Posts Tagged ‘hacker’
Monday, March 4, 2013 @ 04:03 PM gHale
A hacker doing time in the UK for hacking, ended up taking an IT course the prison offers inmates to prepare themselves for a successful entry back into society upon their release, ended up breaking into the prison’s mainframe.
Nicholas Webber, 21, the founder of the GhostMarket online forum where cyber crooks were able to trade stolen credit card details, tools to commit computer offenses, and knowledge, is the inmate enrolled in the IT class at HMP Isis prison in South London, according to a report in the Daily Mail of London. Apparently, his actions caused ‘major panic’ but it is not clear what, if anything, he managed to access.
Arrested two years ago along with a few accomplices and sentenced to five years in prison, Webber ended up included in the group that took IT lessons provided by the prison in order to teach inmates skills that would help them once they got out.
This incident would have stayed quiet but the prison’s IT teacher, Michael Fox, has an unfair dismissal case against the prison.
Fox said after they discovered the hack, he was held responsible for it and dismissed first by the prison, and then to his employers at the Kensington and Chelsea College where is also worked as a teacher.
He said he was not knowledgeable of Webber’s hacking background and that, ultimately, he wasn’t the one who allowed him to attend the lessons in the first place.
“At the time of this incident in 2011 the educational computer system at HMP Isis was a closed network. No access to personal information or wider access to the Internet or other prison systems would have been possible,” said a Prison Service spokesman.
Further details were not immediately available.
Wednesday, February 20, 2013 @ 01:02 PM gHale
A site for iPhone developers called iphonedevsdk.com was the hub for a Java Zero Day attack on Twitter, Facebook and Apple.
Investigators identified the site as having been the center of a “waterhole” attack, where users end up drawn to the site in question because of its content, according to a Bloomberg report.
Apple is the latest company to reveal it found malware on employees’ laptops, apparently delivered using those drive-by attacks. The methodology appears to be very similar to what Facebook revealed it had been subject to in January. Apple gave no time frame for when it ended up attacked, but, according to Bloomberg, Apple was the first to discover the attacks. Investigators said they suspected the attacks were the work of Eastern European criminals rather than any state-sponsored hacking group.
Apple said it had “identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple.”
Apple also released an update to its Java 6 in Mac OS X which completely removes Java plugin support and directs users to Oracle for their Java 7 and plugin support. Oracle, who released an emergency patch for 50 vulnerabilities on Feb. 1 – in what appears to have been a response to the Facebook and Apple attacks – has released an updated version of that emergency patch with a handful of critical holes also closed.
Friday, December 14, 2012 @ 01:12 PM gHale
A vulnerability affecting Internet Explorer versions 6 through 10 could make it possible for a hacker to monitor the movements of your mouse, even with a minimized browser window.
This means an attacker could learn passwords and PINs if they end up typed on a virtual (on-screen) keyboard, said researchers at UK-based web analytics firm Spider.io. Two display advertising networks are already exploiting it, the company said. It refused to name them in its statement.
“As long as the page with the exploitative advertiser’s ad stays open — even if you push the page to a background tab or, indeed, even if you minimize Internet Explorer — your mouse cursor can be tracked across your entire display,” Spider.io researchers said.
The company added, while the problem has been acknowledged by the Microsoft Security Research Center, there are apparently no immediate plans for a patch.
Microsoft published an official blog post on the issue, saying the risk to consumer privacy is almost entirely theoretical, and “the underlying issue has more to do with competition between analytics companies than consumer safety or privacy.”
Spider.io also published the technical details of the exploit, which involves the browser’s global Event object, as well as a game demonstrating how it could monitor user input to a virtual keyboard.
Friday, December 7, 2012 @ 04:12 PM gHale
A Northampton, U.K., man is guilty of one count of conspiracy to impair the operation of computers for his involvement in the DDoS campaign against PayPal and other companies in 2010.
Christopher Weatherhead, 22, was found guilty of conspiracy in the plan initiated by Anonymous called “Operation Payback,” the campaign focused on movie and music industry organizations at the beginning, and then at PayPal, MasterCard, Visa and other financial institutions for refusing to process donations to WikiLeaks.
Russell Tyner, Crown Advocate for the CPS Organized Crime Division, said before the court that the attacks executed by Weatherhead and his fellow conspirators cost the targeted companies over $5.61 (£3.5) million in additional staffing, software and loss of sales.
