Tag: hackers

In 7 months before going into hiding, the Colonial Pipeline hackers extorted $90 million

3 Comments


Dan Kitwood/Getty

New research into the ransomware thieves who attacked the Colonial Pipeline shows just how much money they were able to extort during a fairly short crime spree: about $90 million in approximately seven months…say researchers with Elliptic, a blockchain analysis firm that specializes in tracking criminals.

In fact, DarkSide and its partners operated a network of 47 different wallets, each used to collect ransoms from multiple victims, Elliptic reported Tuesday. After the money changed hands, it was frequently funneled through crypto exchanges where it could be translated into fiat. In other cases, it was sent through Hydra, a popular European darknet marketplace that offers “cash-out services,” Elliptic researchers write. All told, affiliates gained some $74.7 million from the attacks, while DarkSide—as the developer—earned about $15.5 million.

“According to DarkTracer, 99 organisations have been infected with the DarkSide malware – suggesting that approximately 47% of victims paid a ransom, and that the average payment was $1.9 million,” writes Tom Robinson, Elliptic’s co-founder.

Not a bad gig if you feel like running the risk. We all know that crime pays. Just depends on whether or not you get away with it. In my hipster youth [1960’s definition, please], I knew more than a few criminals. They all put it in classic terms. “If you can’t do the time, don’t do the crime!”

How will the government pull its cybersecurity trousers back up?

6 Comments

Rather than blowing up systems or stopping them with something as coarse as a denial of service attack, the Sunburst Trojan horse that infected the infamous SolarWinds Orion product was designed to not interfere with the systems of its ultimate victims in any way. As the Cybersecurity and Infrastructure Security Agency puts it, “This threat actor has the resources, patience, and expertise to gain access to and privileges over highly sensitive information if left unchecked. CISA urges organizations to prioritize measures to identify and address this threat.”

…FireEye provided the first and most concise description of what Sunburst can do: “After an initial dormant period of up to two weeks, it retrieves and executes commands, called “Jobs”, that include the ability to transfer files, execute files, profile the system, reboot the machine, and disable system services.”

Sunburst operates with a great deal of subtlety to avoid detection…It can disable, but so far no federal agency has reported a stoppage. If I were the alleged Russian government or government-sponsored hackers, why would I disable a system that’s sluicing valuable information my way?

This is just a look-in from outside the federal chain of command. It may be stating the obvious from a geek perspective; but, that’s a boatload more informative than the 1950’s black-and-white movie we get from the Associated Press or the Trump PR Band-Aid.

Hackers could turn sex-bots into killer cyborgs

6 Comments

Ultra-realistic sex robots could be used by warped hackers to attack humans, according to a chilling warning…The sex robot craze has swept the globe, with punters willing to fork out the cash to have their wicked way with the dolls…And producers have promised punters more realism than ever, with dolls able to mimic human voices and have orgasms set to enter the market.

But tech experts have warned that the more advanced these robots get, the greater the risk they will pose to mankind…

❝ Cyber security lecturer Dr Nick Patterson worryingly said that hacking into a sex robot could even be easier than gaining access to someone’s laptop or phone.

He added that once the robot has been breached, the hacker then has full control…

❝ Dr Patterson, of Deakin University, Australia, predicted that we will soon see robots replacing human workers and mimicking humans…But as long as the robots are connected to an interface, they can always be hacked.

RTFA if you feel like wandering through the crap that passes for the popular press in the UK.

The idea is interesting. Must be a few enterprising low-budget or not-so-low-budget examples on film. But, this analysis is lower than low budget.

Russian hackers are hiding in Britney Spears’s Instagram account

3 Comments

❝ In order to hack foreign governments, military officials, and embassies, Russian hackers are now using Britney Spears in their operations by posting cryptic comments on her Instagram photos.

Hackers at Turla, a group believed to be linked to Moscow, are using Instagram comments on Britney Spears’s photos to control their hacking operation, said researchers at Slovakian security firm ESET…

❝ The comment doesn’t make sense and doesn’t seem threatening to the untrained eye. But, according to ESET, it’s key to the hackers’ success.

❝ After compromising computers, hackers need a way to send them instructions and get data back. They often set up a command and control server to do this. Security professionals defending against cyberattacks usually try to find the central server and shut it down in hopes of crippling the entire network.

The comment on Britney Spears’s photo is a clever strategy for announcing the location of a new command and control server after the previous one gets shut down. When decoded, it’s actually the central server’s internet address

❝ So why are the Russian hackers now targeting an American pop star’s Instagram account?

The answer is simple: Web traffic from users around the world is constantly flowing through Instagram. It would be incredibly easy to hide malicious comments and links on photos posted by celebrities…

❝ The discovery raises questions about what else is hiding in the comment sections of celebrities’ social media pages and how Russian hackers are getting creative to avoid tracking.

And, of course, no country’s cyberspooks have exclusive use of creepy hacks, political or otherwise. The same stunts are liable to be foisted on popular websites by the NSA or CIA – or Trump’s favorite 400-lb teenager in his Long Island bedroom.

