Feeds

Articles about Miscreants

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014
PCS with a red X in front of them

Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute

More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed. During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the …
John Leyden, 27 May 2014
Fail whale

TweetDeck XSS flap: Miscreants flash their naughty bits at users

Twitter aficionados are being warned to log out of Twitter client TweetDeck and revoke its access to their accounts after an apparent cross-site scripting vulnerability was discovered. Multiple users – including El Reg's HQ in London, England – reported on Wednesday that they had seen a suspicious pop-up within Tweetdeck that …
Jack Clark, 11 Jun 2014

Cortana, remind me to patch Windows, IE, and Adobe gear next Tues

Microsoft will release eight security updates next Tuesday to squash remote-code execution bugs in Windows and Internet Explorer among other flaws. Meanwhile, Adobe will issue new versions of Acrobat and Reader for this month's Patch Tuesday. Two of the security updates from Microsoft are rated as critical because they allow …
Shaun Nichols, 09 May 2014

Queen's Speech: Computer Misuse Act to be amended, tougher sentences planned

The final session of Parliament before next year's General Election was opened by the Queen today, who told MPs and peers that the Tory-led coalition government had 15 bills tabled. There was little of note on the tech front, with two exceptions – both detailed within the Serious Crime Bill. The first is that plans are afoot to …
Kelly Fiveash, 04 Jun 2014
The Register breaking news

MiniDuke miscreants whip out old-school tricks to spy on world+dog

A new strain of malware designed to spy on multiple government entities and institutions across the world has been discovered by anti-virus firm Kaspersky Lab. MiniDuke has infected government entities in the Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, a research institute, two think-tanks, …
John Leyden, 27 Feb 2013

Scammers plead guilty to $AU500k Telstra scam

Three men have pleaded guilty to an Australian court over a scam that netted them more than $AU500,000 worth of mobile phones and fondleslabs from Telstra without payment. The Victorian County Court heard the three Indian men, on temporary visas, then sent the phones back to India for re-sale. The Herald Sun says the scam …
management regulation1

Data scrapers used Amazon cloud to reap biz bods' CVs, wails LinkedIn

LinkedIn is still waging its battle against “scrapers”, who use software to automatically harvest publicly available personal information from the social network. And that fight has today wound up in a California court where the website's bosses are trying to unmask the miscreants who have reaped the site for users' employment …
Adobe Flash installer

Drink me: Adobe pours Flash Player bug squash

Adobe is pushing out a cross-platform security fix for a bug in its Flash Player that miscreants are already exploiting. Windows users running Adobe Flash Player 13.0.0.182 and earlier need to update it following the discovery of a zero-day attack. "Adobe is aware of reports that an exploit for CVE-2014-0515 exists in the wild …
John Leyden, 28 Apr 2014
texting while driving

Mobe-orists, beware: Stroking while driving could land you a £4k fine

Drivers who stupidly use their mobile phones while barrelling along Britain's roads could be hit with much bigger fines if measures unveiled today by the government come into force. The Ministry of Justice wants tougher financial penalties to clamp down on criminals who flout the rules: for example, motorists who use their …
Team Register, 10 Jun 2014
bug on keyboard

Cyber hostage-takers SCAMMED six times as many people last year

Malware-powered frauds that lock up victims' computers - or worse yet, encrypt files and force them to pay a fee to unlock their information - increased by 500 per cent during 2013, according to a study by Symantec. Symantec's latest global Internet Security Threat Report also revealed that targeted attack campaigns for the …
John Leyden, 09 Apr 2014
cloud

ZeuS miscreants offer up honeypot

Cybercrooks are attempting to turn the tables on security researchers by setting up fake interfaces on their botnets in a bid to confuse and confound analysis. The fake honeypot tactic was brought into play by a group using a variant of the infamous Zeus crimeware toolkit. The unknown miscreants targeted quarterly federal …
John Leyden, 05 Nov 2010

Running Cisco's VoIP manager? Four words you don't want to hear: 'Backdoor SSH root key'

Cisco has warned Unified Communications installations can be remotely hijacked by miscreants, thanks to a hardwired SSH private key. In an advisory, the networking giant said unauthenticated attackers can log into its Unified Communications Domain Manager (Unified CDM) software as a root-level user by exploiting a default SSH …
Shaun Nichols, 02 Jul 2014
splendourinthegrass

Moshtix admin account popped by party-pooper hipster-hating hacker

Skiddies logged into a staff account of Aussie ticketing outlet Moshtix and caused havoc for fans snapping up tix. Punters who were in line for $355 pre-sale tickets for the hippy hipster-favoured Splendour in the Grass festival in Byron Bay had a rude shock when their online checkout totals were up to 1,000 per cent more …
Darren Pauli, 09 May 2014
android malware mobile iphone

