Feeds

Articles about Miscreants

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014
PCS with a red X in front of them

Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute

More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed. During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the …
John Leyden, 27 May 2014
Fail whale

TweetDeck XSS flap: Miscreants flash their naughty bits at users

Twitter aficionados are being warned to log out of Twitter client TweetDeck and revoke its access to their accounts after an apparent cross-site scripting vulnerability was discovered. Multiple users – including El Reg's HQ in London, England – reported on Wednesday that they had seen a suspicious pop-up within Tweetdeck that …
Jack Clark, 11 Jun 2014

MAC BOTNET uses REDDIT comments for directions

A zombie network that feasts on the computer brains of infected Macs has press-ganged 17,000 compromised machines into its ranks, Russian anti-virus firm Dr Web warns. The iWorm creates a backdoor on machines running OS X. Miscreants are using messages posted on Reddit as a navigational aid which points infected machines towards …
John Leyden, 03 Oct 2014

Bash bug flung against NAS boxes

Hackers are attempting to exploit the BASH remote code injection vulnerability against Network Attached Storage (NAS) systems. Miscreants are actively exploiting the time-to-patch window in targeting embedded devices, security firm FireEye warns. We have evidence that attackers are actively exploiting the time-to-patch window …
John Leyden, 01 Oct 2014
Chat from the #opaustralia IRC channel

Freenode IRC users told to change passwords after securo-breach

A security breach at popular, free and open source software-focused IRC network Freenode means users need to change their passwords. Freenode's IRC server was compromised and passwords were likely sniffed by unidentified hackers, prompting a warning to users that they should reset their passwords as a precaution. The security …
John Leyden, 15 Sep 2014

Cortana, remind me to patch Windows, IE, and Adobe gear next Tues

Microsoft will release eight security updates next Tuesday to squash remote-code execution bugs in Windows and Internet Explorer among other flaws. Meanwhile, Adobe will issue new versions of Acrobat and Reader for this month's Patch Tuesday. Two of the security updates from Microsoft are rated as critical because they allow …
Shaun Nichols, 09 May 2014

Queen's Speech: Computer Misuse Act to be amended, tougher sentences planned

The final session of Parliament before next year's General Election was opened by the Queen today, who told MPs and peers that the Tory-led coalition government had 15 bills tabled. There was little of note on the tech front, with two exceptions – both detailed within the Serious Crime Bill. The first is that plans are afoot to …
Kelly Fiveash, 04 Jun 2014
medical_doctor_health_channel

'Chinese crims' snatch 4.5 MILLION patient files from US hospitals

One of the largest healthcare providers in the US claims Chinese hackers ran riot through its systems between April and June this year – accessing names, addresses and social security numbers of millions of patients. But Community Health Systems (CHS) insists no medical records nor any financial data were grabbed by the …
Iain Thomson, 18 Aug 2014
The Register breaking news

MiniDuke miscreants whip out old-school tricks to spy on world+dog

A new strain of malware designed to spy on multiple government entities and institutions across the world has been discovered by anti-virus firm Kaspersky Lab. MiniDuke has infected government entities in the Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, a research institute, two think-tanks, …
John Leyden, 27 Feb 2013
Qualcomm Atheros hybrid network

Is your home or office internet gateway one of '1.2 MILLION' wide open to hijacking?

Hundreds of thousands of routers, firewalls and gateways used by small offices and homes are said to be vulnerable to hijacking due to bungled NAT settings. The networking devices are, we're told, commonly misconfigured to allow remote attackers to reprogram how network traffic flows to PCs, servers, tablets and other machines …
John Leyden, 22 Oct 2014
Hacked sarcasm

Backoff malware attacks hit 'more than 1,000 big businesses', warns US government

A Point-of-Sale malware attack that struck shipping outfit UPS has compromised the networks of a "significant" number of major businesses in the US, according to the country's Homeland Security office. The US administration's Computer Emergency Readiness Team (CERT) advised administrators and operators of PoS systems to …
Kelly Fiveash, 23 Aug 2014
Call of Duty: Black Ops 2

BLAM, BLAM, BLAM... nooooo! Hacker crew Lizard Squad spits DDoS venom on Call of Duty

Hackers from the group Lizard Squad have reneged on their promise to quit earlier this month, apparently launching distributed denial-of-service (DDoS) attacks on major gaming industry websites. After an attack on the Playstation Network in August, Lizard Squad has added two uber-popular shoot-'em-up games from Activision …
John Leyden, 23 Sep 2014
Orange Credit Card

