Feeds
The Register Columnists

John Leyden

Contact Mail Follow Twitter RSS feed

Snowden leak: GCHQ DDoSed Anonymous & LulzSec's chatrooms

British intelligence ran denial-of-service attacks against chatrooms used by Anonymous and LulzSec, according to an investigation by NBC News involving Snowden confidante Glenn Greenwald. Documents leaked by the NSA whistleblower record how a GCHQ unit known as the Joint Threat Research Intelligence Group, or JTRIG, used a …
John Leyden, 05 Feb 2014
Muscular man stripping off his shirt

Russian gay dating app dev: We've been BLOCKED just DAYS before Winter Olympics

A mobile dating app which is popular among Russia's gay community has reportedly been hacked and blocked in the country just days before the Black Sea coastal town of Sochi plays host to the Winter Olympics. Russian users of Hunters, a hook-up app that's similar to Grindr, were also sent threats that a controversial new Russian …
John Leyden, 05 Feb 2014
Iphone_hard_case

Put down that iPad! Snoopware RECORDS your EVERY gesture, TAP on iOS, Android

A security researcher has developed a proof-of-concept malware capable of capturing the actions of users on touchscreen devices. Senior security consultant Neal Hindocha and his colleagues at Trustwave were able to brew up similar strains of prototype malicious code for both rooted Android and jailbroken iOS devices. The line of …
John Leyden, 05 Feb 2014

Hacktivists dish out DNS hijack to PayPal, eBay

Surfers visiting the eBay and PayPal UK websites were redirected to defacement pages instead following a DNS hack for which the Syrian Electronic Army has claimed responsibility. The hijacking of surfers instigated by the pro-Assad hacktivists only persisted for a short period over the weekend before normality was restored. The …
John Leyden, 03 Feb 2014

Pr0n-optimised Icepol Trojan's servers seized by Romanian cops

Romanian police have seized servers associated with the Icepol ransomware scam, effectively taking down the pervasive threat for now. The Icepol Trojan extorted victims who downloaded it by sending prospective marks a fake message from local police accusing them of downloading copyrighted material or illegal pornography. The …
John Leyden, 03 Feb 2014
chewbacca

ChewBacca point-of-sale keylogger SLURPS your CREDIT CARD data

Point-of-sale malware dubbed ChewBacca has hit dozens of small retailers in 11 countries as far apart as the US, Russia, Canada and Australia. Researchers at RSA Security have put the ChewBacca Trojan under microscope revealing much more information about a strain of malware targeted at retailers that, whilst not new for …
John Leyden, 31 Jan 2014
Dialog box displayed by Android 4.2 when it spots potential malware

The TRUTH about LEAKY, STALKING, SPYING smartphone applications

More than a third of smartphone apps can track user location, according to a study based on an analysis of more than 800,000 Android applications. Analysis of 836,021 Play Store Android applications by net security firm BitDefender also revealed that more than one in 20 (5 per cent) of Android smartphone apps can locate and open …
John Leyden, 31 Jan 2014
Resident Evil zombie takeover

Multi-platform Java bot marshals ZOMBIE FORCE against spammers

Miscreants have brewed a multi-platform strain of malware capable of infecting Windows, Mac OS and Linux PCs. The evil bot, which surfaced in early January, was written entirely in Java and designed to take advantage of the CVE-2013-2465 vulnerability (a Java flaw patched by Oracle last June) to infect victims. The malware - …
John Leyden, 30 Jan 2014

Security 101 fail: 3G/4G modems expose control panels to hackers

Vulnerabilities in a number of 3G and 4G USB modems can be exploited to steal login credentials – or rack up victims' mobile bills by sending text messages to premium-rate numbers – a security researcher warns. Andreas Lindh claims that all the devices he has looked at so far are managed via their built-in web servers and – you …
John Leyden, 30 Jan 2014
Angry Birds Rio

