Articles about Miscreants

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014
PCS with a red X in front of them

Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute

More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed. During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the …
John Leyden, 27 May 2014
Fail whale

TweetDeck XSS flap: Miscreants flash their naughty bits at users

Updated Twitter aficionados are being warned to log out of Twitter client TweetDeck and revoke its access to their accounts after an apparent cross-site scripting vulnerability was discovered. Multiple users – including El Reg's HQ in London, England – reported on Wednesday that they had seen a suspicious pop-up within Tweetdeck that …
Jack Clark, 11 Jun 2014

Insert 'Skeleton Key', unlock Microsoft Active Directory. Simples – hackers

Miscreants have forged a strain of malware which is capable of bypassing authentication on Microsoft Active Directory (AD) systems. Hackers can use arbitrary passwords to authenticate as any corporate user, Dell SecureWorks warns. The malware, dubbed Skeleton Key, is deployed as an in-memory patch on a victim’s AD domain …
John Leyden, 13 Jan 2015

MAC BOTNET uses REDDIT comments for directions

A zombie network that feasts on the computer brains of infected Macs has press-ganged 17,000 compromised machines into its ranks, Russian anti-virus firm Dr Web warns. The iWorm creates a backdoor on machines running OS X. Miscreants are using messages posted on Reddit as a navigational aid which points infected machines towards …
John Leyden, 03 Oct 2014
gandalf

Google bakes W3C malware-buster into Gmail

If an online service offers even the slightest gap through which miscreants can launch an attack, they will do so. It's therefore not surprising that Google feels some extensions to its Gmail service may not be entirely friendly to users. The Chocolate Factory's, response, announced Tuesday, is to adopt the W3C's Content …
Simon Sharwood, 17 Dec 2014

ISC.org website hacked: Scan your PC for malware if you stopped by

The website for the Internet Systems Consortium, which develops the BIND DNS and ISC DHCP tools, has been hacked. Anyone who recently browsed ISC.org is urged to check their PC for malware as miscreants booby-trapped the site to infect visitors. The website has been replaced by a placeholder page warning netizens of the attack …
Chris Williams, 26 Dec 2014
The Queen Mother by Phil Houghton

Sony-blasting Lizard Squad suspects quizzed by UK and Finnish cops

UK police have arrested a suspected member of the infamous Lizard Squad crew. The 22-year-old from Twickenham, south-west London, was arrested by police on Tuesday, and questioned about alleged fraud against PayPal as well as claims he is reportedly linked to Lizard Squad – a group of cyber-miscreants who made headlines …
John Leyden, 02 Jan 2015
Sony PS4

Sony grovels, offers freebies after PlayStation network spent Xmas TITSUP

Sony has offered free membership and discounts to its console gamers after the PlayStation Network fell off the interwebs for several days over Christmas. The troubled entertainment giant said it would offer those whose free trial of PlayStation Plus was interrupted by the outages five more free days, while all PlayStation …
Shaun Nichols, 03 Jan 2015
Free Realms

PlayStation Network blasted offline AGAIN. Just not Sony's decade

Sony's PlayStation Network has suffered yet another outage: the PlayStation store went titsup in the early hours of Monday, UK time. Hacktivist group the Lizard Squad claimed responsibility for flooding the servers off the internet using a distributed denial-of-service attack. The PlayStation giant said on its Twitter account …
Kelly Fiveash, 08 Dec 2014

Another day, yet another emergency Adobe Flash patch. Because that's how we live now

The new year hasn't been a pleasant one for Adobe: the Silicon Valley firm has scrambled to close yet more serious security holes in its Flash player. Last week the Photoshop biz rushed out a patch for a critical flaw in Flash that miscreants were exploiting in the wild to hijack victims' computers. Today, a new update has been …
Iain Thomson, 27 Jan 2015

VXers Shellshocking embedded BusyBox boxen

Malware writers have crafted new wares to attack embedded devices running BusyBox and not yet patched against the ShellShock vulnerability, researcher Rhena Inocencio says. Miscreants' tool of choice for such attacks is malware called "Bashlite" that, once executed on a victim machine, probes for devices such as routers and …
Darren Pauli, 17 Nov 2014

Bash bug flung against NAS boxes

Hackers are attempting to exploit the BASH remote code injection vulnerability against Network Attached Storage (NAS) systems. Miscreants are actively exploiting the time-to-patch window in targeting embedded devices, security firm FireEye warns. We have evidence that attackers are actively exploiting the time-to-patch window …
John Leyden, 01 Oct 2014

FTC to Apple: Turn your head and cough while we feel for balls-up with HealthKit privacy

