Seattle hacker held for massive retail cyberattack

This week a Russian native hacker was arrested in Cyprus, Seattle in the USA for relatively gigantic attacks on retail outlets back in 2008. Dmitry Olegovick Zubakha, 25, of Moscow was previously held by a Seattle grand jury for conspiracy to intentionally cause damage without authorization to a protected computer as well as unlawful possession of “at least” 15 unauthorized access devices. The attacks being publicized this week took place in 2008 and associated the hacker with illegal activities involving Amazon.com, ebay.com, and Priceline.com over a period of several months.

This case is currently falling on Zubakha but also rests on his supposed partner in crime – and co-defendant – Sergey Vioktorovich Logashov. The indictment at hand only covers Amazon.com for the dates of June 6 and June 9, 2008. Zubakha has been found guilty of using two denial of service attacks against the online retailer which resulted in flooding of the site’s servers with requests that ultimately slowed the site significantly and caused it to crash.

The indictment notes that once the attack was initiated, the defendant called Priceline.com and offered his help as a computer consultant to stop the attacks. The indictment also notes that both men in the case took credit for their attacks in online forums.

According to the Seattle Times, these two men were also caught in possession of over 28,000 stolen credit card numbers back in 2009. This all raises the following question: why weren’t these men behind bars a long time ago?


Seattle hacker held for massive retail cyberattack is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.


Global spam falls by 18% as Grum botnet is knocked offline

There are dedicated botnets out there in the wide world that exist solely for the purpose of distributing spam. Grub, the third largest botnet in the world, was finally taken offline by security experts yesterday, resulting in a dramatic 18% reduction of global spam. Grum’s servers, which were based in Russia, Panama, and the Netherlands, controled around 100,000 PCs. The two botnets that take first and second place, Cutwail and Lethic, are still active.

It took three days for security teams to knock the Grum servers offline, and the team is confident that it won’t be able to start back up again anytime soon: “The botnet does not have any apparent fall back mechanisms that would allow it to spin back up easily in the days to come.” Two command and control servers in the Netherlands were targeted first, then a Panamanian ISP eventually shut down another after feedback from the community.

It wasn’t all that easy, however, as six new command and control servers were enabled in the Ukraine after the Panama server was shut down. Eventually the FireEye Malware Intelligence Lab enrolled heavy cooperation from Russian ISPs and domain registrars, bringing all the servers down once and for all on Wednesday. Some of the bots are still sending out spam, but researchers believe it will eventually wither and die as the template memory runs dry.

[via PCMag]


Global spam falls by 18% as Grum botnet is knocked offline is written by Ben Kersey & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.


Dropbox hires outside experts to investigate reports of spam

Dropbox has received a bunch of reports from users claiming that their accounts had been attacked by spam yesterday. The biggest worry now is that an address leak on Dropbox’s part may be to blame, considering many of the targeted users had only set up unique and private email addresses only to be used with a Dropbox account. Dropbox has since announced that it had hired a group of outside experts to investigate the possible security breach.

It looks like the majority of the spam reports came from European countries, those including Germany, the UK and the Netherlands. For some, the spam run hit them pretty quickly, with one user claiming that they received five spam messages within a span of 11 minutes. You can have a look at what people are experiencing at this point on the Dropbox forums.

There was a 20-minute outage yesterday afternoon, which Dropbox says was not connected to the spam. So far, the outside team of experts has found no evidence of unauthorized activity on Dropbox accounts.

[via PC World]


Dropbox hires outside experts to investigate reports of spam is written by Elise Moreau & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.


Yahoo security breach shows terrible password decisions

While it’s true that Yahoo’s recent security breach, in which a group of hackers used an SQL injection attack to walk off with 450,000 Yahoo Contributor Network passwords, could have been prevented with better security on Yahoo’s part (the company stored the passwords in plain text), it’s also forcing us to come to a rather shocking realization. Apparently, people are still making very dumb decisions when it comes to choosing a password. We should all know by now that the strongest passwords are ones that include a combination of upper and lowercase letters, numbers, and symbols, but is seems no one told that to a number of Yahoo users.


According to CNET, 2,200 of the passwords stolen were simply just “123456″ while another 780 were – you guessed it – “password.” Okay, so maybe 2,980 miserable passwords out of a pool of 450,000 isn’t all that much, but still, there really shouldn’t be anyone using “123456″ or “password” as the most important part of their login credentials in this day and age. When it comes down to it, we’re not sure if we should laugh at the silliness of all of this or cry because of how depressing it is.

Part of the problem here is that Yahoo did not require stronger passwords for the Yahoo Contributor Network, instead accepting any password the end user wanted to roll with. CNET says that Yahoo requires stronger passwords for most of its other sites, so it why it didn’t implement the same policy on the Yahoo Contributor Network is beyond us. This just goes to show that some people prefer convenience over security (at least when it comes to picking a password), so maybe it’s time to finally implement a stronger password policy and force people to pick one that isn’t so obvious?

[via CNET]


Yahoo security breach shows terrible password decisions is written by Eric Abent & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.