New software nasty encrypts Android PHONE files and demands a ransom

Miscreants have brewed the first file-encrypting strain of ransomware that infects Android smartphones. The malware, dubbed Android/Simplocker by ESET, scans the SD card in a handset for certain types of file, encrypts them, and demands a ransom to decrypt the data. The ransom message is written in Russian, with payment …
John Leyden, 04 Jun 2014

Panic like it's 1999: Microsoft Office macro viruses are BACK

Macro viruses involving infected Word and Excel files were a plague in the late 1990s. Yet, like grunge music, the genre fell into decline as techniques and technologies moved on. More recently macro viruses have staged something of a revival, thanks to social-engineering trickery. Windows executable malware has dominated macro …
John Leyden, 08 Jul 2014
Blackmail image

Cyber scum pump ransomware at victims from spambot-stuffed websites

Miscreants have brewed up a strain of ransomware which functions like the recently dead CryptoLocker - and this one communicates using the Tor browsing anonymization network. Critroni appears geared towards exploiting a gap in the market created by a takedown operation against the CryptoLocker and Gameover ZeuS botnets back in …
John Leyden, 22 Jul 2014

Police pen shortage threatens Irish public order

An Irish judge has expressed concerns that a police biro shortage may pose a serious threat to public order in Limerick. According to the Irish Independent, several miscreants have been dragged before the beak for "engaging in a threatening and abusive manner" in the public office at Henry Street gardaí station as a result of …
Lester Haines, 10 Mar 2014

France frostily foists flat fizz fear on ICANN's .wine plans

Wine vendors are fighting against ICANN's plans to introduce .wine and .vin top level domain names. During a packed government advisory meeting of the Internet Corporation for Assigned Names and Numbers in London on Monday morning, France's minister for digital affairs Axelle Lemaire told delegates that her country was opposed …
Kelly Fiveash, 23 Jun 2014
Spam image

'Unsolicited texts' outrage: Man fined £4k for DPA breach

The owner of a marketing company which allegedly sent "millions of unsolicited text messages" was prosecuted for "failing to notify the ICO of changes to his notification" at Willesden Magistrates Court last week. Jayesh Shah, of Pune, India, was fined £4,000 for a breach of the Data Protection Act, and ordered to pay costs of £ …
John Leyden, 24 Jul 2014
Cloud security image

AWS breaks silence over Truecrypt's role in data import/export

Amazon Web Services (AWS) has issued some advice on how it uses the kept mum on whether it will dump the troubled TrueCrypt platform used to encrypt data imported and exported to its Simple Storage Service, Amazon EBS snapshots and Glacier cold storage offerings. . The popular crypto platform recently became a pariah after its …
Darren Pauli, 11 Jun 2014
Stourport cctv image 12.03.03

Dimwit hackers use security camera DVRs as SUPER-SLOW Bitcoin-mining rig

Miscreants are using hacked digital video recorders in a somewhat misguided attempt to mine cryptocurrency BitCoins. Hackers have created custom code to infect devices normally used for recording footage from security cameras. After getting in, likely to taking advantage of weak default passwords, a common security mistake with …
John Leyden, 02 Apr 2014
Buncefield fire scene

Sorry, chaps! We didn't mean to steamroller legit No-IP users – Microsoft

Microsoft has admitted that it did disrupt a significant number of legitimate users of No-IP's dynamic DNS service, but says the problem is now sorted out. "Yesterday morning, Microsoft took steps to disrupt a cyber-attack that surreptitiously installed malware on millions of devices without their owners' knowledge through the …
Iain Thomson, 01 Jul 2014

A-list celebs, biz barons' privates EXPOSED in limo hire hack – report

Personal information, financial records and salacious details about 850,000 celebrities, top executives and other customers were swiped by hackers from a limo-booking software company, it is claimed. The attacked biz, said to be CorporateCarOnline based in Missouri, brokers reservations for limousines and other rental cars …
Shaun Nichols, 06 Nov 2013

iDevice ransomware stalks OZ, demands payoff

Apple fans across Australia are finding their iPad and iPhones held for ransom by miscreants demanding $50 and more for unlock fee. The extortionate demands appeared in messages claiming the device had been "hacked by Oleg Pliss" – but it'd be highly unlikely that the cybercrooks behind the scam, which appears to be localised to …
John Leyden, 27 May 2014

Every little helps: Dirty MOLE BANDITS clean out Tesco ATM from BELOW

The movies tell us that tunnels are normally dug when a person locked behind bars laboriously scrapes away dirt with just a spoon to secretly set themselves free. Now some naughty scamps in Salford, Greater Manchester, have used the technique, not to escape, but to break their way into a shop to steal cash out of an ATM. …
Team Register, 21 Mar 2014