US watchdog the Federal Trade Commission (FTC) is reportedly scrutinizing Apple's health-monitoring software and hardware, dubbed HealthKit, for privacy problems. The regulator has asked the iThing giant to come in and explain just how it planned to handle fans' private information, according to a Reuters report citing unnamed …
Shaun Nichols, 14 Nov 2014

Cortana, remind me to patch Windows, IE, and Adobe gear next Tues

Microsoft will release eight security updates next Tuesday to squash remote-code execution bugs in Windows and Internet Explorer among other flaws. Meanwhile, Adobe will issue new versions of Acrobat and Reader for this month's Patch Tuesday. Two of the security updates from Microsoft are rated as critical because they allow …
Shaun Nichols, 09 May 2014
Chat from the #opaustralia IRC channel

Freenode IRC users told to change passwords after securo-breach

A security breach at popular, free and open source software-focused IRC network Freenode means users need to change their passwords. Freenode's IRC server was compromised and passwords were likely sniffed by unidentified hackers, prompting a warning to users that they should reset their passwords as a precaution. The security …
John Leyden, 15 Sep 2014

Burglars' delight no more: Immobilise UK secures property list

Security flaws that left millions of records on the Immobilise UK National Property Register website wide open to snooping have been identified and removed. Security consultant Paul Moore uncovered flaws that meant it was possible to access other members' records. The Immobilise site allows consumers to add details of valuables …
John Leyden, 07 Jan 2015
Purported iPhone on the cover of a 2006 issue of the French publication, 20 Minutes

IT cock-up – not jihadi DDoS – fingered for French web media blackout

Several prominent ‪French news websites‬ fell off the web on Friday for several hours in what's looking like a technical failure rather than a denial-of-service attack. It was, at first, assumed Islamist miscreants had attacked the sites, lashing out in anger at press coverage of the C‪harlie Hebdo‬ killings. Le Parisien ( …
John Leyden, 17 Jan 2015
Hacker image

Sony employees face 'weeks of pen and paper' after crippling network hack

Sony Pictures still hasn't recovered from a comprehensive attack on its computer networks – and staff have been reduced to doing their work by hand – according to insiders. This notice stuck on lifts at Sony Pictures in London.. pic.twitter.com/RMZcQhjfYI — James Dean (@JamesDeanTimes) November 28, 2014 The infiltration by …
Iain Thomson, 28 Nov 2014
iPod Touch 3G

Apple deliberately wiped rivals' music from iPods – iTunes court claim

Apples software forced people to delete music from their iPods if it was downloaded from an iTunes store rival, a court has heard. During a class-action antitrust hearing in California on Thursday, lawyers argued that Apple purposely made its iTunes application instruct users to reset their iPods – removing any tracks obtained …
Shaun Nichols, 04 Dec 2014
The Register breaking news

MiniDuke miscreants whip out old-school tricks to spy on world+dog

A new strain of malware designed to spy on multiple government entities and institutions across the world has been discovered by anti-virus firm Kaspersky Lab. MiniDuke has infected government entities in the Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, a research institute, two think-tanks, …
John Leyden, 27 Feb 2013
Data breach image

Deloitte's files on bean counters swept up in Sony hack stash – report

Bean-counting giant Deloitte has been pulled into Sony Pictures' ongoing nightmare – the one in which the movie giant was comprehensively hacked and gigabytes of sensitive files leaked online. Unreleased films, draft scripts, criminal record checks on staff, doctors' notes, passwords, encryption certificates, social security …
Shaun Nichols, 04 Dec 2014

Dirtbags dressed up malware as legit app using Sony crypto-certs

Miscreants were quick to capitalize on the theft of Sony's cryptographic certificates – used to sign a software nasty to make it look legit. An analysis of malware dubbed Destover was published by Kaspersky Lab on Tuesday, and shows the code was signed using a private certificate belonging to Sony to evade malware filters. …
Iain Thomson, 10 Dec 2014
The North Korean computer system

Feds finger Norks in Sony hack, Obama asks: HOW DO YOU SOLVE A PROBLEM LIKE KOREA?

The Federal Bureau of Investigation has claimed to have found evidence linking North Korea with the hackers who ransacked Sony Pictures' servers and dumped gigabytes of sensitive data online. "As a result of our investigation, and in close collaboration with other US government departments and agencies, the FBI now has enough …
Iain Thomson, 19 Dec 2014

Queen's Speech: Computer Misuse Act to be amended, tougher sentences planned

The final session of Parliament before next year's General Election was opened by the Queen today, who told MPs and peers that the Tory-led coalition government had 15 bills tabled. There was little of note on the tech front, with two exceptions – both detailed within the Serious Crime Bill. The first is that plans are afoot to …
Kelly Fiveash, 04 Jun 2014
medical_doctor_health_channel

