Feeds
The Register Columnists

John Leyden

Contact Mail Follow Twitter RSS feed
An alternative Yahoo! logo, courtesy of a Flickr user

Malware! tainted! ads! infect! thousands! of! Yahoo! users!

Thousands of Yahoo! users have been exposed to malware through malicious advertisements over the past few days, according to research by Dutch security firm Fox-IT. Malware-tainted ads served from ads.yahoo.com were shown to victims in Romania, Great Britain and France, infecting tens of thousands every hour. The first infection …
John Leyden, 06 Jan 2014
A shiny new cash point

Planning to rob a Windows ATM? Ditch the sledgehammer and bring a USB STICK

Cash machines have been emptied using USB sticks in a series of real world attacks that hark back to exploits first demonstrated by security researcher Barnaby Jack three years ago. Crybercrooks have created a strain of malware that creates a backdoor on compromised ATMs using a bootable USB stick. The crooks cut a hole into the …
John Leyden, 06 Jan 2014

FireEye buys outfit that lifted the lid on Chinese cyber-espionage

Threat prevention firm FireEye has acquired privately held net security firm Mandiant. The cash and shares deal, announced Monday, is valued at around $1bn. Mandiant is best known for its landmark study into the Chinese APT1 hacking crew last year, which exposed the organisation's tactics and evidence of its links to the Chinese …
John Leyden, 03 Jan 2014
balaclava_thief_burglar

Slovenian jailed for creating code behind 12 MILLION strong 'Mariposa' botnet army

A Slovenian virus writer who created an infamous strain of malware used to infect an estimated 12 million computers worldwide has been jailed for almost five years. Matjaž Škorjanc (who operated under the handle Iserdo) was sentenced by a Slovenian court for writing the code used to create the infamous Mariposa botnet. The …
John Leyden, 03 Jan 2014

CryptoLocker creeps lure victims with fake Adobe, Microsoft activation codes

Miscreants have brewed up a variant of the infamous CryptoLocker ransomware that uses worm-like features to spread across removable drives. The recently discovered CRILOCK-A variant can spread more easily than previous forms of CryptoLocker. The latest nasty is also notable because it comes under previously unseen guises - such …
John Leyden, 02 Jan 2014
Snapchat logo

Snapchat: In 'theory' you could hack... Oh CRAP is that 4.6 MILLION users' details?

Hackers claim to have lifted millions of Snapchat usernames and phone numbers, apparently taking advantage of a vulnerability that the messaging service last week dismissed as mostly theoretical. A partially redacted database of 4.6 million usernames and phone numbers (minus two digits) - purportedly of Snapchat users - have …
John Leyden, 02 Jan 2014
Red Dead Redemption

We don't need no STEENKIN' exploit brokers: Let's FLATTEN all bug bounties

Security watchers are proposing the introduction of "flat rate" bug bounties by software vendors to try to stop vulnerability researchers from flogging off flaws to exploit brokers or on the black market. They believe that the current situation is bad for security, and means that vulns often end up in the hands of criminals – or …
John Leyden, 23 Dec 2013

Worried OpenSSL uses NSA-tainted crypto? This BUG has got your back

As fears grow that US and UK spies have deliberately hamstrung key components in today's encryption systems, users of OpenSSL can certainly relax about one thing. It has been revealed that the cryptography toolkit – used by reams of software from web browsers for HTTPS to SSH for secure terminals – is not using the discredited …
John Leyden, 20 Dec 2013

Code-busters lift RSA keys simply by listening to the noises a computer makes

Computer scientists have shown how it might be possible to capture RSA decryption keys using the sounds emitted by a computer while it runs decryption routines. The clever acoustic attack was developed by Adi Shamir (the "S" in RSA) of the Weizmann Institute of Science along with research colleagues Daniel Genkin and Eran Tromer …
John Leyden, 19 Dec 2013
balaclava_thief_burglar