PC-infecting chat demon quotes THE BIBLE to summon malware plague

A new Trojan that distributes itself through Facebook instant messaging and Yahoo! Messenger has claimed hundreds of victims. Computer systems have been infected by the software nasty in the UK, Germany, France, Denmark, Romania, the US and Canada during the past week or so, according to Romanian antivirus firm Bitdefender. …
John Leyden, 27 May 2014
bug on keyboard

Botnet PC armies gulp down 16 MILLION logins from around the web: Find out if you're a victim

Officials in Germany have warned that large networks of hijacked, hacker-controlled PCs – aka botnets – have harvested 16 million email address and password combinations for websites and other online services. The (German Office of Information Security) BSI said cops and security researchers have been closely following armies of …
Shaun Nichols, 22 Jan 2014
Chrome browser

Chrome makes new password grab in version 34

Google has announced that Chrome 34 is now stable enough to be promoted to the Stable Channel. In a few days it will therefore become the default version for millions of users. Most of the updates to the browser are anodyne: there are 30-odd security fixes, a new look on Windows 8 and what Google labels “Lots of under the hood …
Simon Sharwood, 09 Apr 2014
GCHQ as seen on Google Earth

Chrome OS leaks data to Google before switching on a VPN, says GCHQ

The sexy-named Communications Electronics Security Group (CESG) – the bit of GCHQ that helps Brits protect stuff from foreign spies (never mind Blighty's) – has issued fresh advice for securing BlackBerry OS 10, Android and Chrome OS 32. It also, handily, identifies "significant risks" in the operating systems. The guidelines …
Simon Rockman, 10 Jun 2014
The Ultima Tool Chest's fridge

Cybercrooks slide fingers into TELLIES+FRIDGES, spam splurge ensues

Miscreants have launched an Internet of Things-based cyberattack involving household "smart" appliances. The global spam distribution campaign involved more than 750,000 malicious email communications coming from more than 100,000 everyday consumer gadgets. Items such as home-networking routers, connected multi-media centres, …
John Leyden, 17 Jan 2014
Resident Evil zombie takeover

Multi-platform Java bot marshals ZOMBIE FORCE against spammers

Miscreants have brewed a multi-platform strain of malware capable of infecting Windows, Mac OS and Linux PCs. The evil bot, which surfaced in early January, was written entirely in Java and designed to take advantage of the CVE-2013-2465 vulnerability (a Java flaw patched by Oracle last June) to infect victims. The malware - …
John Leyden, 30 Jan 2014

You don't need a HERO, you need a ZERO. From Google

Google will expand its computer security research efforts by forming a well-staffed full-time team called Project Zero. The web ad broker wants to hire the best of the best, who can find Heartbleed-grade vulnerabilities, or worse bugs, in software. It's also looking to extend its bounty program for reporting holes. Project Zero …
John Leyden, 15 Jul 2014
A hash

EBAY... You keep using that word 'ENCRYPTION' – it does not mean what you think it means

Confusion reigns over whether or not the 145 million "encrypted" user account passwords swiped from eBay can be practically cracked by crooks. A day has passed since the online tat bazaar admitted its customer database was hacked back in February, and the method of encryption is still not known. We do know what wasn't encrypted …
John Leyden, 22 May 2014

Friends don't let friends use Internet Explorer – advice from US, UK, EU

Microsoft has warned of a new security flaw in all versions of its Internet Explorer web browser for Windows PCs. A patch has yet to be released for the crocked code. Vulnerability CVE-2014-1776, to give the problem its formal name, allows miscreants to hijack at-risk Windows computers. It's all due to “the way Internet Explorer …
Simon Sharwood, 27 Apr 2014
Picture by Afonso Lima

'I like big butts and I cannot lie, hackers take Pinterest on a joyride'

Miscreants have made an ass out of users of bewildering photo-sharing website Pinterest – by hijacking their accounts to flood the boards with butt pics. The cheeky spammers gained control of the profile pages by tricking victims into clicking on “Pin This” widgets on websites or running dodgy apps, all of which had malicious …
John Leyden, 28 Mar 2014
chalk outline of  human body at crime scene

You've got two weeks to beat off Cryptolocker, GameoverZeus nasties

The UK’s National Crime Agency has warned people have just two weeks to protect themselves against the Cryptolocker ransomware and a strain of the ZeuS password-slurping malware – before both return from the dead. The alert comes after the cops "disrupted" the systems remotely controlling the software nasties – which could mean …

Attackers fling Stuxnet-style RATs at critical control software in EUROPE

Security researchers have uncovered a series of Trojan-based attacks which have infiltrated several targets by infecting industrial control system software from the makers of SCADA and ICS systems. The majority of the victims are located in Europe, though at the time of writing at least one US firm's compromised gear appears to …
John Leyden, 26 Jun 2014
Cloud security image

