Posts Tagged ‘hacker’
Wednesday, March 18, 2015 @ 04:03 PM gHale
A hacker appears to be holding South Korea’s nuclear program for ransom, saying he wants money to keep the stolen and sensitive information private.
The hacker posted on Twitter documents relating to an advanced power reactor, using an account under the name of the president of an anti-nuclear group in Hawaii, according to a report in the International Business Times.
The state-run Korea Hydo Nuclear Power Co. (KHNP) has not been able to identify how sensitive the documents are, but assured they could not include classified information because its server remained isolated since last year, the report said.
The hacker did not put a price on the ransom, but claims other countries want to buy information about the nuclear reactors.
“Need money. Only need to meet some demands… Many countries from Northern Europe, Southeast Asia and South America are saying they will buy nuclear reactor information. Fear selling the entire information will undermine President Park (Geun-hye)’s efforts to export nuclear reactors,” the hacker said in a post.
This is the fifth posting of this kind since December 15, including a post which threatened to “bring destruction” unless the country’s nuclear reactors were shut down before Christmas last year.
“Since the so-called anti-nuclear group made its fifth release of information on Dec. 23, no cyber-attack or information leak has taken place while the documents released today appear to have been obtained long before,” KHNP said in a release.
In the most recent post, the hacker threatened to attack the company with 9,000 viruses, after an additional 7,000 have reportedly already ended up discovered.
Wednesday, November 20, 2013 @ 06:11 PM gHale
The Anonymous hacker who earlier this year pleaded guilty to conspiracy and hacking charges regarding breach of Strategic Forecasting, will spend the next 10 years in prison.
Jeremy Hammond also admitted leaking information stolen in this hack, as well as breaking into computer systems of the Arizona Department of Public Safety, FBI’s Virtual Academy, Vanguard Defense Industries, and several more defense companies and law enforcement organizations, and stealing and leaking confidential information store in them.
Police arrested Hammond in March 2012, along with several LulzSec and Anonymous members, and the FBI had then revealed they managed to discover their real-life identities and to connect them to the crimes by using 28-year old LulzSec leader Hector Xavier Monsegur, aka “Sabu,” as an informant.
Hammond underwent sentencing Friday by Loretta Preska, Chief Judge of the U.S. District Court for the Southern District of New York, before a courtroom full of journalists and activists that came to support him.
Before his sentence, Hammond read a prepared statement in which he said “the acts of civil disobedience and direct action that I am being sentenced for today are in line with the principles of community and equality that have guided my life,” and that he felt he had an obligation to use his skills to expose and confront injustice, give that the peaceful protests he was involved in the past did nothing to change any of the things he wanted to change.
He also stated again that Sabu, under the direction of the FBI, provided information about possible targets they should attack, and among them were also websites belonging to foreign governments (the identities of which the judge ordered redacted).
“The U.S. hypes the threat of hackers in order to justify the multi billion dollar cyber security industrial complex, but it is also responsible for the same conduct it aggressively prosecutes and claims to work to prevent,” he said. “The hypocrisy of ‘law and order’ and the injustices caused by capitalism cannot be cured by institutional reform but through civil disobedience and direct action. Yes I broke the law, but I believe that sometimes laws must be broken in order to make room for change.”
Hammond has already served 18 months in federal detention, and will be eligible for parole in four years. In addition, after his release, he will also have three years of supervised release.
Tuesday, September 3, 2013 @ 06:09 PM gHale
In Java 7 Update 21, Oracle introduced a system that warns users if they are about to execute an app not signed with a digital certificate, but a security expert found it is easy to forge the name of the app that appears in the security dialog.
“The problem is that the ‘Name’ in this ‘security’ dialog contains an unsigned application name that can be easily forged (it comes from the unsigned web page) – at will – by anyone – a basic failure by Oracle in code signing 101 rules – only present information to the end user that was actually signed by the Publisher,” said Jerry Jongerius, the founder of Duckware, and the person who found this and other flaws in Java.
Jongerius developed a test page that demonstrates the application name in the Java security dialog window can end up changed.
Jongerius said this shows the level of trust with the new Java security dialogs is not entirely accurate.
He said the risk associated with this vulnerability is low. However, a hacker could compromise an unsuspecting user’s computer simply by tricking him into running a malicious app disguised as an innocent, trusted application.
Jongerius said Oracle already knew about since several people from the company’s IP addresses visited the test page he developed.
In addition to the name, an attacker could also change the name of the JAR file displayed in the security dialog.