Home Depot: 56 million bank cards pwned by malware in our tills

Home Depot today admitted 56 million bank cards are at risk after they were used in malware-infected tills. The DIY giant on Thursday revealed that a software nasty infiltrated its PC-powered registers between April and September in the US and Canada. Cards swiped through the compromised machines could be accessed by the malware …
Shaun Nichols, 18 Sep 2014
That 419 shirt artwork in full

Bank IT bod accused of stealing $40 MEEELLION from employer

If you get an email from a hapless Nigerian prince who needs a hand shifting a few million dollars, the message will no doubt wing its way into your spam folder. But should you get a plea for help from a Nigerian sysadmin, you may want to take a second look: the Nigerian government's Economic and Financial Crimes Commission ( …
Iain Thomson, 16 Sep 2014

Scammers plead guilty to $AU500k Telstra scam

Three men have pleaded guilty to an Australian court over a scam that netted them more than $AU500,000 worth of mobile phones and fondleslabs from Telstra without payment. The Victorian County Court heard the three Indian men, on temporary visas, then sent the phones back to India for re-sale. The Herald Sun says the scam …
management regulation1

Data scrapers used Amazon cloud to reap biz bods' CVs, wails LinkedIn

LinkedIn is still waging its battle against “scrapers”, who use software to automatically harvest publicly available personal information from the social network. And that fight has today wound up in a California court where the website's bosses are trying to unmask the miscreants who have reaped the site for users' employment …
cloud

ZeuS miscreants offer up honeypot

Cybercrooks are attempting to turn the tables on security researchers by setting up fake interfaces on their botnets in a bid to confuse and confound analysis. The fake honeypot tactic was brought into play by a group using a variant of the infamous Zeus crimeware toolkit. The unknown miscreants targeted quarterly federal …
John Leyden, 05 Nov 2010

Salesforce: Oh no! Dyre RATs are thirsty for our customers' logins

Salesforce has warned that miscreants are trying to infect its customers with a remote access trojan (RAT) dubbed Dyre that siphons off Salesforce.com login data. "On September 3, 2014, one of our security partners identified that the Dyre malware (also known as Dyreza), which typically targets customers of large, well-known …
Iain Thomson, 08 Sep 2014
Zombie cloud

Shoot-em-up: Sony Online Entertainment hit by 'large scale DDoS attack'

Sony is suffering a major Distributed Denial-of-Service attack on its network, the company's Online Entertainment boss confirmed today. It comes after The Register reported gripes about service wobbles on the PlayStation Network (PSN) earlier on Sunday. SOE's chief John Smedley coughed to being DDoSed in a series of tweets, …
Kelly Fiveash, 24 Aug 2014
Adobe Flash installer

Drink me: Adobe pours Flash Player bug squash

Adobe is pushing out a cross-platform security fix for a bug in its Flash Player that miscreants are already exploiting. Windows users running Adobe Flash Player 13.0.0.182 and earlier need to update it following the discovery of a zero-day attack. "Adobe is aware of reports that an exploit for CVE-2014-0515 exists in the wild …
John Leyden, 28 Apr 2014
Angry woman on mobile

AT&T to fork out less than two days' profit in bogus bill charge flap

AT&T has been ordered to cough up $105m by US trade watchdog the FTC after allowing miscreants to whack bogus charges on Americans' cellphone bills. The commission said the telco giant would be on the hook for $80m in refunds to customers, and an additional $25m in fines and penalties to settle claims that it allowed third …
Shaun Nichols, 08 Oct 2014

China is ALREADY spying on Apple iCloud users, claims watchdog

Last week Apple CEO Tim Cook was very happy that the iPhone 6 is at last going on sale in China. But it seems the Chinese government has its own plans for owners of the new device. According to censorship watchdog Greatfire.org, Chinese state hackers began staging a massive man-in-the-middle attack against Apple iCloud.com users …
Iain Thomson, 20 Oct 2014
texting while driving

Mobe-orists, beware: Stroking while driving could land you a £4k fine

Drivers who stupidly use their mobile phones while barrelling along Britain's roads could be hit with much bigger fines if measures unveiled today by the government come into force. The Ministry of Justice wants tougher financial penalties to clamp down on criminals who flout the rules: for example, motorists who use their …
Team Register, 10 Jun 2014
bug on keyboard

Cyber hostage-takers SCAMMED six times as many people last year

Malware-powered frauds that lock up victims' computers - or worse yet, encrypt files and force them to pay a fee to unlock their information - increased by 500 per cent during 2013, according to a study by Symantec. Symantec's latest global Internet Security Threat Report also revealed that targeted attack campaigns for the …
John Leyden, 09 Apr 2014

Grabby baddie scours Paddy Power's towers: 650k punters leaked and it took 4 years to admit it

