Steam server attackers grabbed passwords, credit card data

As Bethesda Software was preparing to release Skyrim, the latest installment of its mega popular Elder Scrolls series, news that the forum of Steam, the online platform/distribution network of Valve Corporation, have been defaced and possibly breached.  The users were alerted to the fact that something was amiss with the appearance of a promoted discussion thread within which a site offering cracks for games was being promoted. Suspicions that the breach went beyond common defacement begun to pop up as users began sharing on the forum that they were receiving spam emails promoting the very same site.

The company took down their own game servers to try to resolve the issues causing for a lot of unhappy premature users.  By the time of the actual release day of Skyrim the game was back online to users with access to the platform.  They are unsure if encrypted credit card information was taken or not but they are sure that usernames and passwords were taken.  They advise that users change passwords and possibly usernames and also check credit card statements very closely in case the hackers did in fact steal credit card information.

Co-founder Gabe Newell released a statement “We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information,” he wrote. “We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.”


Focusing on new technologies instead of security threats

I have a question to ask most companies today.  Why do you lack in security?  With the ever expanding market of technology comes responsibility to keep your users and employees safe from outside attackers.  Many companies are expanding on their security departments, funding, and creating new and updated security policies for their emplyees to follow.  “The best-protected companies are those that are proactive, detecting and managing minor issues before they become major incidents, and for many companies, this means the current mind-set needs to change from a focus on short-term fixes to a holistic, strategic approach” said Bernie Wedge, Americas Information Technology Risk and Assurance leader at Ernst & Young LLP

Securing cloud computing is expected to be a pretty big topic by big businesses for the upcoming year.  A study found that while 80% of organizations currently are using or considering using mobile tablets and 61% are using or considering the use of cloud computing services within the next year, the threat of security breaches has become an after-thought as companies adapt to the rapidly changing landscape.  The survey of 1700 organizations around the world in more than 25 sectors also found that cloud computing is the top security funding priority for the next year.  Although not many companies that took part in the study (1700 to be exact) are planning on using cloud computing, there are enough companies out there that are taking part in the ongoing fight against information security and protecting the cloud.


Hackers attacked U.S. government satellites

Two U.S. satellites were tampered with in 2007 and 2008 by supposed Chinese hackers, according to the soon released U.S.-China Economic and Security Review Commission.  The two satellites, Landsat-7 and Terra AM-1, had been interfered with on four separate occasions, allowing the attackers to be in command of the satellites for two to over twelve minutes each time.

Luckily for the U.S. the two satellites are only used to observe climate patterns and terrain.  These hacks are suspects in case of an open war with China.  We are unclear if the Chinese hackers are states sponsored or not meaning that the hackers weren’t payed by the Chinese government to hack into U.S. satellites.

Just think, hackers were able to hack into a device hundreds of thousands of miles away.  They didn’t even hack into a very important, but if they did, results could potentially be catastrophic.  Having China in control of our military satellites could be devastating because we would be sitting ducks in an open war with China.

According to the article, the hackers were permitted to destroy or block communication of the satellite.  The satellites are controlled from the Svalbard Satellite Station in Norway which often uses the Internet to transfer and access files, it is highly likely that the hackers have managed to break themselves into the station’s system through its Internet connection.



Which mobile OS is most hit by malware?

Although everyone boasts about the performance of their smart phones, they regret to inform you that their smart phone may possibly be one of the most vulnerable devices on the market.  According to the article from, ios users are the least vulnerable.

There are a surprising amount of new attacks that are used to try and harm smart phones.  So far, it seems that users with Symbian-running devices are getting hit with a bigger number of threats than those targeting other operating systems. During August, Microsoft detected around 42,000 of them.  “In the past, the main intent of Symbian-specific malware was to spread via Bluetooth and SMS (by distributing a URL leading to a copy of the malware), or to overwrite the mobile device’s system files, rendering the device unusable. However, malware on this platform seems to be evolving,” says Microsoft’s Marianne Mallen, and says that Zeus-in-the-mobile (“ZItmo”) and SpyEye-in-the-mobile (“Spitmo”) are the most recently detected and arguably the most dangerous for the user.

The Java ME platform takes second place, with nearly 24,000 threats detected in August, mostly apps sending text messages to premium rate numbers. When it comes to Android malware, the numbers are rather low when compared to those for the previous two platforms; around 2,800 hits in August.

At the end of the list are iOS and RIM. No new threats for Apple’s mobile OS have been discovered this year, and the total number of threats detected in August was around 590. RIM brings up the rear with only 5 malicious apps detected during that month, and can boast of only one completely new threat springing up for it this year: Zitmo.

Trojanized Netflix app steals account login credentials

When Netflix released an Android client app earlier this year, it also witnessed the attempts of various app developers who tried to make a pirated copy of it work on other devices and platforms.  The difference between the actual GUI and the fake app, was barely anything.

Both apps were pretty identical except for some troubleshooting tips that were on the bottom of the login screen asking is they forgot their username or password.   Cyber criminals have also taken advantage of this gap between supply and demand and have pushed out a Trojanized version of the app bent on stealing the users’ account login credentials.

“Despite the fact that there are multiple permissions being requested at the time of installation – identical to the permissions required by the actual app – our analysis shows that this is, in fact, a red herring, probably used to add to the illusion that the end user is dealing with the genuine article,” point out Symantec researchers.

Once the victim enters his account credentials, the information is automatically sent to a remote server which is, luckily, currently offline. Also, the Trojanized app doesn’t react any differently when the incorrect email/password combination is entered.  So, if a client enters in a totally fake and made up username and password, the server would recognize that as an acceptable username password combination.

After the “Sign In” button is pressed, the user is faced with a screen saying that the app is incompatible with his device and urges him to download a different app, but doesn’t link to it or attempt to download it automatically.  A click on the “Cancel” button below that explanation triggers the uninstall process. “Any attempt to prevent the uninstall process results in the user being returned to the previous screen with the incompatibility message,” say the researchers.

I’d say that the android market in general is a dangerous app store, compared to the apple app store.  Apple thoroughly checks every app for any malicious content and then rejects the app if found to be inappropriate.