Hackers Came — The French Were Ready For Them

Leave a comment

Everyone saw the hackers coming…The National Security Agency in Washington picked up the signs. So did Emmanuel Macron’s bare-bones technology team. And mindful of what happened in the American presidential campaign, the team created dozens of false email accounts, complete with phony documents, to confuse the attackers.

❝ The Russians, for their part, were rushed and a bit sloppy, leaving a trail of evidence that was not enough to prove for certain they were working for the government of President Vladimir V. Putin but which strongly suggested they were part of his broader “information warfare” campaign…

But that outcome was hardly assured on Friday night, when what was described as a “massive” hacking attack suddenly put Mr. Macron’s electoral chances in jeopardy. To French and American officials, however, it was hardly a surprise.

❝ …The staff at Mr. Macron’s makeshift headquarters in the 15th Arrondissement at the edge of Paris didn’t need the N.S.A. to tell them they were being targeted: In December, after the former investment banker and finance minister had emerged as easily the most anti-Russian, pro-NATO and pro-European Union candidate in the presidential race, they began receiving phishing emails.

Even before then, the Macron campaign had begun looking for ways to make life a little harder for the Russians, showing a level of skill and ingenuity that was missing in Hillary Clinton’s presidential campaign and at the Democratic National Committee, which had minimal security protections and for months ignored F.B.I. warnings that its computer system had been penetrated.

❝ “We went on a counteroffensive,” digital director, Mounir Mahjoubi said. “We couldn’t guarantee 100 percent protection” from the attacks, “so we asked: what can we do?” Mr. Mahjoubi opted for a classic “cyber-blurring” strategy, well known to banks and corporations, creating false email accounts and filled them with phony documents the way a bank teller keeps fake bills in the cash drawer in case of a robbery…

Mr. Mahjoubi refused to reveal the nature of the false documents that were created, or to say whether, in the Friday document dump that was the result of the hacking campaign, there were false documents created by the Macron campaign.

But he did note that in the mishmash that constituted the Friday dump, there were some authentic documents, some phony documents of the hackers’ own manufacture, some stolen documents from various companies, and some false emails created by the campaign.

❝ “It’s clear they were rushed,” Mr. Hultquist said. “If this was APT28,” he said, using the name for a Russian group believed to be linked to the GRU, a military intelligence agency, “they have been caught in the act, and it has backfired for them.”

Russian hackers were dealing with not only a better educated populace; but, a more sophisticated audience than American voters. LePen and her populist campaign had to walk away from the most backwards aspects of campaigns her father would have run twenty or thirty years ago. She could not substitute anti-Semitism for Trump’s anti-Mexican slurs – as her father would have.

Trump’s dalliance in misogynist assaults might have cynical appeal to fools in France – as they do in the United States. But, Trump’s contempt for physically-handicapped wouldn’t play – for example – in a nation where until recently public transport still reserved front seats for victims of war.

The French shrugged off Big Lies because they knew from experience what the population in general was gifted by populist liars – and their supporters, domestic or foreign.

Either Microsoft is on their toes – or the stuff hackers steal from the NSA really is past its sell by-date

1 Comment

❝ Just as the Shadow Brokers hacker group started crowing about a dump of never-seen-before flaws in Windows, Microsoft announced it already had fixed most of the exploits.

“Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers,” Microsoft Principal Security Group Manager Phillip Misner wrote in a Friday post.

“Our engineers have investigated the disclosed exploits, and most of the exploits are already patched,” he added.

Three of the dozen zero day vulnerabilities aired by the hackers, which they claimed were part of a large cache of data leaked from the U.S. National Security Agency, did not work at all on Windows 7 and above…

❝ As of the most recent patch cycle, no supported versions of Windows were vulnerable to the Shadow Brokers exploits, said Bobby Kuzma, a system engineer at Core Security.

“In other words,” he told TechNewsWorld, “for the love of God get XP, Vista and 2003 Server off of your networks.”

Har.

I know Microsoft users aren’t the most diligent of users of contemporary computing software and hardware. It was true through the 22 years I functioned within that milieu. I left over a decade ago and from what I read and hear – ain’t anything improved.

Basic security procedures still require regular backups and keeping your patches up-to-date. There’s more; but, too many folks don’t make it to the minimum.

Six agencies, federal cops, investigate Russia paying for pro-Trump hackers

6 Comments


“Oh, Look. This one has Donald’s name engraved on it.”

❝ The FBI and five other law enforcement and intelligence agencies have collaborated for months in an investigation into Russian attempts to influence the November election, including whether money from the Kremlin covertly aided President-elect Donald Trump…

The agencies involved in the inquiry are the FBI, the CIA, the National Security Agency, the Justice Department, the Treasury Department’s Financial Crimes Enforcement Network and representatives of the director of national intelligence…

❝ Investigators are examining how money may have moved from the Kremlin to covertly help Trump win, the two sources said. One of the allegations involves whether a system for routinely paying thousands of Russian-American pensioners may have been used to pay some email hackers in the United States or to supply money to intermediaries who would then pay the hackers…two sources said.

