Articles about phishing

phishing_648

Clash of Kings hack: 1.8m hit

The forums for hit mobile game Clash of Kings have been hacked, with 1.6 million usernames, email addresses, IP addresses and access tokens swiped, apparently. Account passwords were also taken but they were stored salted and hashed, we're told. The forums have since been taken offline for "maintenance." Clash of Kings is …
Team Register, 23 Jul 2016
Image by rangizzz http://www.shutterstock.com/gallery-660385p1.html

Warframe leaks 800k addys

Users of the online shooter game Warframe are being alerted after a hacker managed to harvest the email addresses of more than 775,000 players. Warframe administrators said the attacker used a SQL exploit to harvest the addresses of hundreds of thousands of users. Though other data such as passwords and payment details are …
Shaun Nichols, 21 Jul 2016
Image by beccarra http://www.shutterstock.com/gallery-1124891p1.html

Hacker shows Reg how one leaked home address can lead to ruin

Unrestcon It takes nothing more than a home address for hacker "Nixxer" to find enough information to ruin your life. Nixxer is one of Australia’s most skilled good-guy social engineers and at a recent event, and in subsequent chats with The Reg, demonstrated the potential damage rather than actually ruining a life. But the arsenal he …
Darren Pauli, 20 Jul 2016

Euro IP study finds 25 Tor-and-Bitcoin-loving pirate business models

Knock us over with a feather: a study by the European Union Intellectual Property Office (EUIPO) has found that those who infringe intellectual property for a living are quite fond of anonymity technologies that cover their tracks. The Office last week emitted a Deloitte-penned study titled Research on Online Business Models …
Simon Sharwood, 18 Jul 2016
Mr Robot: Credit USA Network

World's worst exploit kit weaponises white hats' proof of concept code

The new wearer of the crown for World's Worst Exploit Kit is compromising users with exploit code for a dangerous new attack published by a white hat researcher. Neutrino is the new king of for-profit p0wnage packages, a market in which criminals create tools to compromise scores of users through the latest vulnerabilities. …
Darren Pauli, 18 Jul 2016
mistake

Samsung spills beans on mystery username, password emails to devs

Weird emails from Samsung to third-party developers containing usernames and passwords had some worried that the chaebol had been hacked. But the electronics giant says it's nothing to worry about. Earlier in the week, several Reg readers got in touch after they each received an email from Sammy titled "Your Login Information …
Iain Thomson, 16 Jul 2016

Kids’ shoes seller Start-rite suspends sales following breach

Children’s shoes retailer Start-rite Shoes has suspended sales following the discovery of an attack by hackers last weekend. UK-based Start-rite reckons hackers may have obtained customer names, postal address, telephone number and email address of its clients. Payment details are not stored on the site and therefore should …
John Leyden, 13 Jul 2016
Daleks in Doctor Who – Witch's Familiar. Pic credit: BBC

Drowning Dalek commands Siri in voice-rec hack attack

University boffins have brewed one of the most complex mechanisms for loading malware onto phones by way of surreptitious Google Now and Siri voice commands hidden in YouTube videos. For the attack to work, phones need to be in a state where they can receive voice commands - a feature often left unlocked - and close enough to …
Darren Pauli, 11 Jul 2016
Cymmetria report

Copy paste slacker hackers pop corp locks in ode to stolen code

The ultimate copy paste slacker hacker group has busted security controls in some 2500 corporates and government agencies using nothing but stolen code. The targets focus on those affiliated with military and political assignments around Southeast Asia and the contentious South China Sea, and may have been compromised in a …
Darren Pauli, 08 Jul 2016

⌘+c malware smacks Macs, drains keychains, pours over Tor

More malware capable of pilfering Mac keychain passwords and shipping them over Tor has been turned up, less than a day after a similar rare trojan was disclosed. Dubbed Keydnap, the malware is delivered as a compressed Mach-O file with a txt or jpg extension, with a hidden space character which causes it to launch in terminal …
Darren Pauli, 07 Jul 2016

Second celebgate hacker pleads guilty to phishing

A second US man has pleaded guilty to stealing intimate pictures of celebrities using a phishing scam. Edward Majerczyk, 28, who resides in Chicago and Orland Park, Illinois, was charged with hacking into the Apple iCloud and Gmail accounts of more than 300 people, including Hollywood celbrities. In a plea bargaining deal, …
John Leyden, 05 Jul 2016

Klepto Zepto could steal millions in looming ransomware wave

A dangerous new ransomware variant based on the Locky ransomware has security experts worried. The Zepto malware has been carried in nearly 140,000 spam messages sent over four days last week. The ransomware appears to have Locky's capabilities which could make it one of the more dangerous encryption lockers in circulation. …
Darren Pauli, 04 Jul 2016

Hackers: Ditch the malware, we're in... Just act like a normal network admin. *Whistles*

Hackers almost exclusively use standard network admin tools to move around a compromised network once they’ve broken in using malware or other hacking techniques. Researchers at security startup LightCyber found that 99 per cent of post-intrusion cyberattack activities did not employ malware, but rather employed standard …
John Leyden, 30 Jun 2016
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

Kremlin hackers and the Democratic National Committee: How deep is the rabbit-hole?