Irish bookmakers Paddy Power has admitted miscreants copied from its systems more than 649,000 customer records containing personal information. The snaffled dataset contained names, usernames, addresses, email addresses, phone contact numbers, date of birth, and security question and answer pairs. The leaked data comes from …
John Leyden, 31 Jul 2014
Evil Android

Android banking apps vulnerable to cash theft by CAS hole hackers

Hackers can swipe login credentials and other sensitive data from one in 10 Android banking apps, and about six per cent of all Android apps, IBM researchers warn. Users should avoid using the vulnerable apps, which were built using Apache Cordova up to version 3.5.0, until they have been updated to squash the bug. Big Blue's …
John Leyden, 06 Aug 2014

South Korea faces $1bn bill after hackers raid national ID database

The South Korean government is considering a complete overhaul of its national identity number computer system – after hackers comprehensively ransacked it and now hold the ID codes for as much as 80 per cent of the population. Each South Korean citizen is issued with a lifetime unique ID number. This number is used in all …
Iain Thomson, 14 Oct 2014

Bad boy builds beastly Bash bug botnet, boxen battered

Mere hours after its discovery, the Shell Shock Bash vulnerability was exploited by an attacker to build a botnet. The bot was discovered by researcher known as Yinette, who reported it on her Github account and said it appeared to be remotely controlled by miscreants. Rapid 7 researcher Jen Ellis noted in a blog the discovery …
Darren Pauli, 26 Sep 2014
Spying image

New software ported from Windows to Mac! You'll never guess what. Yes, it's spyware

Miscreants have ported five-year-old spyware XSLCmd to OS X. The Windows version of the malware has been around since 2009, and the Apple Mac edition of XSLCmd shares significant portions of the same code. It can open a reverse shell to its masters, automatically transfer your documents to a remote system, install executables, …
John Leyden, 05 Sep 2014
splendourinthegrass

Moshtix admin account popped by party-pooper hipster-hating hacker

Skiddies logged into a staff account of Aussie ticketing outlet Moshtix and caused havoc for fans snapping up tix. Punters who were in line for $355 pre-sale tickets for the hippy hipster-favoured Splendour in the Grass festival in Byron Bay had a rude shock when their online checkout totals were up to 1,000 per cent more …
Darren Pauli, 09 May 2014

Running Cisco's VoIP manager? Four words you don't want to hear: 'Backdoor SSH root key'

Cisco has warned Unified Communications installations can be remotely hijacked by miscreants, thanks to a hardwired SSH private key. In an advisory, the networking giant said unauthenticated attackers can log into its Unified Communications Domain Manager (Unified CDM) software as a root-level user by exploiting a default SSH …
Shaun Nichols, 02 Jul 2014

Police pen shortage threatens Irish public order

An Irish judge has expressed concerns that a police biro shortage may pose a serious threat to public order in Limerick. According to the Irish Independent, several miscreants have been dragged before the beak for "engaging in a threatening and abusive manner" in the public office at Henry Street gardaí station as a result of …
Lester Haines, 10 Mar 2014
android malware mobile iphone

New software nasty encrypts Android PHONE files and demands a ransom

Miscreants have brewed the first file-encrypting strain of ransomware that infects Android smartphones. The malware, dubbed Android/Simplocker by ESET, scans the SD card in a handset for certain types of file, encrypts them, and demands a ransom to decrypt the data. The ransom message is written in Russian, with payment …
John Leyden, 04 Jun 2014

Panic like it's 1999: Microsoft Office macro viruses are BACK

Macro viruses involving infected Word and Excel files were a plague in the late 1990s. Yet, like grunge music, the genre fell into decline as techniques and technologies moved on. More recently macro viruses have staged something of a revival, thanks to social-engineering trickery. Windows executable malware has dominated macro …
John Leyden, 08 Jul 2014
By Luke Ford  http://www.lukeford.net/Images/photos4/071209/214.htm  Licensed under Creative Commons Attribution-Share Alike 2.5 Generic http://creativecommons.org/licenses/by-sa/2.5/deed.en

'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*

A new round of what appear to be private, naked photos of female celebrities including US television reality star Kim Kardashian have apparently been leaked online. The latest stash of pics, which seemed to include two naked selfies taken by Kardashian with a Blackberry handset, were easily accessible on Twitter late on Saturday …
Team Register, 21 Sep 2014
Blackmail image

Cyber scum pump ransomware at victims from spambot-stuffed websites

Miscreants have brewed up a strain of ransomware which functions like the recently dead CryptoLocker - and this one communicates using the Tor browsing anonymization network. Critroni appears geared towards exploiting a gap in the market created by a takedown operation against the CryptoLocker and Gameover ZeuS botnets back in …
John Leyden, 22 Jul 2014