“Once a Publisher signs a JAR file, there is NO legitimate reason (other than hacker activity) for Oracle to allow the JAR to be renamed to something else,” Jongerius said.
Finally, Jongerius said Oracle’s new MANIFEST.MF “codebase” attribute, which should prevent a repurposed app, and the Java sandbox don’t work properly.
Tuesday, May 21, 2013 @ 04:05 PM gHale
A Romanian hacker serving five years in prison for working with a criminal gang that planted ATM skimmers and stole card information designed a new device aimed at preventing skimmers from ripping off ATMs – all from the comfort of his cell.
Valentin Boanta, 33, serving five years in a Romanian prison for supplying the skimmers he made himself to the gang, is now using his skills for the good guys as he designed the Secure Revolving System (SRS).
Outwardly it is a trapezoidal metallic box around 6 inches long with the card slot in the middle. Simply put, the SRS goes over the ATM’s card slot or incorporates into new ATM models, and requires cards to insert into the device longer side first. It then rotates the card and pushes it into the slot, and performs all these steps in reverse when the card is ready to come back to the proper user.
Boanta contacted Bucharest-based firm MB Telecom and they took a flyer on him and is helping to develop and patent the device, which just won an award at this year’s edition of the International Exhibition of Inventions in Geneva. He was not able to collect the award in person.
“Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction,” Boanta said in a Reuters report. “So that the other part, in which I started to develop security solutions, started to emerge.”
MB Telecom president Mircea Tudor, who’s also had a hand in perfecting the device, said they expect to hire Baonta after he gets out of prison in four and a half years.
“All ATMs have ageing designs so they are prone to vulnerability, they are a very weak side of the banking industry,” Baonta said. “Every ATM can be penetrated through a skimming crime. My security solution, SRS, makes an ATM unbreachable.”
Romanian hackers stole about $1 billion from U.S. accounts in 2012, according to the U.S. embassy in Bucharest. A report by Verizon said Romania was the world’s second-biggest hacking center after China. The FBI has even set up an office in Romania and helped to train specialist police agents.
Monday, March 4, 2013 @ 04:03 PM gHale
A hacker doing time in the UK for hacking, ended up taking an IT course the prison offers inmates to prepare themselves for a successful entry back into society upon their release, ended up breaking into the prison’s mainframe.
Nicholas Webber, 21, the founder of the GhostMarket online forum where cyber crooks were able to trade stolen credit card details, tools to commit computer offenses, and knowledge, is the inmate enrolled in the IT class at HMP Isis prison in South London, according to a report in the Daily Mail of London. Apparently, his actions caused ‘major panic’ but it is not clear what, if anything, he managed to access.
Arrested two years ago along with a few accomplices and sentenced to five years in prison, Webber ended up included in the group that took IT lessons provided by the prison in order to teach inmates skills that would help them once they got out.
This incident would have stayed quiet but the prison’s IT teacher, Michael Fox, has an unfair dismissal case against the prison.
Fox said after they discovered the hack, he was held responsible for it and dismissed first by the prison, and then to his employers at the Kensington and Chelsea College where is also worked as a teacher.
He said he was not knowledgeable of Webber’s hacking background and that, ultimately, he wasn’t the one who allowed him to attend the lessons in the first place.
“At the time of this incident in 2011 the educational computer system at HMP Isis was a closed network. No access to personal information or wider access to the Internet or other prison systems would have been possible,” said a Prison Service spokesman.
Further details were not immediately available.
Wednesday, February 20, 2013 @ 01:02 PM gHale
A site for iPhone developers called iphonedevsdk.com was the hub for a Java Zero Day attack on Twitter, Facebook and Apple.
Investigators identified the site as having been the center of a “waterhole” attack, where users end up drawn to the site in question because of its content, according to a Bloomberg report.
Apple is the latest company to reveal it found malware on employees’ laptops, apparently delivered using those drive-by attacks. The methodology appears to be very similar to what Facebook revealed it had been subject to in January. Apple gave no time frame for when it ended up attacked, but, according to Bloomberg, Apple was the first to discover the attacks. Investigators said they suspected the attacks were the work of Eastern European criminals rather than any state-sponsored hacking group.
Apple said it had “identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple.”
Apple also released an update to its Java 6 in Mac OS X which completely removes Java plugin support and directs users to Oracle for their Java 7 and plugin support. Oracle, who released an emergency patch for 50 vulnerabilities on Feb. 1 – in what appears to have been a response to the Facebook and Apple attacks – has released an updated version of that emergency patch with a handful of critical holes also closed.