Well publicised attacks against the US Democrat National Committee exposed earlier this month are part of a wider pattern of attacks against a much broader range of US political targets, according to new research by Dell SecureWorks. The same group of cyber-spies is predominantly spying on Russia and neighbouring countries but …
John Leyden, 29 Jun 2016
Schematics of the Parkes FRB detection

Deutsche Telekom phish alert

Another day, another customer database leak: this time, it's Germany's Deutsche Telekom. The carrier says it's telling customers to reset their passwords, after being made aware of a database of T-Online e-mail addresses and passwords being offered for sale on darknet sites. Between 64,000 and 120,000 customers may be …
Image by MOSO image http://www.shutterstock.com/gallery-1098953p1.html

Filet-O-Phish: Insecure NFC tag relics hidden under Maccas tables

McDonald's New Zealand and Australia restaurants reportedly have unused and insecure NFC tags glued under tables. Near Field Communications tags allow devices to read instructions with a tap. Phones must be very close in order to read the tags and the instructions it contains. The McDonald's tags seem to have been installed …
Darren Pauli, 20 Jun 2016

Feds warn of skyrocketing business compromise scams

The FBI is warning that businesses have handed some US$3.1 billion to email scammers, a whopping 1,300 percent increase in 18 months. Businesses are tricked into sending the cash to would-be chief executive officers who have sufficient company information, obtained through open source searching or hacking, that makes the …
Team Register, 17 Jun 2016

Sofacy NotSoGood: Time to switch up our Trojan-slinging tactics

A hacking group linked by researchers to the Kremlin has switched its tactics as part of a new attack against the United States government. A spear phishing email from the Sofacy group (also known as APT28) sent to a "US government entity" from a potentially compromised account belonging to the Ministry of Foreign Affairs of …
John Leyden, 15 Jun 2016
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Japan travel agency fears leak of 7.93 million records, passport deets

Japan's largest travel agency JTB Corp says 7.93 million passport details, and home and email addresses may have been stolen by hackers. Executives at the company held a press conference bowing in apology for the feared breach and telling local media it may have stemmed from staffer who opened phishing-borne malware. The …
Darren Pauli, 15 Jun 2016
Burglar sits in kitchen with stolen tablet. Photo by Shutterstock

Cyber burglars love to pillage Euro businesses they've pwned before

Traditional methods including spear phishing and social engineering still account for more than a third of hacker attacks. A new study by Mandiant reports that many hacked European organisations are re–compromised within months of an initial attack, in a similar way to how burglars revisit homes and offices they’ve already …
John Leyden, 08 Jun 2016

Oh snap! Facebook zaps crap yap gap in web chat, natter app flap

A vulnerability in Facebook's web chatrooms and its Messenger app would have let miscreants surreptitiously tamper with messages after they had been sent. The flaw was discovered by eggheads at security biz Check Point, who reported it to the social network giant. We're told attackers would have needed only a basic knowledge …
John Leyden, 08 Jun 2016
Bitcoin

MtGox collapse victims now picked off by phishing vultures

Phishing scammers are going after people hoping to claw some of their money back from the MtGox collapse. Researchers with computer security biz Cyren have spotted a new round of spam messages claiming to originate from Kraken, the exchange that is heading up efforts to pay out Bitcoins recovered from the MtGox implosion. The …
Shaun Nichols, 06 Jun 2016
Captain Mainwaring

Will you get reimbursed if you're a bank fraud victim? Brits think not

Bank customers worldwide are often in the dark about whether or not they’ll be reimbursed for fraudulent transactions. Customers’ understanding of bank terms and conditions is often sketchy, according to a international study by academics. The researchers found that there is significant variation worldwide, and even within …
John Leyden, 06 Jun 2016

Redmond adds malware, phish warnings to Bing

Microsoft has followed Google's lead by making the malware warnings in its Bing search engine more nuanced. On Friday, the company announced that instead of one generic warning for dangerous sites, it is now giving users different messages for malware sites and phishing sites. Where a search brings up a hit on a site known to …
Image by Lana839 http://www.shutterstock.com/gallery-2897530p1.html

Anti-phishing most critical defence against rife CEO email fraud

AusCERT Internal anti-phishing programs are essential to prevent chief executive officers wiring money to fraudsters, threat man Donald McCarthy says. The programs are an underrated yet proven method for clamping down on what is perhaps the world's most successful and widely-used avenue to attack businesses and individuals. Business …
Darren Pauli, 02 Jun 2016

Is a $14,000 phone really the price of privacy?