Casino DDoS duo caged for five years after blackmail buyout threat

A pair of cyber-extortionists who attempted to blackmail a Manchester-based online casino with threats of unleashing a debilitating denial of service attack have been jailed for five years and four months. Piotr Smirnow, 31, of Tawerny, Warsaw, Poland, and Patryk Surmacki, 35, of Szezecin, Poland, pleaded guilty at Manchester …
John Leyden, 19 Dec 2013

First China banned Bitcoin. Now its crooks are using malware to steal traders' wallets

Cybercrooks have developed a strain of malware that actively targets BTC China and other Bitcoin exchanges. A Zeus P2P/Gameover variant discovered by Trusteer is designed to steal the passwords of traders in the virtual currency. A blog post by the IBM-owned transaction security firm (extract below) explains that the malware is …
John Leyden, 19 Dec 2013
2001: A Space Odyssey

Macbook webcams CAN spy on you - and you simply CAN'T TELL

Security researchers have confirmed that MacBook webcams can spy on their users without the warning light being activated. Apple computers have a “hardware interlock” between the camera and the light that is supposed to ensure the camera can't be activated without alerting the user by lighting a tell-tale LED above the screen. …
John Leyden, 19 Dec 2013
David Miranda and Glenn Greenwald

Soghoian & Greenwald tell EU bigwigs: Fight state snooping on mobe networks NOW

Politicians and regulators in Europe need to decide whether they want a secure mobile phone system or something their own police agencies - as well as spy agencies in the US, China and elsewhere - are able to easily tap into, according to a renowned security and privacy expert. Christopher Soghoian, principal technologist of the …
John Leyden, 19 Dec 2013
Monty Python's singing Vikings

Oi, bank manager. Only you've got my email address - where're these TROJANS coming from?

Santander customers are continuing to complain about receiving trojans and other junk to email addresses exclusively used with the bank. The reports began last month, prompting promises of an investigation by Santander. It's still unclear whether email addresses leaked from the bank or one of its affiliates. Independent experts …
John Leyden, 19 Dec 2013
Fingerprints in glorious technicolour

$1,000 BOUNTY offered for FINGERPRINTS of a GLOBAL SPY CHIEF

Privacy campaigner Simon Davies is offering a $1,000 bounty for the capture of the DNA and fingerprints of spy chiefs. The 21st century treasure hunt offers a $1,000 cash windfall for anyone who supplies the Privacy Surgeon site run by Davies with an item – such as a drinking glass – with the DNA and fingerprints of any senior …
John Leyden, 18 Dec 2013
First text

UK payday loaners cop MEGA £175K fine for 'misleading' SMS spam

A UK-based payday loans firm has received a £175,000 fine after it was found to have sent millions of spam text messages that provoked thousands of complaints. First Financial violated The Privacy and Electronic Communications Regulations governing electronic marketing by sending SMS messages without consent. The messages …
John Leyden, 17 Dec 2013

Android nasty sends your texts to CHINA

Security researchers have discovered an Android botnet that masquerades as a benign settings app for carrying out administrative tasks on mobile devices. Once authorised by the user, the malicious app surreptitiously steals SMS messages from the infected device and emails them to a command-and-control (C&C) infrastructure hosted …
John Leyden, 17 Dec 2013

Bogus Firefox add-on FORCES WITLESS USERS to join vuln-hunting party

Cybercrooks have brewed up a botnet that uses a bogus Firefox add-on to scan the web for hackable websites. The so-called Advanced Power botnet runs SQL injection attacks on websites visited from infected machines. The malware, disguised as a legitimate add-on for Mozilla Firefox, found its way onto 12,500 systems, reports …
John Leyden, 17 Dec 2013
Evil Android

Android antivirus apps CAN'T kill nasties on sight like normal AV - and that's Google's fault

Android users expecting Windows levels of performance from Android-specific antivirus packages are likely to be disappointed because only Google can automatically delete dodgy apps on Android devices, say malware experts. Anti-malware bods agree that antivirus programs on Android can’t remove viruses automatically, meaning that …
John Leyden, 17 Dec 2013

