Iran cyberattacked US banks according to government officials

Late last year, multiple US banks were attacked online by what was believed to be a hacker group. Now government officials are saying it was actually the work of Iran, possibly in response to cyberattacks it has suffered from the US. This was determined when an investigation revealed that the method used to attack the banks was too sophisticated to be the work a fringe group.

iran

Recently, several banks across the nation have been hit with attacks that harmed them to various degrees for ten or so minutes before they recovered. This is due to extremely high amounts of that are being directed to the banks in the DDoS attacks, affecting the likes of Wells Fargo, HSBC, Bank of America, and Citigroup, among others.

According to a former state official, the United States government is 100-percent certain that Iran is the cause of the attacks. Likewise, security firm Radware’s Vice President Carl Herberger is quoted as saying, “The scale, the scope and the effectiveness of these attacks have been unprecedented. There have never been this many financial institutions under this much duress.”

Fortunately, none of the bank accounts have been violated, and no money has been taken. The attacks are being directed from data centers, which are said to have taken control of some small-time cloud services and used them as the powerhouse behind initiating the attacks. Two issues are making it difficult to resolve the problem, however: 1, the DDoS attacks are encrypted, and 2, how the data centers are being hijacked is unknown.

[via New York Times]


Iran cyberattacked US banks according to government officials is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Xiang Li pleads guilty in mega piracy case, faces 5 years in prison

Xiang Li, pirate extraordinaire, has pled guilty in court to a single count of conspiring to steal copyrighted software; his wife was also indicted, but her whereabouts are unknown and she’s presumed to be in China somewhere. For such an offense, Li faces up to five years in prison. This is being called the most successful criminal copyright prosecution case ever.

courtroom

Mr. Li ran the website Crack99.com in addition to a handful of others, specializing in the discounted sale of copyrighted software. Li hired hackers to find, acquired, and crack software, which he then hosted on his websites for sale, with the New York Times reporting that he offered in excess of 2,000 applications. The total value of the products he illegally sold totaled over $100m.

Investigators uncovered over 25,000 emails to customers in Li’s Gmail account, as well as over 500 transactions across the globe. Over 200 companies were hit by Li’s scrapping and cracking enterprise, with reports stating that he made 10-percent of the profits from the illegal sales. Some of his customers included a NASA electronics engineer and a military contractor scientist.

Turns out, Mr. Li’s case is the largest instance of criminal copyright prosecution ending in success. The trial took place in the Federal District Court of Delaware after he was arrested in an undercover sting operation in Saipan. Li’s illegal software selling business sold to buyers in 28 states and 60 countries. Some of the software he sold included very high-end applications used by the government and military, including Analytical Graphics, which is priced at $150,000.

[via New York Times]


Xiang Li pleads guilty in mega piracy case, faces 5 years in prison is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Anonymous’ attacks will decline in 2013, says McAfee Labs

In McAfee Lab’s latest annual report, it details how it views the security of the Internet throughout 2013. Perhaps surprisingly, the company says to expect a decline in attacks from Anonymous, with a possibility of a few big attacks as it peters out into relative obscurity. In its place will be more centralized, targeted groups with specific causes and goals.

Guy_Fawkes-580x386

This isn’t to say that we will see Anonymous disappear, according to McAfee, but rather that we will see it decline as cohesive groups bound by specific causes fling attacks against organizations and companies conflicting with them. Examples provided include hacktivists, ecoterrorists, and anti-globalization supports.

Says McAfee Labs: “Sympathizers of Anonymous are suffering. Too many uncoordinated and unclear operations have been detrimental to its reputation. Added to this, the disinformation, false claims, and pure hacking actions will lead to the movement’s being less politically visible than in the past. Because Anonymous’ level of technical sophistication has stagnated and its tactics are better understood by its potential victims, the group’s level of success will decline.”

Other expected issues in 2013 include a combination of smaller malware nuisances and scams, as well as large, destructive malicious malware that launch digital attacks against platforms and infrastructure, with the goal being to create destruction rather than illicitly harvest money. Another problem expected to boom is so-called randsomware, which provides a government emblem and purports that the user must pay a fine because child pornography and other nastiness was detected on their computer, both scaring and scamming people out of hundreds of dollars.