France frostily foists flat fizz fear on ICANN's .wine plans

Wine vendors are fighting against ICANN's plans to introduce .wine and .vin top level domain names. During a packed government advisory meeting of the Internet Corporation for Assigned Names and Numbers in London on Monday morning, France's minister for digital affairs Axelle Lemaire told delegates that her country was opposed …
Kelly Fiveash, 23 Jun 2014
Android

Slapdash SSL code puts tons of top Android Play Store apps in hack peril

Sloppy programming, poor patching, and unreliable trust engines are rife within Android apps, according to a new study. In short, millions smartphone users are potentially wide open to man-in-the-middle attacks, it's claimed. Researchers at security firm FireEye went through the 1,000 most popular Android applications from the …
Iain Thomson, 21 Aug 2014
Spam image

'Unsolicited texts' outrage: Man fined £4k for DPA breach

The owner of a marketing company which allegedly sent "millions of unsolicited text messages" was prosecuted for "failing to notify the ICO of changes to his notification" at Willesden Magistrates Court last week. Jayesh Shah, of Pune, India, was fined £4,000 for a breach of the Data Protection Act, and ordered to pay costs of £ …
John Leyden, 24 Jul 2014

Satellite weather forecast: Cloudy with a chance of p0wnage

Weather predictions could be thrown into chaos if miscreants exploited a litany of dangerous and years-old holes reported in ground control for the Joint Polar Satellite System (JPSS). The flaws, of which 12,703 are considered high risk, have been detailed in a US Government audit report that examined the state of security of …
Darren Pauli, 11 Sep 2014
iCloud brute force

Apple promises iCloud security alerts, better 2FA after, er, NAKED Internet of Thingies flap

Apple plans to roll out new iCloud security alerts as well as extending its two-step authentication technology in the wake of this week's privacy flap over nude selfies of Jennifer Lawrence, Kate Upton and other celebs. Private pictures of disrobed (female) celebrities including Oscar winner Lawrence and swimwear model Upton …
John Leyden, 05 Sep 2014
Marissa Mayer working from home?

Yahoo servers? SHELLSHOCKED? by Bash?

Yahoo! said "a handful" of its servers fell to hackers who may have been trying to exploit the Shellshock vulnerability in Bash. The miscreants took control of the web servers to build a botnet out of them, it is claimed. "As soon as we became aware of the issue, we began patching our systems and have been closely monitoring …
Iain Thomson, 06 Oct 2014
Cloud security image

AWS breaks silence over Truecrypt's role in data import/export

Amazon Web Services (AWS) has issued some advice on how it uses the kept mum on whether it will dump the troubled TrueCrypt platform used to encrypt data imported and exported to its Simple Storage Service, Amazon EBS snapshots and Glacier cold storage offerings. . The popular crypto platform recently became a pariah after its …
Darren Pauli, 11 Jun 2014
Brute force

Holey? COWL! Boffins build boxes to hold sketchy JavaScript libs

Researchers have developed what they say is a new web privacy system for Google Chrome and Mozilla Firefox: we're told it blocks dodgy JavaScript code from funneling sensitive information to crooks. The Confinement with Origin Web Labels (COWL) system tries to protect websites that rely on JavaScript libraries written by third …
Iain Thomson, 07 Oct 2014
Stourport cctv image 12.03.03

Dimwit hackers use security camera DVRs as SUPER-SLOW Bitcoin-mining rig

Miscreants are using hacked digital video recorders in a somewhat misguided attempt to mine cryptocurrency BitCoins. Hackers have created custom code to infect devices normally used for recording footage from security cameras. After getting in, likely to taking advantage of weak default passwords, a common security mistake with …
John Leyden, 02 Apr 2014

A-list celebs, biz barons' privates EXPOSED in limo hire hack – report

Personal information, financial records and salacious details about 850,000 celebrities, top executives and other customers were swiped by hackers from a limo-booking software company, it is claimed. The attacked biz, said to be CorporateCarOnline based in Missouri, brokers reservations for limousines and other rental cars …
Shaun Nichols, 06 Nov 2013
Buncefield fire scene

Sorry, chaps! We didn't mean to steamroller legit No-IP users – Microsoft

Microsoft has admitted that it did disrupt a significant number of legitimate users of No-IP's dynamic DNS service, but says the problem is now sorted out. "Yesterday morning, Microsoft took steps to disrupt a cyber-attack that surreptitiously installed malware on millions of devices without their owners' knowledge through the …
Iain Thomson, 01 Jul 2014