Angry anti-NSA hackers pwn Angry Birds site after GCHQ data slurp

Anti-NSA hackers defaced ‪Rovio's official Angry Birds website ‬on Tuesday night as a reprisal against revelations that GCHQ and the NSA were feasting on data leaked from the popular smartphone game. Spying Birds: Angry Birds defaced by irritated hackers. Angrybirds.com became "Spying Birds" as a result of the defacement (Zone …
John Leyden, 29 Jan 2014

Trojan-laden FileZilla clone slurps data, sends it to the UNKNOWN

Cybercrooks have put together a malicious version of popular FTP app FileZilla which works just like the real thing but surreptitiously passes login information to a hacker-controlled server. The evil twin version has the same look and feel as the genuine programme and is clearly designed to mask its suspicious activities, such …
John Leyden, 29 Jan 2014
Facebook

Facebook app now reads your smartphone's text messages? THE TRUTH

Facebook's updated Android app can read text messages on the user's smartphone. The tweaked software now demands access to SMS and MMS messages, and the change was spotted yesterday by blogger Tony Calileo. "This is just one of a bunch of new permissions the app is requesting for this update, but it's probably the most alarming …
John Leyden, 29 Jan 2014

Sync'n'steal: Hackers brew Android-targeting Windows malware

Internet Igors have stitched together the first strain of Windows malware that can hop over and infect Android smartphones and tablets. The Droidpak mobile banking trojan exploits syncing between smartphones and Windows PCs to jump from a compromised PC onto an Android device. The Windows Trojan downloads a malicious .APK file …
John Leyden, 27 Jan 2014
balaclava_thief_burglar

1.1 MILLION customers' credit card data was swiped in Neiman Marcus breach

US luxury retailer Neiman Marcus has confirmed that details from 1.1 million customers' cards were stolen in a recently detected high-profile breach. Card details were lifted after hackers successfully planted malware on payment systems over a period that ran between 18 July and 30 October last year, far earlier than previously …
John Leyden, 24 Jan 2014

Facebook coughs up $33.5k... its BIGGEST bug bounty EVER

Facebook has awarded its highest bug bounty to date after the discovery of a vuln which could have been used to spray Facebookers with drive-by download-style malware exploits. Brazilian web security researcher Reginaldo Silva earned $33,500 for giving the social network a heads-up about an XML external entity vulnerability …
John Leyden, 24 Jan 2014
Targeted Spam

Spam drops as legit biz dumps mass email ads: Only the dodgy remain

Spam email was down in volume last year, but junk mail messages still comprise two in three items of electronic communication sent over the interwebs. Kaspersky Lab reports the portion of spam in email flows was as high as 69.6 per cent in 2013 – which is 2.5 percentage points lower than 2012. The biggest sources of spam were …
John Leyden, 24 Jan 2014

Ex-NSA guru builds $4m encrypted email biz - but its nemesis right now is control-C, control-V

A security startup founded by a former NSA bod has launched an encrypted email and privacy service, aimed initially at ordinary folks. The ongoing revelations of PRISM and other US-led internet dragnets, fueled by leaks from whistleblower Edward Snowden, may render the premise of upstart Virtru laughable. However, that would be …
John Leyden, 24 Jan 2014
Q and Bond, Skyfall

Spies spy: CrowdStrike report says cyberspooks are EVERYWHERE

CrowdStrike has confirmed that governments across the world are spying on everyone online with a new report on cyber-espionage. A year-long study by the security intelligence firm has identified more than 50 groups of cyber threat actors, blaming groups in China, Iran, Russia, North Korea, and Syria for high profile attacks. …
John Leyden, 23 Jan 2014

When ZOMBIES go shopping: 40m Target customer breach? That's NOTHING!