[via ars technica]


Anonymous’ attacks will decline in 2013, says McAfee Labs is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Windows RT ported to HTC HD2

We’ve seen the HTC HD2 running essentially every mobile operating system from its birth till now, but nothing could have prepared us for this: hackers have ported in Windows RT! This operating system is meant to be a sort of half-way point between full-on desktop mode and mobile for the Windows tablet universe hoping to join in on the Windows 8 fun – it’s creators certainly never intended it to be worked with on a smartphone. But there it is, on the HTC HD2, no less, the most-hacked smartphone of all time, without a doubt.

A_JRG5VCUAENGfu

What we’re seeing here is a set of users, both CotullaCode and StroughtonSmith, working together to bring this tablet-loving OS to the smartphone. This user interface is made for much larger devices and certainly wont be widely used by smartphone hackers, thus exercise thusly made real for the fun of it – or for the challenge of it, of course. You’ll see int he gallery below a set of shots of the OS working on the old HTC Windows Mobile device, with the name “LEO computer” simple to see.

A_JRicdCEAEe1d2
A_JRv1CCUAE0byd
A_JRSSoCMAASKMe
A_JROcLCMAAS2Wn
A_JRLLaCUAIhHz1
A_JRG5VCUAENGfu

At the moment we’re not being told how it was done, but our friendly source assures us that “it was helped by the EFI implementation he wrote for WP8.” This of course refers to the Windows Phone 8 hacking of the HTC HD2 from earlier this year – just near the end of November 2012, that is. You’ll see this and a collection of other HTC HD2 ports in the timeline near the end of this post.

Meanwhile you’ll want to know that this hack is not for the faint of heart, nor is it for the public. At the moment, the creators have no intent of sharing their precise method nor an instructions manual for the meek. You’ll just have to close your eyes and imagine the possibilities.

– Thanks for the tip, Steve!


Windows RT ported to HTC HD2 is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Hacker Leaks 300,000 Verizon Customer Records and Claims to Have Millions More (Updated)

Sometimes it seems like no one’s keeping your data safe; this is one of those times. A hacker just leaked 300,000 Verizon customer records, and that’s only a sample of the 3 million he claims to have gotten in his little raid. More »

The Defense Intelligence Agency Is Looking For Contractors To Help It Exploit Mobile Devices

person-of-interest-cbs-tv-show

The U.S. Defense Intelligence Agency is looking for a few good contractors to help it kick up its mobile information gathering capabilities, according to a new request for information (RFI) posted to its website Dec. 12 and spotted today by Fierce Wireless. The request has the government organization soliciting information sources for technology aimed at exploiting digital media and hardware, with a special request for exploitation of mobile devices with methods not generally available on the commercial market.

The request looks to be a general effort by the government to find ways of better unlocking the potential of information on cell phones and tablets. The rush to mobile isn’t just something that startups and established businesses are trying to keep up with, in other words; the U.S. government wants in on the action, too.

The RFI is pretty broad overall, covering not just mobile, but also “exploitation systems in Windows, Mac OS, and Linux. On the whole, it looks like a fairly straightforward ask for outsider expertise in hacking and digital intelligence. But the mobile section looks like essentially an admission that truly valuable efforts on this front would take the form of portable devices that would be able to gather info from exploited media information sources.

Here’s what the whole thing has me thinking of: the scene in every episode of Person of Interest where Jim Caviezel pairs his own mobile phone with his target’s, allowing him to overhear and see any activity on that device completely unnoticed. Isn’t that real yet? If it isn’t, the government seems to want some outside help to make it so.

Hackable hotel room locks to be replaced by manufacturer

Following a sudden surge of hotel room break-ins after the discovery of a simple door lock hack, lock firm Onity is chipping in to replace affected hotel door locks. Onity is currently working with Marriott, InterContinental Hotel Group, and Hyatt hotels to replace the insecure door locks in their hotels, and are planning to cover at least some of the cost.