Skiddies turn Amazon cloud into 'crime-as-a-service' – security bod

Amazon Web Services' share of cloud-hosted malware-slingers has more than doubled in the last six months. That's according to NTT subsidiary Solutionary, which revealed the finding in its Q2 2014 Security Engineering Research Team (SERT) report published on Tuesday. The infosec researchers said that, out of the top ten ISPs and …
Jack Clark, 17 Jul 2014
Fail and You

iOS slurpware brouhaha: It's for diagnostics, honest, says Apple

Faced with a growing backlash, Apple has added a page to its support website explaining iOS's previously unexplained data-slurping tools – which were recently highlighted by security researcher Jonathan Zdziarski. The utilities – which includes a silent packet sniffer, a file relay system that bypasses Apple's Backup Encryption …
Iain Thomson, 24 Jul 2014

Apple iOS 7 security bug allows fiendish wags to easily empty your wallet

Apple has updated iOS 7 to fix a security bug that allowed miscreants to buy stuff from the online Apple Store without having to tap in a valid password. The Cupertino idiot-tax operation said new version 7.0.4 patches a flaw that affected in-app and app purchases. Usually, one must supply his or her Apple account username and …
Shaun Nichols, 16 Nov 2013
4chan bug bounty.jpg

Web cesspit 4chan touts '$20 bug bounty' after hackers ruin Moot's day

Internet armpit 4chan now has a bug bounty – although with just $20 in "self-serve ad spend" on the website or an annual membership up for grabs, it's not particularly bountiful. The bounty programme was launched after the image-board website and a drawing website, both founded by Chris "moot" Poole, were compromised by …
Darren Pauli, 07 May 2014
David Miranda and Glenn Greenwald

Anonymous: Why we're PICKETING Glenn Greenwald's book tour

Members of hacker collective Anonymous are preparing to picket journalist Glenn Greenwald's book tour – where the journo hopes to promote a tome about his reports on leaked files given to him by ex-National Security Agency sysadmin turned whistleblower Edward Snowden. The hacktivists want to disrupt the hack's book signings on …
Jasper Hamill, 14 May 2014
A U-2 "Dragon Lady" takes off from the Osan Air Base, South Korea, flightline Oct. 21, 2009, during the base Air Power Day air show. (U.S. Air Force photo/Staff Sgt. Brian Ferguson)

LA air traffic meltdown: System simply 'RAN OUT OF MEMORY'

A computer crash that caused the collapse of a $2.4bn air traffic control system may have been caused by a simple lack of memory, insiders close to the cock-up alleged today. Hundreds of flights were delayed two weeks ago after the air traffic control system that manages the airspace around Los Angeles' LAX airport went titsup …
Jasper Hamill, 12 May 2014

Bank-raid ZeuS malware waltzes around web with 'valid app signature'

A variant of the bank-account-raiding ZeuS Trojan is masquerading as a legit Windows app using a valid digital signature – and packs a rootkit to burrow deep into victims' PCs. It appears miscreants have somehow gained access to the private signing key belonging to a Microsoft-registered third-party developer in Switzerland, and …
John Leyden, 05 Apr 2014
Bondi Blue Rev. A iMac - logo

What took you so long Apple? 26 remote exec bugs die in OS X Safari

Apple has fixed 27 vulnerabilities in its Safari web browser for OS X computers, 18 of which were uncovered by Google's Chrome Security Team. All but one of the flaws allow miscreants to execute arbitrary code on victims' computers. The iPhone giant said its Safari 7.0.3 and 6.1.3 update will close the holes, which were found in …
Shaun Nichols, 02 Apr 2014
The Can

Software containers for BYOD/mobile device management: Big Tin Can

An environment which runs on a number of mobile platforms seeks to solve lots of the BYOD issues faced by corporates. It creates a balance between locking down a device so completely that people won't or can't use it and leaving the door open to miscreants. Such environments these days are often known as "containers" (or " …
Simon Rockman, 28 Feb 2014

EBay, you keep using the word 'SECURITY'. I do not think it means what you think it means

eBay‬ has told people to change their passwords for the online tat bazaar after its customer database was compromised. Names, dates of birth, phone numbers, physical addresses, email addresses, and "encrypted" passwords, were copied from servers by attackers, we're told. Credit card numbers and other financial records were not …
John Leyden, 21 May 2014
Hacker mug 06.12.02

Ethical hacker backer hacked, warns of email ransack

The IT security certification body that runs the Certified Ethical Hacker programme has itself been hacked. The EC-Council said the same hackers who ran the DNS poisoning attack that resulted in the defacement of its website in late February had also managed to access the control panel for its website after breaking into the …
John Leyden, 13 Mar 2014