account.  So what can you do to protect yourself? Always make sure your Internet Security software is updated, be wary of downloading attachments from strangers, and restrain yourself from clicking on suspicious links.

(Via The Washington Post)

Read More →

eyeimWith the recent release of Mac’s Snow Leopard and the upcoming Windows 7, it’s  only natural that hackers gave their viruses an upgrade as well. According to security company RSA, the Zeus trojan virus now employs the use of instant messaging. After the Zeus trojan has gotten a hold of someone’s account, a hacker will automatically receive an instant message notifying him that that his hack was successful.

Once installed on a PC, the Zeus virus sends the hacker the user’s log-in information and passwords. Then a module, that can be applied to the virus, can search for information specifically concerning financial institutions. A security company called Damballa estimates that the number of PCs that have been infected with the virus are currently at around 3.6 million,  making the Zeus Trojan one of the most aggressive invasive malware viruses around.

Read More →

twitter_hack3As social networking sites like Facebook and Twitter become more popular with the public, they also become more popular with internet hackers. Recent studies conducted by Breach Security showed that social networking sites were responsible for at least 19% of internet hack attacks in 2009. Just last week, an employee of  Arbor networks, Jose Nazario, discovered an attempt by attackers to use Twitter as a command and control to send instructions to infected computers. Twitter messages are being used to send out new download links, which in turn downloads a password-stealing Trojan known as Infostealer.Bancos.

Aside from Trojan, a popular malware installing virus called Koobface worm continues to wreak havoc on Facebook. A report from Kaspersky Lab shows that these malware attacks are ten times more effective than those sent through email. The important lesson to be learned here is that attackers are going to follow more users as these social network sites continue to grow rapidly. This provides serious risks for users who share too much of their private details out on these sites. Posting information such as home addresses, exact locations, and even telephone numbers are not the smartest things to do when site defenses are potentially so weak.

Read More →

fbitacticalThe U.S. Department of Justice announced on Monday that Albert Gonzalez along with two others were being indicted for five new corporate data breaches, aside from his most famous escapade: the infamous TJ Maxx breech that affected 94 million accounts. Gonzalez, indicted in 2008, is the supposed ring leader of a cybercrime enterprise that was able to steal around 170 credit and debit card numbers from companies such as Heartland Payment Systems, Hannaford Brothers Co., and even 7-Eleven. Gonzalez and his cohorts targeted Fortune 500 companies by finding physical and virtual weaknesses within the organizations to exploit.

Investigators were left asking, how did he do it? Gonzalez’ approach was simple. He would first identify point of sale machines and upload information to create a hacking platform. He would then launch a SQL-injection attack on the system using instant messages to relay his discoveries to his partners in crime. Using malware and sniffers they were able to absorb the credit card numbers with relative ease. They avoided detection by using intermediary, or “proxy,” computers and testing their malware against twenty of the leading anti-virus products. While none of these tactics solicit technological genius, it was more than enough to exploit the weak defenses these powerful companies had.

Read More →

wifipaintThe next time you are in your room, typing in your personal diary on your computer and think that you are alone–don’t be so sure.

The quiet stillness is welcomed by your neighbors who are following your every key stroke, searching through your old files, and placing their feet in your footsteps while going unnoticed.  WiFi internet connections are extremely easy to trace and even easier to hack into, making everything on your computer vulnerable and naked to be seen by the world.  By using secure passwords the attempts of hackers can be deflected but not for long.

Read More →

Cyber spying is no longer the work of movie fiction. Recently, a Canadian research security group has discovered a network of spies called GhostNet which were linked to government computers. It has infiltrated over 1,000 computers in more than 100 countries. These cyber spies gained information through spyware installed on computers of politicians, diplomats, and journalists. Targets included the Associated Press and the Dalai Lama.

Read More →