The vulnerability in the hotel room door locks was first discovered back in July during the Black Hat security conference. The hack involves hooking up a $50 device into the data port under the lock and using the device to hack the lock’s firmware. Back in August, Onity stated that it wouldn’t pay to replace the locks, but instead offered a free plug to block the data port.

Onity’s locks are implemented on over 4 million hotel room doors around the world, and the company has agreed to pay at least a fraction of the costs of replacing the door locks with updated and more secure options. Onity and their clients have come up with written agreements for reimbursement of the door locks.

The total cost of replacing the locks hasn’t been disclosed, although Onity charges $11 for every new circuit board it installs in the locks, and a $10 charge is assessed for every lock that Onity performs an on-site firmware upgrade on. Essentially, if all 4 million hotel door locks were replaced and updated with new firmware, the total cost would be around $84 million.

[via Forbes]


Hackable hotel room locks to be replaced by manufacturer is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Former Windows hacker joins Apple, helps protect OS X from malware

Apple has hired Kristin Paget, a former Microsoft employee who worked as a hacker for the company, which used her and a few others to find security issues in Windows Vista. After working for Microsoft, Paget was employed by Recursion Ventures, a security firm. Now Apple has snapped her up to focus on security for OS X.

If her LinkedIn profile is anything to go by, Paget now works as Apple’s Core OS Security Researcher. She has long been known as an accomplished hacker, having set up a system to intercept cell phone calls during Defcon, among other things. There’s no official word on what her tasks are at Apple, aside from the fact that they’re security-related.

Rumor has it that Paget is tasked with responsibilities revolving around malware protection. This comes soon after Apple has been forced to deal with the Flashback trojan, something that infected over half a million Macs earlier this year. This is another indication that threats against Macs are growing, and Apple is getting a jump on the issue.

Paget confirmed to Wired that she has been hired by Apple, but declined to offer further comment. Apple likewise declined speaking on the issue. We’re not likely to hear much – if anything – on her activities at Apple. She did reveal not too long ago information about her days at Microsoft, however, stating that she and the team were responsible for uncovering so many bugs that Microsoft was forced to extend Vista’s shipping date.

[via Wired]


Former Windows hacker joins Apple, helps protect OS X from malware is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

The Hardware Hackers Use to Crack Your Passwords

We often write about the ingenious new tricks developed by hackers to penetrate security systems, but rarely do we see how they go about their work. Here’s the kit they use to crack your password. More »

HTC HD2 gains Windows Phone 8 port

It’s time again to call forth the beast from the pits of hacker heaven, that being the legendary HTC HD2, originally running Windows Mobile 6.5 back in 2009, here now with Windows Phone 8. This device has been a bit of a golden egg for hackers over the past few years, with the challenge being to get the newest and most fabulous mobile operating system running on it. Now it seems that even Windows Phone 8, a mobile operating system that has hardware requirements built-in, is no longer safe!

What you’re seeing here above and below are a set of photos from WPCentral showing how the device is indeed running Windows Phone 8, a software that would certainly have to be twisted and tweaked to heck to have it allowed on such a relatively ancient smartphone. With Windows Phone 8.0.97 running on a Qualcomm QSD8250 Snapdragon processor with a single 1GHz Scorpion CPU and Adreno 200 graphics, we’ve got to wonder if the software is able to creep by at a respectable pace.

With its 480 x 800 pixel display across 4.3 inches, users working with this build will still be seeing 217 ppi, a respectable density for a display even by today’s standards. Of course the HTC DROID DNA’s 440 is in a brand new league, but that’s beside the point. Today it’s all about the glory of getting a software working on a device for which it was never intended.

The HTC HD2 has been hacked to work with Windows Phone 7 as well as 7.5 and 7.8 as well – not to mention the most epic port of all: Android. Don’t forget that it ran MeeGo 1.1 as well! Modders from team DFT presents this hack and reminds us that even with Microsoft’s next-level software-hardware security they call “handshaking” in the form of Bitlocker, there’s always a way to get past.


HTC HD2 gains Windows Phone 8 port is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.