Security guru Bruce Schneier to leave employer BT

Noted security guru Bruce Schneier, who has spent a great deal of energy publicly analysing the Edward Snowden leaks into the activities of the NSA and allied spy agencies, is to leave UK telco BT. A spokesman for BT said: “We can confirm that Bruce Schneier, BT’s security futurologist, is leaving BT at the end of December 2013 …
John Leyden, 16 Dec 2013
Bitcoins

Apple fanbois warned: No, Cupertino HASN'T built a Bitcoin mining function into Macs

The denizens of internet horror-forum 4chan have come up with a hoax designed to trick Mac fans into deleting all the files on their machines by running commands supposedly needed to turn on hidden Bitcoin mining features. Apple's so-called secret mining feature, which 4channers claim has been present in Macs since 2009, can be …
John Leyden, 13 Dec 2013
balaclava_thief_burglar

Cardslurping kingpin caged for 18 years over Carderplanet forum

A Ukrainian national who co-founded the infamous cybercrime marketplace CarderPlanet has been jailed for 18 years following a lengthy US legal process that ran for more than a decade. Roman Vega, 49, eventually pleaded guilty in 2009 to conspiracy to commit money laundering and access device fraud offences – but he was only …
John Leyden, 13 Dec 2013

Cryptolocker copycat ransomware emerges – but an antidote is possible

Hot on the tail of devilish Cryptolocker comes a copycat software nasty that holds victim's files to ransom – but the newcomer's encryption is potentially breakable, we're told. Security startup IntelCrawler claims a "large-scale distribution" of the new so-called Locker malware began earlier this month. Locker, once it has …
John Leyden, 13 Dec 2013

Cops cuff 4 in £1m banking fraud malware case

Four people have been arrested and £80,000 in cash seized as part of a Met Police investigation into the theft of an estimated £1m from UK banks using malware. Two men, both aged 31, and two women aged 24 and 27, were arrested on suspicion of conspiracy to defraud and conspiracy to launder money during raids on properties in …
John Leyden, 12 Dec 2013
Printed key

French gov used fake Google certificate to read its workers' traffic

A French government agency has been caught signing SSL certificates and impersonating Google. The bogus certificates were endorsed by the certificate authority of the French Treasury, DG Trésor. And the Treasury's own authorisation certificate was, in turn, vouched for by IGC/A (Infrastructure de Gestion de la Confiance de l' …
John Leyden, 10 Dec 2013

Malware+pr0n surge follows police op to kill illicit streaming sites

City of London Police are claiming credit for the suspension of 40 ad-funded websites that provided unauthorised access to copyright-protected content – but may have caused a rise in the number of web ads carrying malware or promoting pornography. Operation Creative has resulted in the suspension of 40 national and international …
John Leyden, 10 Dec 2013
PCS with a red X in front of them

Evil Dexter lurks in card reader, ready to SLASH UP your credit score

Cybercrooks have created an improved version of the Dexter point-of-sale malware that's being blamed for slurping the credit and debit card details of holiday shoppers. A new version of Dexter, first discovered by security researchers Seculert about a year ago, has been planted on 31 infected point-of-sale terminals, located in …
John Leyden, 10 Dec 2013
Kindle Big Brother

Oi, Obama. Rein your spooks in, demands web giants' alliance

Eight web heavyweights have banded together to call on the US and other governments to rein in indiscriminate surveillance by state security agencies. AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo are asking for a general reform of government surveillance laws and practices because the "balance in many …
John Leyden, 09 Dec 2013

PayPal 13 plead guilty to launching DDoS attacks

Thirteen US defendants last week pleaded guilty to taking part in attacks by Anonymous against PayPal. The US Department of Justice (DoJ) said the accused had all admitted to carrying out a Distributed Denial of Service (DDoS) cyber-attack against PayPal in December 2010 in protest against the payment processing firm's decision …
John Leyden, 09 Dec 2013
Shot of the new radiation sign