'Chinese crims' snatch 4.5 MILLION patient files from US hospitals

One of the largest healthcare providers in the US claims Chinese hackers ran riot through its systems between April and June this year – accessing names, addresses and social security numbers of millions of patients. But Community Health Systems (CHS) insists no medical records nor any financial data were grabbed by the …
Iain Thomson, 18 Aug 2014
Hacked sarcasm

Backoff malware attacks hit 'more than 1,000 big businesses', warns US government

A Point-of-Sale malware attack that struck shipping outfit UPS has compromised the networks of a "significant" number of major businesses in the US, according to the country's Homeland Security office. The US administration's Computer Emergency Readiness Team (CERT) advised administrators and operators of PoS systems to …
Kelly Fiveash, 23 Aug 2014
Qualcomm Atheros hybrid network

Is your home or office internet gateway one of '1.2 MILLION' wide open to hijacking?

Hundreds of thousands of routers, firewalls and gateways used by small offices and homes are said to be vulnerable to hijacking due to bungled NAT settings. The networking devices are, we're told, commonly misconfigured to allow remote attackers to reprogram how network traffic flows to PCs, servers, tablets and other machines …
John Leyden, 22 Oct 2014
Call of Duty: Black Ops 2

BLAM, BLAM, BLAM... nooooo! Hacker crew Lizard Squad spits DDoS venom on Call of Duty

Hackers from the group Lizard Squad have reneged on their promise to quit earlier this month, apparently launching distributed denial-of-service (DDoS) attacks on major gaming industry websites. After an attack on the Playstation Network in August, Lizard Squad has added two uber-popular shoot-'em-up games from Activision …
John Leyden, 23 Sep 2014
cloud

ZeuS miscreants offer up honeypot

Cybercrooks are attempting to turn the tables on security researchers by setting up fake interfaces on their botnets in a bid to confuse and confound analysis. The fake honeypot tactic was brought into play by a group using a variant of the infamous Zeus crimeware toolkit. The unknown miscreants targeted quarterly federal …
John Leyden, 05 Nov 2010
James Franco and Seth Rogen in The Interview

Shock! Nork-grating flick The Interview WILL be in cinemas – Sony

After days of ridicule for caving into ludicrous anonymous threats against moviegoers, Sony Pictures and US cinemas will show The Interview this Christmas, after all. According to the likes of Associated Press, BBC News and Variety, the Seth Rogan comedy flick about the assassination of North Korean dictator Kim Jong Un will be …
Shaun Nichols, 23 Dec 2014
Orange Credit Card

Home Depot: 56 million bank cards pwned by malware in our tills

Home Depot today admitted 56 million bank cards are at risk after they were used in malware-infected tills. The DIY giant on Thursday revealed that a software nasty infiltrated its PC-powered registers between April and September in the US and Canada. Cards swiped through the compromised machines could be accessed by the malware …
Shaun Nichols, 18 Sep 2014
LIZARD WEARING A TOP HAT SITS ON A BRANCH.  Brett Weinstein pic - ALTERED BY JUDE KARABUS - licensed under  CC 3.0

Facebook: Oi, Lizard Squad – we can take down our own site, ta

A technical cockup – rather than hostile hacker action – is apparently the reason Facebook, Instagram and other Web 2.0 sweethearts fell off the internet on Monday. Prankster hacking crew Lizard Squad was gloating over the downtime; Tinder also disappeared for a while during the outage of Facebook and its photo-sharing sister …
John Leyden, 27 Jan 2015
Gloved hand reaches into victim's pocket to steal mobile phone

Sony Pictures hack is Hollywood's 'Snowden moment' say infosec bods

Hackers obtained system administrators' passwords to pull of the mega-hack against Sony Pictures' servers, according to reports. This will come as no surprise to IT professionals. Purloined administrator credentials gave miscreants calling themselves Guardians of Peace broad latitude to access systems and sensitive data; that …
John Leyden, 19 Dec 2014

EU cyber-cop: Dark-net crooks think they're beyond reach (until now)

Hundreds of website domains seized, 17 arrested and $1m in Bitcoin confiscated – Thursday was, apparently, a busy day for the West's cyber-cops. Operation Onymous, in which police and g-men in more than a dozen European countries as well as the US, has claimed some big scalps including the Silk Road 2.0, Hydra and Cannabis Road …
Jennifer Baker, 07 Nov 2014

Scammers plead guilty to $AU500k Telstra scam

Three men have pleaded guilty to an Australian court over a scam that netted them more than $AU500,000 worth of mobile phones and fondleslabs from Telstra without payment. The Victorian County Court heard the three Indian men, on temporary visas, then sent the phones back to India for re-sale. The Herald Sun says the scam …
That 419 shirt artwork in full

