Feeds
The Register Columnists

John Leyden

Contact Mail Follow Twitter RSS feed

Tor attack nodes RIPPED MASKS off users for 6 MONTHS

The Tor Project has warned users about a subtle attack aimed at partially uncloaking their activities on the anonymising network. The attack, which ran from late January until early July, when it was thwarted, bears hallmarks attributed to a an attack slated for description in a cancelled Black Hat conference presentation. …
John Leyden, 30 Jul 2014
australian credit cards fraud contactless

iWallet: No BONKING PLEASE, we're Apple

Apple's iWallet mobile money app could be the start of a more general trend that sees web giants such as Facebook pushing into the payment industry, according to online payment experts. iWallet would give iPhone-toting consumers the ability to pay for goods with their smartphones. It is predicted to use the firm's Touch ID …
John Leyden, 30 Jul 2014
Data breach image

Who has your credit card data? 1 million HOLIDAY-MAKERS' RECORDS exposed

A UK-based online travel firm has been fined £150,000 over a breach of breach of the Data Protection Act after their "insecure" coding reportedly exposed more than a million customer records to cybercrooks. Think W3 Limited was hacked in December 2012 in an attack that relied on what the ICO described as "insecure" coding on the …
John Leyden, 24 Jul 2014
Concert tickets Creative Commons licence by flickr user NZ Hamstar http://www.flickr.com/photos/16982169@N03/

Six charged over StubHub e-ticket heist for Elton John gigs

Six suspected cybercriminals have been indicted over their alleged involvement in a hack attack on eBay-owned ticketing website StubHub. Thieves got into more than 1,600 of StubHub customers' accounts and used their credit card details to fraudulently buy tickets for events through the online ticket reseller. The scam - reckoned …
John Leyden, 24 Jul 2014
BMW Left-turn Assistant

BMW's ConnectedDrive falls over, bosses blame upgrade snafu

BMW's ConnectedDrive car-to-mobe interface has suffered a UK-wide outage that may also affect customers in mainland Europe. A Register reader tipped us off about the problem after he found himself unable to register for ConnectedDrive since around 19 July, getting confronted by an error message instead. In response to his …
John Leyden, 24 Jul 2014
Spam image

'Unsolicited texts' outrage: Man fined £4k for DPA breach

The owner of a marketing company which allegedly sent "millions of unsolicited text messages" was prosecuted for "failing to notify the ICO of changes to his notification" at Willesden Magistrates Court last week. Jayesh Shah, of Pune, India, was fined £4,000 for a breach of the Data Protection Act, and ordered to pay costs of £ …
John Leyden, 24 Jul 2014

Android ransomware demands 12x more cash, targets English-speakers

Cybercrooks have further refined a strain of file-infecting ransomware that infects Android smartphones so that it targets English speakers and is more difficult to remove. The newest variant of Android/Simplocker displays the ransom note in English and asks for a higher ransom of $300. The latest version also encrypts a wider …
John Leyden, 23 Jul 2014

Lads from Lagos turn from 419 scams to basic malware slinging

Nigerian scammers are developing beyond 419 advance-fee fraud scams against individuals by using trojans to steal valuable information from businesses instead. Security researchers at Palo Alto Networks reports that cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously …
John Leyden, 22 Jul 2014
Lock security

Hacker claims breach of Wall Street Journal and Vice websites, punts 'user data' for sale

A hacker known for attacking news websites has claimed successful hacks against both the Wall Street Journal and Vice. An individual going under the handle "w0rm" posted screenshots in a bid to substantiate his claims of hacks against the WSJ (here) and Vice (here) before offering to sell stolen databases from both publications …
John Leyden, 22 Jul 2014
Blackmail image

Cyber scum pump ransomware at victims from spambot-stuffed websites

Miscreants have brewed up a strain of ransomware which functions like the recently dead CryptoLocker - and this one communicates using the Tor browsing anonymization network. Critroni appears geared towards exploiting a gap in the market created by a takedown operation against the CryptoLocker and Gameover ZeuS botnets back in …
John Leyden, 22 Jul 2014
Screaming kid

Secondhand Point-o-Sale terminal was horrific security midden

Second hand point-of-sale systems sold through eBay are likely to contain all sorts of sensitive information, according to the work of a security researcher at HP. HP sleuth Matt Oh bought an Aloha point-of-sale terminal on eBay for $200. This type of terminal is widely used in cash registers within the hospitality industry. …
John Leyden, 21 Jul 2014
chalk outline of  human body at crime scene

Hi-tech Fagin couple used Apple scam cash to fly pickpockets to UK

A pair of phishing fraudsters each received long jail terms after they were convicted of making £15,000 through online scams before using the funds to finance the travel of other crooks into the UK. Constanta Agrigoroaie, 23, and Radu Savoae, 28, both of Mornington Avenue, Ilford, both pleaded guilty to conspiracy to commit …
John Leyden, 18 Jul 2014
Resident Evil zombie takeover