Malware linked to fraud in the retail sector may be a bigger problem than even the recent revelation about the compromise of systems US retailer Target suggests. Shopping giant Target and luxury retailer Neiman Marcus both announced significant data breaches during the 2013 holiday shopping season. The Target breach at least …
John Leyden, 23 Jan 2014

Korean credit card bosses offer to RESIGN over huge data breach

An IT contractor has been arrested over the theft of credit card and personal details of 20 million South Koreans. Investigators allege an IT worker at the Korea Credit Bureau copied names, social security numbers and credit card details of millions onto a USB stick before flogging them to a marketing firm. He has been charged …
John Leyden, 22 Jan 2014
DNS? It's a real bind

DNS poisoning slams web traffic from millions in China into the wrong hole

A widespread DNS outage hit China on Tuesday‪, leaving millions of surfers adrift.‬ DNS issues in China between 7am and 9am GMT left millions of domains inaccessible. Two-thirds of China’s DNS (Domain Name System) infrastructure was blighted by the incident, which stemmed from a cache poisoning attack. Chinese netizens were …
John Leyden, 21 Jan 2014

Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

Startup Shape Security is re-appropriating a favourite tactic of malware writers in developing a technology to protect websites against automated hacking attacks. Trojan authors commonly obfuscate their code to frustrate reverse engineers at security firms. The former staffers from Google, VMWare and Mozilla (among others) have …
John Leyden, 21 Jan 2014

Don't be a DDoS dummy: Patch your NTP servers, plead infosec bods

Security researchers have responded to recent denial of service attacks against gaming websites and service providers that rely on insecure Network Time Protocol servers by drawing up a list of vulnerable systems. Network Time Protocol (NTP) offers a means of synchronising clocks over a computer network. Features of the simple …
John Leyden, 21 Jan 2014
EE 4G banner

EE BrightBox routers can be hacked 'by simple copy/paste operation'

BrightBox routers supplied by UK telco EE as standard kit to its broadband and fibre customers are riddled with security shortcomings that make the devices hackable, a UK security researcher warns. Scott Helme warns that security vulnerabilities expose WPA encryption keys, passwords and ISP user credentials. Hackers might also …
John Leyden, 20 Jan 2014
The Ultima Tool Chest's fridge

Cybercrooks slide fingers into TELLIES+FRIDGES, spam splurge ensues

Miscreants have launched an Internet of Things-based cyberattack involving household "smart" appliances. The global spam distribution campaign involved more than 750,000 malicious email communications coming from more than 100,000 everyday consumer gadgets. Items such as home-networking routers, connected multi-media centres, …
John Leyden, 17 Jan 2014

International child abuse webcam ring smashed after routine police check

A routine visit to a registered sex offender in Northamptonshire has led to the uncovering of a global child abuse ring. An organised crime group centred in the Philippines arranged for children to be sexually abused live on webcam in exchange for payment. Some of the facilitators were reportedly members of the children’s own …
John Leyden, 17 Jan 2014

KPMG cuts its funding for UK.gov's Cyber Security Challenge

KPMG is cutting back on its sponsorship of the UK government-backed Cyber Security Challenge after concluding the puzzle-based focus of the competition is failing to attract the right kind of potential recruits into the infosec profession. Senior security staff at the professional services firm told Computing that it was scaling …
John Leyden, 17 Jan 2014
padlock

Clink! Terrorist jailed for refusing to tell police his encryption password

A convicted terrorist will serve additional time in jail after he was found guilty of refusing to supply police with the password for a memory stick that they could not crack. Syed Farhan Hussain, 22, from Luton, was handed a four-month sentence at the Old Bailey on Tuesday after a jury took just 19 minutes to deliver the guilty …
John Leyden, 16 Jan 2014

Time-rich hacking crew scrawls web graffiti all over poor old .ME

Hackers have defaced more than 3,000 .me websites in a web graffiti attack carried out on Sunday. Pakistani defacement crew TeaM MaDLeeTs pulled off the attack after breaking into the systems of domain.ME, the organisation responsible for the registration of Montenegro (.me) domain names. Surfers visiting any one of 3,110 …
John Leyden, 16 Jan 2014
Syrian Electronic Army threat tweet

HACKLASH! Syrian Electronic Army's website hacked by angry rivals

The notorious hacktivists of the Syrian Electronic Army have received an unwelcome dose of their own medicine, after their official website was defaced by a Turkish hacking crew. TurkGuvenligi compromised the Syrian Electronic Army’s official sea.sy website after the pro-Assad group’s hosting firm was breached. It's unclear …
John Leyden, 15 Jan 2014