Mexican Cobalt-60 robbers are DEAD MEN, say authorities

Mexican troops have recovered a stolen shipment of radioactive Cobalt-60 isotope, abandoned by truck thieves who face the risk of a slow lingering death from radiation poisoning. A truck carrying a substantial quantity of the radioactive isotope Cobalt-60 from a hospital in Tijuana to a waste centre was robbed by armed bandits …
John Leyden, 06 Dec 2013
Zombie cloud

Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt

Microsoft has teamed up with the FBI to launch a renewed attempt to disrupt the operations of the infamous ZeroAccess botnet. ZeroAccess is responsible for infecting over two million computers, specifically targeting search results as part of a click-fraud scam that Redmond estimates is costing online advertisers $2.7m a month. …
John Leyden, 06 Dec 2013

Fiendish CryptoLocker ransomware survives hacktivists' takedown

An attempt by security researchers to take down command and control nodes associated with the infamous CryptoLocker malware appears to have been unsuccessful in its ultimate aim of putting the Bitcoin-hungry crooks behind the scam out of business. Activists from the group Malware Must Die put together a list of scores of domains …
John Leyden, 06 Dec 2013
world cup camera phone compo winner

Decent chance of your team winning the World Cup? You'll probably want to watch it

People who live in World Cup 2014 host country Brazil and supporters of bookie's favourite Germany are most active in searching for World Cup tickets, according stats from event ticketing website Ticketbis. Brazil is the country with the highest number of entries in Google searches since July, with nearly half-a-million hits. …
John Leyden, 06 Dec 2013

Microsoft: C'mon, you can trust us... look at our gov spook-busting plans

Microsoft has detailed a three-pronged plan to encrypt customer data, improve transparency and fight harder in the courts not to have to hand over your data. The new plan is designed to restore customer trust after revelations of government snooping. Microsoft has been stung into action by in the wake of documents leaked by …
John Leyden, 05 Dec 2013

Hear that? It's the sound of BadBIOS wannabe chatting over air gaps

Computer scientists have brewed up prototype malware that's capable of communicating across air gaps using inaudible sounds. The mesh network capable of covertly communicating without wireless or wired connections was developed by Michael Hanspach and Michael Goetz. It borrows its founding principles from established systems for …
John Leyden, 05 Dec 2013

Microsoft: Anonymous hacktivists DDoSed us? Really?

Microsoft has denied it was affected in any way by a claimed attack against its systems by elements of the rag-tag hacktivist collective Anonymous. In a post to Pastebin last week, an individual claiming affiliation to Anonymous boasted that a DDoS attack against Japanese Microsoft (domain) websites and servers on or around 23 …
John Leyden, 05 Dec 2013
Dead Rising 2

Must try HARDER, infosec lads: We're RUBBISH at killing ZOMBIES

Botnet takedowns need to be improved if the industry is to avoid the risk of creating more problems than it solves every time its decapitates a zombie network, according to a former Scotland Yard detective turned security researcher. Adrian Culley, a technical consultant at infosec firm Damballa* who served with the Met Police …
John Leyden, 04 Dec 2013

Your browser may be up to date: But what about the PLUGINS?

Two in five (39 per cent) of computers submitted for testing to a free browser security test from Qualys were affected by critical vulnerabilities, mostly related to browser plug-ins. The findings, based on 1.4 million BrowserCheck computer scans, paint a picture of e-commerce buyers left wide open to attacks by cybercriminals …
John Leyden, 02 Dec 2013

Referee and two others charged in FA hacking probe

Three people from the Manchester area have been charged over allegations they hacked into computer systems at English football governing body, the FA. Dean Mohareb, 30, of Weybourne Drive, Woodley, Stockport has been charged with perverting the course of justice and unauthorised access to computer data. Liam Cliff, 19, of …
John Leyden, 29 Nov 2013
Night scene of bank station in central london

Blighty's top moneymen: Hackers are SLURPING CASH direct from banks

Several UK banks have suffered actual financial losses as a result of cyber-attacks in the last six months, according to a Bank of England study. The Bank of England’s latest Financial Stability Report, published on Thursday, reiterates warnings about the risk posed by hacking attacks made six months ago when Andrew Haldane, the …
John Leyden, 29 Nov 2013
IT Crowd. Source: Channel 4 / 2entertain

