Hacker groups take justice into their own hands

In a move I’d definitely support hacking group Anonymous recently hacked child porn sites and stole their info and published the names of the newly crowned pedophiles. This is a bold display of hacking and shows how far they can actually go to change things. The problem here seems to be the brutal nature of the hack which is technically illegal, but since the site itself is hosting illegal content its somewhere in the gray area on this one at least.

This almost seems like a good pr move for them. They are showing how hackers can benefit society and they are really showing that they intend to take these sites off the net. I also find it interesting that this group goes about attacking websites and revealing users in such a systematic way that there hacking must be sophisticated to a level beyond my imagination. It will be interesting to see what they do in the future to progress this crusade because the peoples response seemed really positive towards them. Good to see something that’s viewed as back alley illegal, even though its still used by governments, used for good.

Resources:http://hken.ibtimes.com/articles/235922/20111023/lolita-city-anonymous-anon-child-pornography-porn-publishers-hacking-hackers-disabled.htm

Hackers infiltrate major companies

Black Hat Security Conference recently went on. They convened to discuss hack attempts in the past year and future. McAfee revealed that a single hacking group referred to as Shady Rat had infiltrated over seventy companies and governments. Forty two of these were in the US. This surprising show of force has prompted an uproar in the security field it seems as people scramble to try and fix what has been exploited. The majority of hacks are still failing the convention says, but the sophistication is increasing rapidly. Who knows they are definitely a group to watch for in the future.

They went on to say that Shady Rat infiltrated organizations by attaching a specific ad link to an email. When opened they would get a direct connection into the system and be able to manipulate it from behind the scenes. In this way they get free access for long periods of time. The study stated that most hackers stayed inside a system for twelve to twenty-eight months. Insane stuff to think that hackers can occupy a company server for so long without being caught.

Resource: http://www.federaltimes.com/article/20110804/IT01/108040301/1035/IT01

The “Chinese” attack on Google

I decided this week to revisit a very interesting news story late January into early June of this year. Google was hit with a seemingly organized hack attempt. The hackers aimed for the email accounts of high end US Officials as well as political activists and journalists residing in China. The attack originated from China, but has not been officially linked with the government hacks that went on in 2009 and early 2010. Apparently both of the attacks originated from Jinan, China. What got me was the fact they went after high government officials from other countries as well as activists. The Chinese government declined any part in this latest attack, but Google didn’t rule out the possibility that the government was at it again.

The hackers once inside the account changed forwarding settings. Though it isn’t exactly clear what they were after it seems the hackers were trying to keep tabs on what information these people were passing around through email. In the world today not only does each person need to take responsibility and be aware on the internet, this attack shows that even government must be aware of what is going on. A break in high officials email accounts may lead to countless amounts of information winding up in the wrong hands. This coupled with the attacks of early 2010 send a clear message that it doesn’t matter who you are when you’re on the internet, if you’re not careful you are at danger. With the added danger of government hackers it changes the game up a bit. The most interesting part of the article was the type of attack. According to Google these passwords were gained by phishing. Though they may have been more thorough than most phishing scams it just goes to show that nine out of ten times its the user that hands over their password, proving we all need to think more about cyber security.

Resource:

http://www.cbsnews.com/stories/2011/06/01/scitech/main20068093.shtml

Pottermore CyberScam

As you may or may not be aware Pottermore is a new site offering a slightly new experience and expanding the world of JK Rowling’s famous Harry Potter series. What you most likely do not know is that there have been a lot of scams going on through the site. The accounts which were limited while the site is in closed beta are a hot commodity right now and hackers are cashing in. Recently many hackers have turned their attention to hacking the many teens and children with these closed beta accounts. Once they get them they are selling them on the internet for upwards of a hundred dollars.

The other main scam going on is a distribution of these teens and children’s data by offering them a download that is suppose to contain information for an early access account, but in reality is just meant to collect information through key logging and other methods that will expose account information for other sites. Also they seem to be selling this information to marketing companies. The risk here arises from the fact that a lot of the users of this site and those it is targeted towards are most likely still naive about the internet at this point. Children trying to get onto the site have no idea about key logging and the scams that are being offered to them. Personally I think this is why they are so easily targeted and also why this has bloomed into somewhat of a full scale problem.

Resource:

http://www.bbc.co.uk/news/technology-14418007

ATM Skimming

In the world today it’s becoming more and more difficult to trust anyone or anything. Where we once thought surely our banks were safe that isn’t always the case. Not too long ago this was prominently featured in the news. What a criminal would do is mount a fake face plate over the card reader. This was a secondary card reader that would send information wirelessly to them. Usually the people running the scam would be sitting nearby to receive the information on the card number. As you may guess the flaw was that with atm and debit cards there would also be a pin number needed to access an account. To overcome this they would plant a brochure rack or some other such normal thing with a camera. Placing this with a convenient angle to the pin pad they would be able to also collect your pin without you knowing.

The reason this was such a scare was the simple fact that people often trust their banks to the point of being naive. While the ATM’s may be checked it was not often enough to stop people from being tricked. Another contributing factor was the fact that the skimmer while large was not always easily distinguished from the normal face plate and card reader leading people to often overlook it and think nothing was wrong. When you can’t even trust an ATM it becomes alarmingly clear that people need to try and be more aware of their surroundings or risk losing out to these very well done scams.

Reference:

http://www.snopes.com/fraud/atm/atmcamera.asp