Cyberspies blast Icefog into US targets' backdoors

Miscreants behind a cyberespionage campaign have changed their methods to take advantage of Java-based malware. The Icefog APT (advanced persistent threat), discovered in September 2013, continues to be a problem, this time utilising a Java backdoor, according to the latest analysis of the threat by security researchers at …
John Leyden, 15 Jan 2014
Monk tech support

Even 'Your computer has a virus' cold-call gits are migrating off XP

Tech support scammers have begun targeting smartphone and tablet users with offers to fix non-existent problems – for exorbitant fees. Cold call scams that attempt to hoodwink marks into paying for useless remote diagnostic and cleanup services have been a popular scam for years. Victims are often encouraged to sign up to multi- …
John Leyden, 15 Jan 2014

Target hackers: Woohoo, we're rich! Um. Guys? Anyone know how to break bank encryption?

Underground cybercriminals are attempting to decrypt a 50GB dump of encrypted debit card PINs that security watchers reckon were lifted during last year's high profile breach against retail giant Target. Security intelligence firm IntelCrawler reports that a miscreant claiming to be in possession of 50GB of PIN data secured with …
John Leyden, 14 Jan 2014
Cloud security

Use strong passwords and install antivirus, mmkay? UK.gov pushes awareness campaign

The UK government has launched a new campaign aimed at changing attitudes to online security among consumers and small businesses, dubbed Cyber Streetwise. Cyber Streetwise is urging people to take five actions in order to protect themselves and others from cyber crime: Use strong, memorable passwords Install anti-virus …
John Leyden, 14 Jan 2014
Neiman Marcus Massachusetts HQ: pearlescent gold and silver building surrounded by lush plants against a blue sky.

Hackers slurp credit card details from US luxury retailer Neiman Marcus

Upmarket US department store Neiman Marcus has been hit by hackers who broke into systems before lifting an as-yet-unspecified number of credit and debit card details. Neiman Marcus confirmed a security breach in a series of updates to its official Twitter account and apologised, without detailing the extent of the problem or …
John Leyden, 13 Jan 2014
Dropbox IOS

Dropbox outage was caused by 'buggy' upgrade: DDoS us? You hardly know us...

Pranksters latched onto an outage at Dropbox on Friday to push false rumours of a politically motivated hack. A group calling itself 1775Sec claimed that it had taken advantage of a vulnerability to knock out the widely used sync-and-share service. These claims were reported by sections of the media over the weekend. Dropbox …
John Leyden, 13 Jan 2014
anonymousCARTOON

Sabu wasn't the only FBI mole in LulzSec, suggest leaked docs

Leaked search warrants suggest Sabu wasn't the only LulzSec hacker who helped the FBI take down the infamous hacktivist group. The unredacted search warrants for ‪Sabu‬ and ‪LulzSec‬ refer to involvement of three different informants in the investigation, at least two of whom it is implied were members of the organisation. …
John Leyden, 10 Jan 2014
The NSA Unchained

Europe MPs: Time to change our data-sharing policy with US firms

A European Parliament report has condemned dragnet surveillance programmes by the NSA and the UK's GCHQ, suggesting the schemes are motivated by political and economic espionage as well as the stated counter-terrorism objective. A draft report of the EU Parliament's Civil Liberties Committee, which has held a series of high …
John Leyden, 10 Jan 2014
Prison window

Prison Locker: A load of überhyped malware FUD over... internet chatter

An underground advert seeking help in developing a file-encrypting ransomware kit that might be sold for just $100 a go sparked something of a panic on the interwebs this week. But security watchers are yet to see any samples of the so-called Prison Locker ransomware, leading at least two security firms to characterise the …
John Leyden, 10 Jan 2014
padlock

Well done for flicking always-on crypto switch, Yahoo! Now here's what you SHOULD have done

Yahoo has followed the lead of Google and Microsoft and enabled HTTPS encryption by default for all Yahoo! Mail users. HTTPS by default safeguards privacy over an unsecured internet connection such as a public Wi-Fi network in a cafe or an airport. Done properly the technology also safeguards against state-backed snooping …
John Leyden, 09 Jan 2014
balaclava_thief_burglar