A US$14,000 (£9,706, or A$19,352) Android phone has been launched pitching 'military-grade encryption' at privacy-conscious executives. Little information can be found on the Solarin handset's specific security chops other than it will use "chip-to-chip 256-bit AES encryption" for phone calls. That technology is built by …
Darren Pauli, 02 Jun 2016
Image composite: Microsoft and StudioLondon http://www.shutterstock.com/gallery-893620p1.html

Microsoft warns of worm ransomware, finds fix in Windows 10 upgrade

Microsoft is warning of a wormable ransomware that infects removable drives on versions of its operating system below Windows 10. The ZCrypt scumware is distributed through old but effective methods of phishing emails, Word document macros, and fake Adobe Flash installers. It drops a warning notice in a HTML file informing …
Darren Pauli, 01 Jun 2016
Night scene of bank station in central london

Bank in the UK? Plans afoot to make YOU liable for bank fraud

Bank customers may be obliged to bear the bill for fraud against their accounts, under proposed changes mulled by banks, the UK government and GCHQ. Under the plans, individuals or companies with poor online security could be “frozen out of banking services or even excluded from the system whereby banks compensate customers …
John Leyden, 26 May 2016
skull_648

Pastejack attack turns your clipboard into a threat

Once, you could use HTML/CSS to manipulate the clipboard, but it was not a good way to do so. Now a security bod has worked out how to do it in JavaScript and reckons it's a lot more dangerous. At first glance, it looks like purely a stunt-attack, except for this: a phishing e-mail purporting to be from tech support could …
phishing_648

Bangladesh government domain turned into toxic phishing hole

Netcraft security man Paul Mutton says the Bangladesh Government has been used in banking phishing attacks targeting customers of Wells Fargo, Google, and AOL. The domains are restricted Government assets which Mutton says could indicate lax security controls. The popped server is located in the UK hosted by Nibs Solutions …
Team Register, 20 May 2016

Suckfly: The hacking group targeting India but taking weekends off

A professional hacking group called Suckfly is targeting India's infrastructure and economic base by zeroing in on individuals and installing tools to access their work networks. That's according to a blog post by Symantec that has analyzed and dug into the group's activities and methods. Symantec first spotted the group it …
Kieren McCarthy, 18 May 2016

Phishing scam targets ... actual fishermen in eastern Ukraine

Security firm ESET has uncovered a long running cyber-espionage campaign in Ukraine, and seemingly targeted at separatists. Operation Groundbait is a targeted attack most likely run from within Ukraine by as yet unidentified politically motivated hackers. The region is a hotspot for malware-based spying campaign thanks largely …
John Leyden, 18 May 2016
Wall of Spam. Pic: freezelight

Sainsbury’s Bank insurance spam scam causes confusion

Numerous UK surfers were left confused on Monday after receiving email confirmations for insurance products with Sainsbury’s Bank that they never bought. People are receiving emails claiming they have started new policies for travel, home and car insurance from the UK supermarket giant’s banking business. El Reg learnt of the …
John Leyden, 17 May 2016
Prison

Insider trading hacker pleads guilty to p0wning press releases

A Ukrainian ne'er-do-well who broke into market computers for an insider trading scheme has entered a guilty plea in the US. The 28-year-old, Vadym Iermolovych, has put his hands up to three charges – conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft. The US Department of …
Arcady http://www.shutterstock.com/gallery-450076p1.html

Flash zero day phished phoolish Microsoft Office users

FireEye has detailed an attack on a recent zero-day vulnerability Adobe patched last week. The flaw (CVE-2916-4117) affects the previous latest version of Adobe Flash and copped a rushed patch after FireEye reported attacks in the wild. Genwei Jiang, a Singaporean senior security engineer, has revealed the details of the …
Darren Pauli, 16 May 2016
2001: A Space Odyssey

Lie back and think of cybersecurity: IBM lets students loose on Watson

IBM is teaming up with eight North American universities to further tune its cognitive system to tackle cybersecurity problems. Watson for Cyber Security, a platform already in pre-beta, will be further trained in “learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks …
John Leyden, 12 May 2016
Fat Tony

Google kneecaps payday loan ads

Google says it will no longer serve ads for short-term loan services it considers to be predatory lenders. The Chocolate Factory says that as of July 13, it will no longer be taking ads from loan services that seek repayment within 60 days or carry an annual percentage rate (APR) of 36 per cent interest or higher. The aim, …
Shaun Nichols, 11 May 2016
Speedometer by Nathan E Photography, Flickr under CC2.0