Yahoo confirms server breach, over 400k accounts compromised

Yahoo confirms server breach, over 400k accounts compromised

Online account security breaches are seemingly commonplace these days — just ask LinkedIn or Sony — and now we can add Yahoo’s name to the list of hacking victims. The company’s confirmed that it had the usernames and passwords of over 400,000 accounts stolen from its servers earlier this week and the data was briefly posted online. The credentials have since been pulled from the web, but it turns out they weren’t just for Yahoo accounts, as Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and Live.com login info was also pilfered and placed on display. The good news? Those responsible for the breach said that the deed was done to simply show Yahoo the weaknesses in its software security. To wit:

We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.

In response, Yahoo’s saying that a fix for the vulnerability is in the works, but the investigation is ongoing and its system has yet to be fully secured. In the meantime, the company apologized for the breach and is advising users to change their passwords accordingly. You can read the official party line below.

At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.

Filed under:

Yahoo confirms server breach, over 400k accounts compromised originally appeared on Engadget on Thu, 12 Jul 2012 14:41:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceTechCrunch, New York Times  | Email this | Comments

How to Check If Your Email Password Was One of 453,000 Leaked This Morning [Security]

The passwords to 432,000 email accounts were leaked earlier today. They were leaked from an older Yahoo file associated with the Yahoo! Contributor Network. Yahoo claims that only about 5 percent of the accounts had valid (current) passwords, but here’s how to check if your ancient account is one of them. More »

Yahoo confirms 400k account hacks

Early this morning it was revealed by a group of hackers, and now confirmed by Yahoo, that they’d busted past Yahoo’s security forces and posted the passwords for 400,000 user accounts online. This posting was accompanied by a note that warned Yahoo and similar sites to re-think their security measures. Meanwhile Yahoo has stated that they are investigating the matter and that, of course, they encourage everyone in their network to change their passwords immediately and frequently thereafter to retain privacy for all of their accounts.

The first note to be pushed today was made by the group of hackers responsible for the incident, this note telling Yahoo that they do not mean to cause the organization any harm, but that they wish Yahoo to take action in the form of much higher security measures in the future. This note read thusly:

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly.” – Anon

Not to be mistaken for the hacker collective known as “Anonymous”, this initiative simply did not sign their name anywhere in the document. According to the BBC, Yahoo has sent a message out to them to confirm the situation and their actions in short:

“We are currently investigating the claims of a compromise of Yahoo! user IDs. [We encourage users to] change their passwords on a regular basis.” – Yahoo Spokesperson

This would be a great opportunity for everyone out there reading this post to head to your many varied accounts and change your passwords from something silly like “password123″ to something a bit more challenging like “donot8pickthis9!” That way you’ll be a bit more secure and wont be dumped like the 400k users today were overnight.


Yahoo confirms 400k account hacks is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.


Hackers Grab and Expose 453,000 Yahoo Login Details [Yahoo]

Hacking collective D33Ds Company has posted login details for more than 453,000 user accounts that it claims to have retrieved in plaintext from an unconfirmed service on Yahoo. More »

Samsung to offer Galaxy S III Developer Edition for Verizon

Certain customers hoping to get their hands on the Verizon version of the Samsung Galaxy S III weren’t happen to hear that the handset would feature a protected bootloader, especially when variants on other carriers didn’t have the same “feature.” Samsung’s solution is to offer a developer edition of the phone for those who want full access, although it’ll only be available at an unsubsidized price of $599.

It’s a little disappointing considering Galaxy S III models available from other carriers have an open bootloader, but at least Samsung is offering a solution for Verizon customers that really want it. Motorola followed a similar plan in Europe, offering a developer edition of the Motorola RAZR while the standard retail model shipped with a locked and protected bootloader.

Samsung has also posted a Q&A regarding the developer edition of the Galaxy S III. The main points to take away are that Samsung will sell the developer edition directly through its website for the full retail price, and that if you manage to brick the phone as a result of tinkering with custom ROMs, you won’t be covered by the standard warranty. The phone doesn’t seem to be available just yet, but keep checking developers.samsung.com if you absolutely need full control over your phone.

[via Android Central]


Samsung to offer Galaxy S III Developer Edition for Verizon is written by Ben Kersey & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.


Anonymous picks up litter in latest protest effort

This week it seems that the collective known as Anonymous has taken to picking up trash in the streets in order to push forth as a positive force in the world of activist computer hacking. This protest has been made against a recent revision of Japanese laws against illegal downloads of media on the web. This protest is an effort to show the world that Anonymous is not a terrorist organization, instead representing themselves with an act of public good to show their dissent against what they feel are unfair internet laws.

It was a collection of 80 members of the Anonymous conglomeration that hit the street this week in Tokyo, complete with their V for Vendetta Guy Fawkes masks and their iconic black suits as well. They hit Tokyo’s Shibuya Ward and made a quick thing of it, making sure there were plenty of photographers around to capture the event as it went down.

The folks in Anonymous have been vocal, for their part, in letting the world know that they feel Japan has not done an adequate job of representing the full truth about the laws they’re protesting and the changes that have been made in Japanese law as of late regarding web downloads. This protest has been called just one of many upcoming “Cleaning Service” protests Anonymous has said they’ll be making, with future litter removal dates planned for the future around the world.

Hopefully they’ll be showing up in your local town soon, clean streets as a protest for everyone!

[via Japan Daily Press]


Anonymous picks up litter in latest protest effort is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.