Pushdo Trojan outbreak: 11 THOUSAND systems infected in just 24 hours

A wave of attacks by cybercrooks pushing a new variant of the resilient Pushdo Trojan has compromised more than 11,000 systems in just 24 hours. Indian PCs have been most affected by the outbreak, but systems in the UK, France and the US have also been hit, according to security software firm Bitdefender. The Romanian firm …
John Leyden, 17 Jul 2014
Photo demonstration of a wireless hotel door lock

Don't put that duffel bag full of cash in the hotel room safe

Hotel safes are far less secure than guests are led to believe. Widespread use of default codes and other issues mean that it is relatively easy for criminals to get at hotel guests' valuables, security firm G DATA warns. The input panel, in front of the safe, to enter the PIN code or swipe a card through the credit card reader …
John Leyden, 17 Jul 2014

LibreSSL RNG bug fix: What's all the forking fuss about, ask devs

A bug found and fixed in LibreSSL, the OpenSSL fork maintained by OpenBSD developers, is “catastrophic" or "overblown", depending on whom you talk to. Just days after the release of a portable version of the crypto library, a flaw was reported in LibreSSL's pseudo-random number generator – its PRNG, a vital component in strong …
John Leyden, 17 Jul 2014
smut side teaser

Crooks fling banking Trojan at Japanese smut site fans

Cybercrooks are targeting Japanese smut site aficionados with a new banking Trojan run. The Aibatook malware is targeting customers of Japanese banks who are also visitors on some of the country's most popular pornographic websites. Security researchers at anti-virus firm ESET estimated that more than 90 smut sites have been …
John Leyden, 16 Jul 2014
Version 4.0 of Google's Play store

Whoah! How many Google Play apps want to read your texts?

A security firm has criticised Android's all-or-nothing permission approach, arguing it unnecessarily creates extra privacy risks for businesses and consumers. Users are obliged to accept an entire laundry list of requested permissions before they can download an Android app. Disagreement on any point means that the software …
John Leyden, 16 Jul 2014

You don't need a HERO, you need a ZERO. From Google

Google will expand its computer security research efforts by forming a well-staffed full-time team called Project Zero. The web ad broker wants to hire the best of the best, who can find Heartbleed-grade vulnerabilities, or worse bugs, in software. It's also looking to extend its bounty program for reporting holes. Project Zero …
John Leyden, 15 Jul 2014
Max Headroom

Hamas hacks Israeli TV sat channel to broadcast pics of Gaza wounded

Gaza leaders Hamas took over an Israeli satellite channel for few minutes on Monday to broadcast pictures of Gaza wounded. Viewers who tuned into Israeli Channel 10 reported seeing images of people wounded from Israeli airstrikes on Gaza as well as propaganda messages promising more rocket strikes on Israel from Hamas' military …
John Leyden, 15 Jul 2014

British data cops: We need greater powers and more money

The UK's data privacy watchdog is lobbying for greater powers and funding after reporting a bumper workload. The latest annual report from the Information Commissioner’s Office (ICO) (PDF) reveals that the bureau responded to a record number of data protection and freedom of information complaints in the year to April 2014. The …
John Leyden, 15 Jul 2014
android malware mobile iphone

Gameover ZeuS botnet pulls dripping stake from heart, staggers back from the UNDEAD

The Gameover ZeuS malware is back from the dead just six weeks after a takedown operations that aimed to put a stake through the heart of the botnet, which is linked to the even more infamous CryptoLocker ransomware. International law enforcement acted against the crooks behind the Gameover ZeuS in early June. For the past month …
John Leyden, 14 Jul 2014
PayPal

XSS marks the spot: PayPal portal peril plugged

PayPal has plugged a potentially nasty flaw on its internal portal. The vulnerability, discovered by security analyst Benjamin Kunz Mejri of Vulnerability Laboratory, involved security shortcomings in PayPal's backend systems. More specifically, he said, it was an application-side filter bypass vulnerability in the official …
John Leyden, 14 Jul 2014
Hacker baseball cap

Another 'NSA-proof' webmail biz popped by JavaScript injection bug

German startup Tutanota has admitted its webmail service was vulnerable to a cross-site scripting bug despite boasting it offered an "NSA-proof email service." The flaw, which would have allowed attackers to inject malicious JavaScript into victims' browsers, was uncovered and reported last night by German security researcher …
John Leyden, 11 Jul 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014

FBI and pals grab banking Trojan zombielord's joystick

Law enforcement and the security business have teamed up to disrupt the operation of the Shylock banking Trojan. The UK's National Crime Agency joined forces with Europol and the FBI to take down and seize the command and control servers key to running the botnet. Law enforcement also took control of the domains Shylock uses for …
John Leyden, 11 Jul 2014