Prez Bush email hacker Guccifer is BACK: A-list celebs' inboxes 'raided'

A webmail hacker called Guccifer – most famous for raiding the email inboxes of former US president George H W Bush's family – has been exceptional busy of late. Crime news website The Smoking Gun reports that Guccifer has handed over a cache of documents – which, we're told, reveal that he broke into the private email accounts …
John Leyden, 08 Jan 2014
Tony Blair closes the RSA 2012 conference

Infosec experts boycott RSA conflab over alleged 'secret' NSA contract

More security researchers are boycotting next month's US edition of the RSA Conference in protest against an alleged "secret deal" the company is said to have struck with the National Security Agency. Last month Reuters reported that the NSA "secretly paid" RSA Security $10m in return for making the Dual_EC_DRBG random number …
John Leyden, 08 Jan 2014

Campaign to kick NSA man from crypto standards group fails

National Security Agency employee Kevin Igoe is to keep his position on the panel of an influential internet standards working group, the powers-that-be decided last weekend. Igoe, who co-chairs the Internet Research Task Force's Crypto Forum Research Group (CFRG), had been accused by those campaigning for his removal of pushing …
John Leyden, 08 Jan 2014

ATM hacker Barnaby Jack's death blamed on accidental drug overdose

An accidental drug overdose caused the untimely death of elite hacker Barnaby Jack, an autopsy has concluded. Jack, who was famed for demonstrating cash machine hacks live on stage in Las Vegas and later highlighted the insecurity of smart medical devices, was found dead at home in San Francisco last July days before he was due …
John Leyden, 07 Jan 2014
John McAfee

Intel ditches McAfee brand: 'THANK GOD' shouts McAfee the man

Intel has announced plans to phase out the infamous McAfee anti-virus brand over the next year in favour of a new Intel Security brand. The re-branding will begin immediately, but the transition will take up to a year before it is complete with the introduction of new versions of security software products from the technology …
John Leyden, 07 Jan 2014

Steam and Origin gamers knocked offline by SEPARATE DDoS attacks

Valve's online gaming platform Steam and Electronic Arts' Origin were hit by separate DDoS attacks over the weekend. An assault by a crew calling themselves DerpTrolling left EA Origin's online systems intermittently unavailable for around 24 hours while a separate attack knocked steam offline for around an hour on Friday. …
John Leyden, 06 Jan 2014

Post-BT crypto guru Schneier gets new gig at startup

Famed cryptographer and security guru Bruce Schneier has moved on from his seven years at BT. Just one month later, he has accepted the role of CTO at incident response startup Co3 Systems. Schneier left BT last month following a seven-year association with the telco giant by mutual consent. Both parties were keen to stress that …
John Leyden, 06 Jan 2014
An alternative Yahoo! logo, courtesy of a Flickr user

Malware! tainted! ads! infect! thousands! of! Yahoo! users!

Thousands of Yahoo! users have been exposed to malware through malicious advertisements over the past few days, according to research by Dutch security firm Fox-IT. Malware-tainted ads served from ads.yahoo.com were shown to victims in Romania, Great Britain and France, infecting tens of thousands every hour. The first infection …
John Leyden, 06 Jan 2014
A shiny new cash point

Planning to rob a Windows ATM? Ditch the sledgehammer and bring a USB STICK

Cash machines have been emptied using USB sticks in a series of real world attacks that hark back to exploits first demonstrated by security researcher Barnaby Jack three years ago. Crybercrooks have created a strain of malware that creates a backdoor on compromised ATMs using a bootable USB stick. The crooks cut a hole into the …
John Leyden, 06 Jan 2014

FireEye buys outfit that lifted the lid on Chinese cyber-espionage

Threat prevention firm FireEye has acquired privately held net security firm Mandiant. The cash and shares deal, announced Monday, is valued at around $1bn. Mandiant is best known for its landmark study into the Chinese APT1 hacking crew last year, which exposed the organisation's tactics and evidence of its links to the Chinese …
John Leyden, 03 Jan 2014