The informal, inter-agency working group began to explore possible Russian interference last spring, long before the FBI received information from a former British spy hired to develop politically damaging and unverified research about Trump…

❝ Trump’s presidential transition team did not respond to a request for comment about the inquiry.

❝ FBI Director Comey refused at a recent Senate hearing to comment on whether the bureau was investigating Russia’s hacking campaign for possible criminal prosecutions. Spokespeople for the FBI, the Justice Department and the national intelligence director declined to comment…

❝ The BBC reported that the FBI had obtained a warrant on Oct. 15 from the highly secretive Foreign Intelligence Surveillance Court allowing investigators access to bank records and other documents about potential payments and money transfers related to Russia…

RTFA for the whole context. Importantly, this started before the Chris Steele dossier surfaced with the FBI. That the FBI was able to get a FISA warrant indicates they were able to establish probable cause the target was a foreign power – and the surveillance was likely to produce foreign intelligence.

Hacker snooping — think it’s just the Feds we have to watch?

Leave a comment


No – he’s not leaving his badge number

❝ …Many members of the public first became aware of the FBI’s interest in hacking in February, when the bureau and Apple battled over a locked iPhone belonging to one of the San Bernardino, California, shooters. That spat ended abruptly when the FBI announced it had hacked into the iPhone without Apple’s assistance…

❝ The present debate around law enforcement hacking is, for good reason, focused mostly on the FBI. At present, the most sophisticated law enforcement hacking capabilities belong to the federal government and remain classified. And although state and local police certainly investigate some serious crimes within their jurisdictions, the FBI routinely handles serious crimes — child pornography, human trafficking, financial crime resulting in the loss of millions of dollars. By many measures, the gravity of the crimes the FBI investigates makes it understandable that when we consider extraordinary hacking measures used by law enforcement, we would start with the FBI.

❝ But law enforcement hacking is not just a matter for the feds, thanks to two trends in particular.

First, just like law-abiding citizens, criminals have access to legal services that allow them to encrypt communications, browse privately, and otherwise minimize their digital footprints. Smartphone encryption frequently prevents crime, but as these tools become easier to use and the commercial default, it isn’t difficult to imagine that criminals—even those who aren’t technologically sophisticated — will use them, too.

Second, state and local police departments are very interested in hacking capabilities that could, as they see it, improve their ability to fight crime. Leaked emails from the past several years show that law enforcement agencies around the country have received demonstrations of spyware being sold by the controversial Italian-based company Hacking Team, whose mission is to “provide effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities.” Hacking Team boasts of software that helps law enforcement “hack into [their] targets with the most advanced infection vectors available.”

❝ The federal government is also sharing cybercrime-related knowledge with state and local police departments. The National Computer Forensics Institute, a federally funded center, is “committed to training state and local officials in cyber crime investigations” and offers tuition-free education on many elements of policing in a high-tech crime era. And after unlocking the San Bernardino iPhone, the FBI hastened to assure its local partners that it would share technical assistance whenever possible.

RTFA for details. Reflect upon your local coppers being as likely – more likely? – than the Feds to consider Free Speech a crime. They can expect the range of political fools from Trumpkins to FuzzyWhigs to back them up. Many of America’s conservatives look at the Bill of Rights as a failed experiment.

Four students solve Facebook’s fake-news problem in 36 hours

1 Comment

❝ Facebook is facing increasing criticism over its role in the 2016 US presidential election because it allowed propaganda lies disguised as news stories to spread on the social-media site unchecked…

❝ Business Insider’s Alyson Shontell called Facebook CEO Mark Zuckerberg’s reaction to this criticism “tone-deaf.” His public stance is that fake news is such a small percentage of the stuff shared on Facebook that it couldn’t have had an impact. This even while Facebook has officially vowed to do better and insisted that ferreting out the real news from the lies is a difficult technical problem.

❝ Just how hard of a problem is it for an algorithm to determine real news from lies?

Not that hard.

During a hackathon at Princeton University, four college students created one in the form of a Chrome browser extension in just 36 hours. They named their project “FiB: Stop living a lie.”

❝ The students are Nabanita De, a second-year master’s student in computer science student at the University of Massachusetts at Amherst; Anant Goel, a freshman at Purdue University; Mark Craft, a sophomore at the University of Illinois at Urbana-Champaign; and Qinglin Chen, a sophomore also at the University of Illinois at Urbana-Champaign.

❝ Their News Feed authenticity checker…classifies every post, be it pictures, adult content pictures, fake links, malware links, fake news links as verified or non-verified using artificial intelligence…

The browser plug-in then adds a little tag in the corner that says whether the story is verified.

Game, set and match. Facebook is one of the sponsors of that hackathon. Better take a closer look at the coders, Zuck.