Adobe Flash: The most INSECURE program on a UK user's PC

Adobe Flash Player was the most insecure program installed on UK computer users PCs throughout the second quarter of 2014, according to stats from vulnerability management firm Secunia. Nearly seven in 10 (69 per cent) UK PC users were found to have an end-of-life version of Adobe Flash Player 13 installed during Q2 2014. Users …
John Leyden, 10 Jul 2014
Silent Circle email

Silent Circle takes on Skype, Viber, mobile telcos with crypto-VoIP

Silent Circle has launched a global encrypted IP voice calling service that will go up against over-the-top services Skype and Viber, among others. The idea here, however, is that it will feature a way to communicate privately. It's more bad news for mobile carriers, which are already beating off roaming-revenue pinchers in the …
John Leyden, 10 Jul 2014
snowden SXSW

Snowden seeks Russian asylum extension

NSA whistleblower Edward Snowden has asked Russia to extend his temporary asylum for a further year. The former National Security Agency contractor is applying to extend his leave to remain in ‪Russia‬ beyond 31 July, when his existing one-year permit runs out, according to his lawyer, Anatoly Kucherena. "We have submitted …
John Leyden, 09 Jul 2014
Senator Joe McCarthy, of "Reds under the bed" infamy

Snowden leaks latest: NSA, FBI g-men spied on Muslim-American chiefs

New documents from whistleblower Edward Snowden confirm that the NSA and the FBI spy on Muslim-American leaders, including Republican Party politicians and military veterans. The Intercept reports that the Feds are using tactics and techniques intended for catching terrorists and spies to monitor the email accounts of prominent …
John Leyden, 09 Jul 2014
PCS with a red X in front of them

ATTACK of the Windows ZOMBIES on point-of-sale terminals

Security watchers have spotted a fresh Windows-based botnet that attempts to hack into point-of-sale systems. Cyber threat intelligence firm IntelCrawler reports that the “@-Brt” project surfaced in May through underground cybercrime forums. The malware can be used to brute-force point-of-sale systems and associated networks, …
John Leyden, 09 Jul 2014

China's 'Deep Panda' crew targets Middle East policy wonks - report

A group of China-based cyber spies have begun targeting national security think tanks, initially targeting analysts focusing on the Asia-Pacific region before switching their focus to Iraq. Infosec threat intelligence firm CrowdStrike warns that a group it dubs Deep Panda has begun targeting think tanks, particularly those …
John Leyden, 08 Jul 2014

Panic like it's 1999: Microsoft Office macro viruses are BACK

Macro viruses involving infected Word and Excel files were a plague in the late 1990s. Yet, like grunge music, the genre fell into decline as techniques and technologies moved on. More recently macro viruses have staged something of a revival, thanks to social-engineering trickery. Windows executable malware has dominated macro …
John Leyden, 08 Jul 2014
Prison window

Computing student jailed after failing to hand over crypto keys

A computer science student accused of hacking offences has been jailed for six months for failing to hand over his encryption passwords, which he had been urged to do in "the interests of national security". Christopher Wilson, 22, of Mitford Close, Washington, Tyne and Wear, was jailed for refusing to hand over his computer …
John Leyden, 08 Jul 2014
Li-Fi D-Light

Fridge hacked. Car hacked. Next up, your LIGHT BULBS

Those convinced that the emerging Internet of Things (IoT) will become a hackers' playground were given more grist for their mill with news on Friday that security researchers have discovered a weakness in Wi-Fi/mesh networked lightbulbs. Researchers at Context Information Security discovered that LED light bulbs from …
John Leyden, 07 Jul 2014

German spy agency staffer spied for NSA during gov probe into NSA spying – report

A German intelligence agency staffer has been arrested after allegedly being caught spying on behalf on the US, according to reports by German newspapers. The country's Federal Prosecutor's office has confirmed that a man had been arrested on suspicion of being a foreign spy, but gave no further details. According to reports in …
John Leyden, 07 Jul 2014

'Spy-proof' IM launched: Aims to offer anonymity to whistleblowers

Security experts have teamed up to created a stealthy internet messenger client designed especially for whistleblowers. The ‪invisible.im project promises an instant messenger that leaves no trace‬. The team behind the project include Metasploit Founder HD Moore and noted infosec and opsec experts The Grugq. That's the infosec …
John Leyden, 04 Jul 2014
Random numbers

Crypto thwarts TINY MINORITY of Feds' snooping efforts

US government court-sanctioned wiretaps were sometimes defeated by encryption, according to official figures on law enforcement eavesdropping released this week. State police were unable to circumvent the encryption used by criminal suspects in nine cases last year, while plain text was recovered in 32 of 41 cases where use of …
John Leyden, 04 Jul 2014

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014
Blasphemous Password

You CAN'T bust into our login app's password vault, insists Roboform

Password management company RoboForm has tweaked how the mobile version of its password manager works in response to criticism by a security expert. Yet the firm rejects further criticisms that its technology might easily be circumvented. IT security contractor Paul Moore discovered a pair of what he argues are potentially …
John Leyden, 03 Jul 2014
Evil Android

Oh SNAP! Old-school '80s Unix hack to smack OSX, iOS, Red Hat?

