Cyber criminals are suspected of having hacked into thousands of computers in Finland
Thursday 4.11.2010Dutch police uncovers and dismantles large malicious software botnet
The authorities in the Netherlands have uncovered and dismantled a very large botnet, with which cyber criminals are suspected of having been able to access up to thirty million computers around the world.
A botnet is a complex malicious software - "malware" - distribution network that utilises the servers of unsuspecting hosting providers to distribute for example password-stealing programs.
A botnet is a complex malicious software - "malware" - distribution network that utilises the servers of unsuspecting hosting providers to distribute for example password-stealing programs.
Data security expert Ari Husa from the Finnish Communications Regulatory Authority FICORA suspects that the discovered worm virus may have infected about 8,000 computers in Finland.
The so-called Bredolab Trojan used by the cyber crooks has spyware components attached to it that allow criminals to capture bank login details and other sensitive information from compromised machines.
People’s home computers may have caught Bredolab for example from email attachments or when visiting infected websites.
FICORA aims to inform the public in the coming days on how to rid infected computers of the malware.
Individuals with infected computers may also receive a message from the Dutch police with instructions on what to do next.
The Dutch authorities managed to track down the cyber criminals last summer. In connection with the investigation, 143 servers associated with the botnet were taken down.
The botnet itself was then used to alert the victims that their computers had been hacked into (see the link below).
The crackdown is being considered a major success.
Previously there have been only a handful of similar breakthroughs in the battle against cybercrime.
--------------------------------------------------------------
Hackers from China, Pakistan targeted CWG Sites
Saturday, 16 October 2010 20:39
Breaking News! After the Commonwealth Games 2010 in Delhi ended successfully, it came to light that cyber hackers from China and Pakistan tried to hack the official sites of CWG.
According to latest reports, the hackers from China and Pakistan tried hard to deface the official sites of CWG and disrupt the data networks. But the IT professionals worked through day and night to keep the data secure.
The media reports suggested that most hackers were students from technical institutes and they had the support of government agencies. Around 2,000 instances of cyber attacks were reported during the Commonwealth Games, it is believed.
While most attacks were targeted at Games' official website www.cwgdelhi2010.org, some other government websites also came under attack. Even some popular and small news portals and blogs that exclusively offered news about CWG, were attacked.
Twitter hack: made in Japan
Sep 23, 2010
Tokyo: This week's Twitter attack that caused a widespread headache for the micro-blogging service appears to have been triggered by a Japanese computer hacker who says he was only trying to help.
The attack, which emerged and was shut down within hours Tuesday morning, involved a "cross-site scripting" flaw that allowed users to run JavaScript programs on other computers.
The originator is believed to be someone who uses the name "Masato Kinugawa" in cyberspace and acknowledges creating the Twitter account "RainbowTwtr" that demonstrated the vulnerability.
Through his Twitter account and personal blog, Kinugawa regularly tracks down possible computer security loopholes and notifies companies of their existence. Earlier this year, he pointed out several scripting problems to Japanese Internet company Livedoor, which thanked him with a 15,000 yen (7) gift certificate.
Kinugawa says he contacted Twitter about the weakness on August 14 - but in vain.
"Twitter had not fixed this critical issue long after it had been notified," Kinugawa tweeted. "Twitter left this vulnerability exposed, and its recognition of this problem was low. Rather than have someone maliciously abuse this under the radar, I decided it would be better to urgently expose this as a serious problem and have it be addressed."
The account, which displayed messages in colors of the rainbow, spurred others like Australian teenager Pearce Delphin of Melbourne to spread the word about the vulnerability. "RainbowTwtr" has since been suspended.
In an e-mail to The Associated Press on Thursday, Delphin said he analyzed the code within the "rainbow tweets" and realized it could be tweaked to make a pop-up window appear just by moving a cursor over a message. Other users quickly picked up on Delphin's discovery and made their own changes, infecting unsuspecting accounts around the world.
San Francisco-based Twitter said it does not believe that any user information was compromised and that the "vast majority" of the breaches were pranks or promotions. The company said the attack began when a user, whom it did not identify, noticed a security hole and "took advantage of it."
"First, someone created an account that exploited the issue by turning tweets different colors and causing a pop-up box with text to appear when someone hovered over the link in the tweet," the company said.
The White House's official Twitter feed - followed by 1.8 million users - was among those affected, though the offending message was quickly taken down.
Security breaches were common in Twitter's early days, but the company has since worked to beef up its vigilance and the problems have become less common. Tuesday's hack coincided with Twitter's ongoing rollout of a redesign of its website, which tries to streamline users' Twitter feeds and make it easier to see photos and videos directly on the site, without having to click on a link to YouTube or Flickr.
Twitter said it discovered and fixed this problem last month, and that a recent site update unrelated to the redesign was responsible for its return.
--------------------------------------------------------------
Thanks for reading my post if it's useful please post comments.