“These were lawful companies with ordinary customers and hard working employees. This was not a victimless crime,” he said.
Weatherhead’s conspirators and Anonymous members Peter Gibson, 24, Ashley Rhodes, 28, and Jake Birchall, 18, pleaded guilty to the same charge earlier.
During the trial, Weatherhead insisted he had not taken part in the attacks and that he was acting only as a “communications manager” and “online chatroom creator” for Anonymous.”
Sentencing will occur in January.
He is free on bail and cannot use Internet chat relays or post anything online under his known pseudonym or any other name but his own. He also has to wear an electronic tag and will have to abide to a set curfew.
Tuesday, December 4, 2012 @ 05:12 PM gHale
Jeremy Hammond could face up to 30 years to life on charges of conspiracy to commit computer hacking, computer hacking and conspiracy to commit access device fraud after the Southern District Court of New York opened a three-count federal indictment last week.
Hammond, 27, known “Anarchaos,” “sup_g,” “burn,” “yohoho,” “POW,” “tylerknowsthis,” and “crediblethreat,” is being held without bail since his arrest in March on charges connected with last year’s hacking of Strategic Forecasting, or Stratfor, an Austin, TX-based international intelligence broker. The attack was by AntiSec, an offshoot of LulzSec, which is in turn an offshoot of the hacktivist collective Anonymous, officials said.
The government said starting last December, Hammond and others from AntiSec stole information from about 860,000 Stratfor subscribers, including emails, account information, and data from about 60,000 credit cards. The government said he published some of that information online, and used some of the stolen credit card data to run up at least $700,000 in unauthorized charges.
He also stands accused of giving about five million internal emails to WikiLeaks, published under the name The Global Intelligence Files.
Unknown to Hammond, however, was the then-leader of AntiSec, Hector Xavier Monsegur, a New York hacker known as “Sabu,” arrested the previous June, agreed to cooperate with the FBI, officials said. Some of the Stratfor information Hammond uploaded went directly into a honey pot server maintained by the FBI.
At a hearing last week, Hammond was denied bail, based on U.S. District Judge Loretta Preska’s determination he was a danger to the community and a flight risk.
The bail denial sparked another round of protest from Hammond’s supporters. Anonymous published a message on Pastebin demanding that Preska recuse herself for conflict of interest. The group said her husband, Thomas J. Kavaler, was among Stratfor’s clients, and therefore one of the alleged victims of the hack. Kavaler is a partner at Cahill Gordon & Reindel LLP in New York City.
“Judge Preska by proxy is a victim of the very crime she intends to judge Jeremy Hammond for,” Anonymous wrote in a message posted last Friday. “Judge Preska has failed to disclose the fact that her husband is a client of Stratfor and recuse herself from Jeremy’s case, therefore violating multiple Sections of Title 28 of the United States Code.”
Hammond should go to trial sometime next year.
Wednesday, September 5, 2012 @ 12:09 PM gHale
Companies often say “we don’t need security, why would anyone attack us?” Sometimes hackers take valuable company intellectual property, sometimes names and addresses, and even sometimes they take money.
That is exactly what happened to a Berks County, PA, train engine parts manufacturer as a hacker got into its computer system and stole almost $200,000, state police said.
The banking system at CWI Railroad System Specialists, a Barto company, ended up hacked last month, troopers said.
The hacker entered the company’s system and issued payments to banks in Virginia, police said.
No arrests have been made but state police and the FBI continue to investigate.
Using the Internet protocol address, which is essentially each electronic device’s license plate number, investigators were able to track the origin of the attack.
“The IP address of the hacker’s computer comes from Virginia,” Trooper David C. Beohm said. “Once they got into the computer, the hacker made payments to four different banks in Virginia.”
A total of $190,000 went to the banks Aug. 24 and 27, investigators said.
“Malware must have been placed somewhere to make the withdrawal,” CWI Vice President Greg Scott said Sunday. “There is only one computer in our company that has access to our Quaker National Bank account. I don’t know how they could have gotten to it.”
According to investigators, people were waiting at the banks to either deposit the money into an account or cash the checks.
The bank’s fraud protection covered most, but not all, of the stolen money, Scott said. He said bank officials said up to 90 percent of the money has protection.
“I’m very frustrated and confused as to why they wouldn’t cover the whole transaction,” he said.
“It is sad,” Scott added. “We have a very protected server, so it can happen to anybody.”