Google blocks Pirate Bay

Google's Safe Browsing service has decided The Pirate Bay is a phishing site. The Safe Browsing service tries to rate the web and provides a feed of sites Google's security team thinks deserve to be shunned. Other browser-makers use the service's feed to rate sites, so Google's assessment means those trying to reach …
Simon Sharwood, 11 May 2016

Babycare e-tailer Kiddicare admits customer data breach

Babycare retailer Kiddicare has warned customers that personal data shared with the store has been stolen by hackers. The compromised data is restricted to name, delivery address, telephone number and email address, according to Kiddicare, which is keen to stress that customer payment details or credit/debit card information …
John Leyden, 09 May 2016
Image by Danomyte http://www.shutterstock.com/gallery-256714p1.html

Six-year-old patched Stuxnet hole still the web's biggest killer

The six-year-old vulnerability first burnt by Stuxnet remains the internet's chief pwning vector and is a key instrument of the world's worst exploit kit known as Angler. The vulnerability is a hole in Windows Shell that is both long since patched and well publicised as part of its discovery in the US' Stuxnet worm, the killer …
Darren Pauli, 09 May 2016
German battleship sinking at Scapa Flow

Defence bankrolls Oz Govt's infosec threat sharing strategy

Budget 2016 The Department of Defence will haemorrhage A$122.2 million and the National Innovation and Science Agenda A$38 million to implement the Federal Government's A$230 Cyber Security Strategy, budget papers reveal. The funding Strategy announced last month was welcomed by many in security circles and seated information security …
Darren Pauli, 04 May 2016

Iranian cyberspy phishing rod pulled from the waters and exposed

Security researchers have lifted the lid on a decade long cyber-espionage campaign. The Infy malware, which originated in Iran, has been used to target businesses and governments across the world since 2007 and remains in use, according to security researchers from Palo Alto's Unit42 research unit. Over the time, the malware …
John Leyden, 03 May 2016

Michigan electricity utility downed by ransomware attack

A water and electricity authority in the US State of Michigan has needed a week to recover from a ransomware attack that fortunately only hit its enterprise systems. Lansing's BWL – Board of Water & Light – first noticed the successful phishing attack on its corporate systems on April 25, and has had to keep systems including …

Google Play infested with cash-stealing web apps

Security researcher Joshua Shilko says phishing apps targeting some of the world's biggest payment services have slipped past screening and landed on Google Play. Shilko says he's aware of 11 well-designed fraud apps that have slipped into the official Play store, often by mimicking mobile payment sites. Shilko did not name …
Darren Pauli, 29 Apr 2016

Gumtree 'fesses up to breach and personal information leak

UPDATE eBay's even tattier tat bazaar Gumtree says it's suffered an attack during which users' personal data was encountered by parties unknown and unauthorised. The Register has seen multiple posts in which members of the site report receiving an email with the following text: “We are writing to let you know that some of your …
Simon Sharwood, 29 Apr 2016
Facebook VR, photo by Facebook

Facebook's own TLS cert used by crooks in double logon phish

Netcraft security man Paul Mutton says phishers are using Facebook's TLS certificate to create a 'remarkably convincing' scam that would go unnoticed by most users. The phish uses an iframe to serve a Facebook verification form, but that form isn't from The Social NetworkTM. Instead, the form comes from an external Hostgator …
Team Register, 26 Apr 2016

Hackers so far ahead of defenders it's not even a game

Cybercriminals are way ahead of the game against defenders without having to try anything new, according to the latest edition of Verizon's benchmark survey of security breaches. The study shows that miscreants have no need to switch up, because the same old tactics are still working fine. Security defenders are still …
John Leyden, 26 Apr 2016
Lady eating a sandwich checking her mobile phone

Spotify accounts breached

Spotify account-holders' details have appeared on Pastebin. User names, passwords and email addresses are among the details divulged. Spotify says it has not been breached, leaving open the possibility that users had entered their account details into a third party or phishing service. The company is informing affected …
Darren Pauli, 26 Apr 2016
Mexico

'No password' database error exposes info on 93 million Mexican voters

Information on 93 million Mexican voters has been leaked online. Voter records were exposed as the result of a config error in a MongoDB database that meant that the information was left accessible by anyone who knew where to look. The database – hosted on Amazon AWS – included voters' names, addresses, voter ID numbers, dates …
John Leyden, 25 Apr 2016

MoD contractor hacked, 831 members of defence community exposed

Exclusive Up to 831 members of Britain's defence community with high-level security clearances had their personally identifying information stolen when the Ministry of Defence's business networking organisation was hacked, The Register has learned. Although heavily redacted in places, correspondence between the MoD and Niteworks— …