Bank IT bod accused of stealing $40 MEEELLION from employer

If you get an email from a hapless Nigerian prince who needs a hand shifting a few million dollars, the message will no doubt wing its way into your spam folder. But should you get a plea for help from a Nigerian sysadmin, you may want to take a second look: the Nigerian government's Economic and Financial Crimes Commission ( …
Iain Thomson, 16 Sep 2014

URL LOL: Delta splats web flight boarding pass snoop bug

Delta Airlines techies have fixed a flaw in the biz's paperless boarding pass system that allowed a hacker to access information on strangers' flights. The security vulnerability is down to the URLs used by Delta's website to serve digital copies of boarding passes to smartphones. These passes appear as QR codes which are …
Iain Thomson, 18 Dec 2014

Dormant IP addresses RIPE for hijacking

Spammers are using loop holes in the internet routing registry to commandeer address space and pump out junk mail, and potentially launch denial of service attacks and steal traffic. As explained by cyber crime reporter Brian Krebs and Cisco researcher Jaeson Schultz, IP addresses can be snatched by scammers who establish bogus …
Darren Pauli, 14 Nov 2014
management regulation1

Data scrapers used Amazon cloud to reap biz bods' CVs, wails LinkedIn

LinkedIn is still waging its battle against “scrapers”, who use software to automatically harvest publicly available personal information from the social network. And that fight has today wound up in a California court where the website's bosses are trying to unmask the miscreants who have reaped the site for users' employment …

Nork-ribbing flick The Interview AXED: Sony caves under hack terror 'menace'

Sony Pictures has confirmed the inevitable and cancelled the December 25 launch of The Interview after most major theater chains refused to run it. "The ability of our guests to enjoy the entertainment they choose in safety and comfort is and will continue to be a priority for theater owners," said the National Association of …
Iain Thomson, 18 Dec 2014
Beware of the dog

Names, ages, addresses, SSNs of US postal staff slurped in 'mega-hack'

The US Postal Service has called in the FBI after hackers apparently grabbed names, addresses, social security numbers and other sensitive records from its staff database. It's feared miscreants got into USPS corporate servers, and swiped data that will be a lucrative haul for identity thieves and other fraudsters. USPS employs …
Iain Thomson, 10 Nov 2014
Hacker image

An alleged 27GB Sony Pictures data dump. 65 PlayStation web servers. One baffling mystery

Sony PlayStation website servers were used to distribute a 27.78GB archive potentially containing sensitive data swiped from Sony Pictures computers, it's claimed. Until early on Tuesday afternoon, San Francisco time, more than 60 systems seeding the archive on the BitTorrent network appeared to be virtual servers in the Amazon …
Iain Thomson, 03 Dec 2014

Patch Windows boxes NOW – unless you want to be owned by a web page or network packet

"Remote code execution if an attacker sends specially crafted packets" is not what many of you want to hear today – nor "remote code execution if a user views a specially crafted webpage using Internet Explorer" – but it's Patch Tuesday, so what do you expect? Microsoft has issued a batch of security fixes for Internet Explorer …
Shaun Nichols, 11 Nov 2014

Salesforce: Oh no! Dyre RATs are thirsty for our customers' logins

Salesforce has warned that miscreants are trying to infect its customers with a remote access trojan (RAT) dubbed Dyre that siphons off Salesforce.com login data. "On September 3, 2014, one of our security partners identified that the Dyre malware (also known as Dyreza), which typically targets customers of large, well-known …
Iain Thomson, 08 Sep 2014
Zombie cloud

Shoot-em-up: Sony Online Entertainment hit by 'large scale DDoS attack'

Sony is suffering a major Distributed Denial-of-Service attack on its network, the company's Online Entertainment boss confirmed today. It comes after The Register reported gripes about service wobbles on the PlayStation Network (PSN) earlier on Sunday. SOE's chief John Smedley coughed to being DDoSed in a series of tweets, …
Kelly Fiveash, 24 Aug 2014
Adobe Flash installer

Drink me: Adobe pours Flash Player bug squash

Adobe is pushing out a cross-platform security fix for a bug in its Flash Player that miscreants are already exploiting. Windows users running Adobe Flash Player 13.0.0.182 and earlier need to update it following the discovery of a zero-day attack. "Adobe is aware of reports that an exploit for CVE-2014-0515 exists in the wild …
John Leyden, 28 Apr 2014
Archer cracks the ISIS mainframe's password

ICANN: The TRUTH about that hacker attack on our DNS zone file database

The internet's critical IANA body – which allocate IP addresses and manage global DNS – was not compromised by hackers who broke into domain-name overseer ICANN's systems, the organization has stressed. In a brief update published Friday morning, ICANN noted: "We have confirmed that the attack has not impacted any IANA-related …
Kieren McCarthy, 19 Dec 2014