Unix-based systems, as used worldwide by sysadmins and cloud providers alike, could be hijacked by hackers abusing a hard-coded vuln that allows them to inject arbitrary commands into shell scripts executed by high-privilege users. A class of vulnerabilities involving so-called wildcards allows a user to affect shell commands …
John Leyden, 03 Jul 2014
bug

Secluded HijackRAT: Monster mobile malware multitool from HELL

Cybercrooks have brewed up a malicious Android app that bundles a raft of banking fraud tricks into a single strain of mobile malware. The Secluded HijackRAT is banking trojan that packs together new and previously unseen tricks, according to net security firm FireEye. The mobile nasty combines private data theft, banking …
John Leyden, 03 Jul 2014

Cybercrooks breed SELF-CLONING MUTANT that STEALS your BANK DETAILS

Cybercrooks have put together a botnet client which bundles in worm-like functionality that gives it the potential to spread quickly. Seculert warns that the latest version of the Cridex (AKA Geodo) information stealing Trojan includes a self-spreading infection method. Infected PCs in the botnet download a secondary strain of …
John Leyden, 02 Jul 2014

New NSA boss plays down impact of Snowden leaks

Incoming NSA chief Admiral Michael Rogers has played down the impact of the Snowden revelations on the spy agency's work. Former NSA director, General Keith Alexander, described the Snowden leaks as one of the worst breaches in intelligence history. UK spy agency bosses at GCHQ and MI6 told a Parliamentary inquiry back in …
John Leyden, 01 Jul 2014

Iraq civil war: You can fight with an AK-47 ... or a HOME-COOKED Trojan

Iraq's bloody civil war has spilled over onto the internet, notes a researcher that has spotted a large increase in cyber-espionage tools and other forms of malware. Members of the Islamic State of Iraq and al-Sham (ISIS) group have made extensive use of social media to spread slickly produced propaganda as an accompaniment to …
John Leyden, 01 Jul 2014
snowden SXSW

Remaining Snowden docs will be released to avert 'unspecified US war' – ‪Cryptome‬

All the remaining Snowden documents will be released next month, according t‪o‬ whistle-blowing site ‪Cryptome, which said in a tweet that the release of the info by unnamed third parties would be necessary to head off an unnamed "war".‬ ‪Cryptome‬ said it would "aid and abet" the release of "57K to 1.7M" new documents that had …
John Leyden, 30 Jun 2014
DDoS image

London teen charged over Spamhaus mega-DDoS attacks

An unnamed London teenager has been charged with a series of criminal offences following a series of denial-of-service attacks against internet exchanges and the Spamhaus anti-spam service last year. The 17-year-old male from London was charged on Friday and faces computer misuse, fraud and money-laundering offences at a hearing …
John Leyden, 30 Jun 2014

Yet another WordPress vuln: Image furtler plugin lets BADNESS in

Self-hosted installations of WordPress are at risk of attack following the disclosure of a vulnerability in a widely used plugin for the blogging software-cum-website CMS. The vulnerable TimThumb plugin is used by many blogs to easily resize images. However a zero-day vulnerability in the Webshot function of TimThumb (2.8.13 - …
John Leyden, 27 Jun 2014
Evil Android

Android SMS worm punts dodgy downloads... from your MATES

Internet ne'er-do-wells have put together a strain of Android malware that spreads like a email worm rather than acting like a conventional trojan. Selfmite spreads by automatically sending a text message to contacts in the infected phone’s address book. Theses SMS messages contain a URL that redirects to the malware: ‘Dear [ …
John Leyden, 27 Jun 2014
Puss considers how to respond to PayPal marketing overtures

Average chump in 'bank' phone scam is STUNG for £10,000 - study

UK consumers have lost more than £21m to "social engineering" scams where fraudsters impersonated bank employees and tech support since the beginning of the year, according to GetSafeOnline. A range of tactics including phishing emails, fraudulent phone calls asking for personal or financial information or phone calls from …
John Leyden, 26 Jun 2014
Google Glass

Freeze, Glasshole! Stop spying on me at the ATM

Google Glass wearers can snoop on passcodes and other sensitive information with only a passing glance, according to a proof-of-concept demo by security researchers. Researchers from the University of Massachusetts Lowell were able to use video streams from wearables like Google Glass and the Samsung smartwatch to capture four- …
John Leyden, 26 Jun 2014