A nationwide cyber attack on law enforcement agencies has raised alert in many cities. The latest agency to be attacked was the Jefferson County Sheriffs office in Birmingham and they stated that their security is taken in layer to try and keep information secure. Investigators stated that the hackers are trying to access personal information of law enforcers in the databases and release them publicly.
Author Archives: toaster3
MIT Server Used in Drive-By Attack
A server at the Massachusetts Institute of Technology was hijacked by hackers and used to launch drive-by attacks. The server hosted a malicious script that was used to scan the internet for vulnerable websites and found vulnerable installations of phpMyAdmin which is a web-based database administration tool. The script would locate these vulnerable servers and inject malicious code into the database and over 100,000 sites were affected by this attack. According to BitDefender they tried to contact MIT, but received no response. The server is still online, but is no longer being used to attack websites and BitDefender stated that hackers like to use servers from large organizations because it is easier for them to get through network filters. Also by the time the script is found, it will already have affected more people than a regular bot-infected PC.
Hacker Steals iTunes Accounts
iTunes customers have received a fake email from the address “do_not_reply@itunes.com” that was sent from smtp.com about changing account information. The email message appears legit and is visually identical to a real email from Apple and contains a link to a phishing site which is masked to lead the victim to believe that they are actually going to a legitimate website. The website is hosted on a free domain and when the victims visit the site they are asked to enter their usernames and passwords which are all sent to the hackers. Once they have your accounts, hackers can get useful information such as credit card numbers, phone numbers, and addresses which is what they want. This just shows how easily people can be tricked because most people won’t check the address twice to see if it really is a legitimate site.
Identity Theft
Identity theft is a problem that has existed for a while and is becoming increasingly worse. People are being impersonated by others who are stealing personal information from them and the primary reason behind it is to gain profit. These criminals figure that instead of stealing your money, they can use your identity to get credit cards, make charges to the cards and then just get rid of them when they are finished. People used to break into houses to try and find personal information about an individual in order to “steal” their identity, but now it is much easier for hackers to go and find information online. It is allowing them to reach a wider population and so more and more people are being affected by identity theft. Today more and more personal information is becoming available online and it is just making it easier for hackers to find your information and use it to impersonate you. There are programs like Zeus that hackers are using to infect your computer and steal information like credit card numbers and documents with important/personal information. People need to start being less careless and trusting with their personal information and start trying to be more secure.
Spyware Infects US Military Drones
The United States fleet of Predator and Reaper drones was infected with a computer virus that allowed the hackers to see every action that the person controlling the drones made. One military official said that they keep getting rid of it, but it always seems to come back and they are not sure if this is serious or not. This kind of information could be important to terrorists because they can monitor where the drones are and what they are doing. So far, there haven’t been any incidents of classified information being sent to an outside source, however, there are still many unknowns according to military source. One thing that is still unknown is whether or not this virus was intentionally introduced to these drones or if it was just an accident. They are also unsure of how far this virus has spread and also are not sure how to get rid of it. These drones are important to the U.S. military and have been used in both the wars in Iraq and Afghanistan as well as operations in Libya.
http://www.centralasianews.net/story/858017/ht/Spyware-virus-infects-US-military-drones
Hackers Attack OWS Exposed
Occupy Wall Street (OWS) Exposed is a blog that is a collection of news from Occupy Wall Street and it was the target of a cyber attack. The owner of the site discovered malicious code that was inserted into the website’s infrastructure. The president of the Minnesota Majority group, Jeff Davis said that someone had found a back door to the website and just planted PHP scripts. The people at OWS exposed spent 24 hours fixing the site and getting it to be stable. I guess that whoever attacked the website used DDoS attacks which is used by the hacktivist group, Anonymous and the code that was inserted attacked a vulnerability in one of the widgets on the site and the hackers took advantage of it and attacked the site.
http://dailycaller.com/2011/11/02/hackers-attack-occupy-wall-street-opposition-website/
SQL Injection attack affected 200,000 ASP.Net sites
Hackers launched a successful SQL Injection attack that targets websites built using Microsoft’s ASP.Net platform and according to security researchers, around 180,000 sites have been affected. The hackers planted malicious JavaScript on ASP.Net sites which caused the browsers to load an iframe using a remote site and attempt to load malware onto the individual’s computer without them knowing by using browser drive-by exploits. With these exploits the person doesn’t need to open any files or click on anything for their computer to become infected. The attackers are using known exploits which means that there are patches available so as long as anyone who visits the site is using a newer updated browser will not be affected and only those who are using outdated browsers that are unpatched can become infected. Researchers at Armorize said that only a handful of antivirus programs are able to detect the malware that is loaded onto a computer during one of these drive-by exploits. Microsoft has offered information on how to protect against SQL injection attacks and said that “any procedure that constructs SQL statements should be reviewed for injected vulnerabilities because SQL Server will execute all syntactically valid queries that it receives.” Although this attack has affected almost 200,000 sites, as long as you use an up to date browser with all the patches and the latest version of Adobe PDF, Adobe Flash, or Java you should be fine.
Students Change Grades
At Golden High School in Colorado there were a group of students who hacked into the school’s computer system and changed grades for themselves and also some other students. The investigators thought that maybe the students hacked into the campus portal system, which is used to view grades, schedules, and attendance. They do not know for sure how many grades were changed, but they estimated that anywhere between 15 and 200 students had their grades changed. The teachers used their computers to store the students’ grades and they didn’t use grade books so now they are unsure of who has the correct grade. The teachers are having the students bring in any homework, tests, quizzes, notebooks so that they can try to fix the grades which is inconvenient for everyone. Some students probably won’t end up receiving the correct grade if they lost any of their work and even at the end of the article it says “Golden students say they wonder if they can have confidence in their grades.” No information was released on how many students were involved or how they were able to hack into the computer system, but the superintendent said that once her staff finds out how it happened, the security of the network will be increased.
http://www.9news.com/news/story.aspx?storyid=63092&catid=222
Eavesdropping
Just like how someone can use a scanner to listen to phone conversations, hackers can use programs to retrieve data from you by scanning your network. It really doesn’t take much and since it’s a passive attack, you can let the program run and then sit back. It is very difficult to notice when someone is intercepting data from your network and not too many people really think about it. Hackers use programs called packet sniffers to scan your network and collect packets which they can analyze and gather data that is sent through your network. An example of a packet sniffer is Wireshark which is a free, open source packet analyzer that is used to monitor packets that are being sent through a network. While not everyone uses these programs for that reason, there still are many people that will. Though there are certainly many more programs that are much better and able to do much more which people can pay for, people can still download free programs and use them. Although it is difficult to determine what information is valuable and what information isn’t, but most hackers don’t even care, they can take what they are able to get and use it against you. It really isn’t hard for people to steal data because of these programs and it’s even worse that most people don’t find out until it’s too late that is assuming that they do find out.
http://www.ids-sax2.com/Knowledgebase/Network-Eavesdropping.htm