Fancy knocking off early? Just run our fake computer crash 'virus', say admen

A jokey US ad agency recruitment campaign encouraged users to stage fake computer crashes so that they might be able to ditch work early. The Happy Hour virus from Colorado admen TDA_Boulder came with a series of screensavers that allowed users to claim they were unable to work because their machines had gone wrong, creating a …
John Leyden, 29 Nov 2013
balaclava_thief_burglar

'Neverquest' bank-robber 'ware throws the whole Trick Book at victims

A new banking trojan that its creators brag can attack “any bank in any country” has already been blamed for several thousand attempts to infect computers. The Neverquest banking trojan supports almost every trick used to bypass online banking security systems, including web injection, remote system access and social engineering …
John Leyden, 29 Nov 2013

Think unpatched Win XP hole's not a big deal? Hope you trust your local users

An unpatched vulnerability in Windows XP and Windows Server 2003 creates a means for hackers to gain admin rights on vulnerable Windows XP machines, Microsoft warned on Wednesday. The zero-day local privilege escalation vulnerability is not suitable for remote code execution but might allow a standard user account to execute …
John Leyden, 28 Nov 2013

You have a Skype voicemail. PSYCHE! It's just some fiendish Trojan-flinging spam

A spam run of fake Skype voicemail alert emails actually comes packed with malware, a UK police agency warns. Action Fraud said the zip file attachments come contaminated with a variant of the notorious ZeuS banking Trojan. Messages typically come with the subject line “You received a new message from Skype voicemail service”. …
John Leyden, 28 Nov 2013
snoopy

Google: YouTube fights off HUGE ASCII PHALLUS MENACE

The integration of YouTube comments with Google Plus has led to a new wave of obscene comment spam and more junk, Google has admitted. The search engine giant has pledged to stick by the new comment system, introduced earlier this month, while fighting, er, harder to eradicate new nuisances such as ASCII penis art and link …
John Leyden, 28 Nov 2013
GCHQ Benhall doughnut aerial view

GCHQ was called in to crack password in Watkins child abuse case

It was operatives at British intelligence agency GCHQ who cracked the password on the laptop of "determined paedophile" Ian Watkins, a court heard on Tuesday. The evidence heard in court related to child abuse images held in cloud storage, whose password the GCHQ unit had to "crack" to gain access to them. Ian Watkins, 36, from …
John Leyden, 27 Nov 2013
Twitter girl

NSA spied on 'radicalisers' porn surfing so as to discredit them, reveals Snowden

The NSA spied on the porn-surfing habits of firebrand Muslims as part of a plan to discredit "radicalisers", it has emerged. A top-secret NSA document, leaked by fugitive whistleblower Edward Snowden, identifies six Muslim targets as examples of how personal proclivities determined through electronic surveillance can be used to …
John Leyden, 27 Nov 2013
European Union Flag

European Parliament reports HACK ATTACK, turns off public Wi-Fi

The European Parliament has disabled its public Wi-Fi network following the detection of a suspected hacking attack which has been linked to the exposure of weak security practices at the institution by a French media outlet. The private network of the European institution is thought to be secure but techies are advising users …
John Leyden, 26 Nov 2013

These lucky people get paid to play CYBER WAR GAMES

Some lucky infosec professionals will be taking part in a cyber war game designed to test the readiness of NATO countries to respond to "large scale cyber attacks targeting information infrastructures" in the pretty city of Tartu in Estonia. Cyber Coalition 2013, a three-day exercise which starts today, will involve staff from …
John Leyden, 26 Nov 2013

Angela Merkel's phone was being listened in on by FIVE foreign powers

German chancellor Angela Merkel's mobile was wire-tapped by at least five foreign intelligence agencies, unnamed German security officials have told Focus magazine. The bugging of the premier's BlackBerry by the US provoked an international diplomatic incident and a promise by the Obama administration to lay off in future. But …
John Leyden, 26 Nov 2013