Author Archives: Patrick Howell O'Neill

Another well-known hacking group using leaked NSA hacking tools

Posted on by

A familiar hacking group is using leaked NSA hacking tools and other cyberweapons in an increasingly active and ambitious strategy against its targets, according to a new report from Symantec. The group, known as “Chafer,” successfully compromised one of the biggest telecom firms in the Middle East last year in an attack that may have set up surveillance across the region. Chafer is linked to a group called OilRig, a highly active Iranian hacking group that’s shared command and control infrastructure and infection vectors with Chafer. The group may have been active as early as 2011. Chafer was first spotted in 2015 targeting mostly telecoms and airlines in the Middle East as well at least one business as the United States. “We have seen a shift compared to where they were three years ago,” said Symantec Technical Director Vikram Thakur. “They used to attack a majority of targets within the country of Iran. […]

The post Another well-known hacking group using leaked NSA hacking tools appeared first on Cyberscoop.

Continue reading Another well-known hacking group using leaked NSA hacking tools

Tor executive director Shari Steele to step down

Posted on by

The Tor Project’s executive director Shari Steele resigned from her role leading the prominent organization dedicated to building online anonymity software, CyberScoop has learned. Steele, previously the executive director at the Electronic Frontier Foundation, became executive director of Tor in 2015. Much of the early part of her time at Tor involved dealing with the aftermath of the numerous sexual assault accusations leveled at predecessor Jacob Appelbaum, previously a high-profile member of some activist circles. Appelbaum has denied all accusations. The Tor Project underwent something of a reset in recent years, bringing in a new board of directors to work alongside Steele. Dealing with the aftermath of the Appelbaum incidents — and the accusations that Tor leadership had long known and ignored the problem — has partly defined Steele’s tenure. Steele will serve until Dec. 31. The organization is now actively looking for a replacement. This story is developing and will […]

The post Tor executive director Shari Steele to step down appeared first on Cyberscoop.

Continue reading Tor executive director Shari Steele to step down

Criminals sell counterfeit certificates to make malware look legitimate

Posted on by

Enterprising cybercriminals are selling counterfeit digital certificates that allow hackers to disguise their malware as legitimate software, according to a new report from the cybersecurity firm Recorded Future. The fraudulent files, which act like valid code signing certificates, render malware invisible to a large number of anti-virus engines. “It’s not a cheap commodity,” said Andrei Barysevich, Recorded Future’s director of advanced collection. “But once you sign a payload with the certificate, then the file becomes pretty much undetectable by any antivirus out there.” Barysevich’s team found a small group of independent vendors in the Eastern European cybercrime markets selling counterfeit code signing certificates to Russian-speaking customers. The fake certificates are not stolen from legitimate owners but are instead created using real information that can deliver a unique, working and effectively real certificate to hackers willing to pay. A 2017 paper from the University of Maryland highlighted the issue and showed that digitally […]

The post Criminals sell counterfeit certificates to make malware look legitimate appeared first on Cyberscoop.

Continue reading Criminals sell counterfeit certificates to make malware look legitimate

Hackers will target Putin’s reelection effort, Russian security chief warns

Posted on by

A top Russian official warned that foreign hackers could be targeting the country’s March presidential election in which incumbent Vladimir Putin seeks his fourth term in office. Nikolai Patrushev, Russia’s Security Council Secretary, sounded an alarm this week saying that “there has been considerable expansion in the range of tasks pursued by foreign computer intelligence services” ahead of the election on March 18, according to Russian state media. “The carrying out of cyber operations is also projected, including ones aimed at disrupting the ability of the government to conduct elections,” he said, calling for stronger cybersecurity for Russia’s election infrastructure. The Russian chief warned specifically about attacks against the GAS Vybory, the national vote-counting system. Patrushev, like Putin, is formerly a director of the Russia’s FSB intelligence agency. He also warned Russian officials against using foreign internet services like Google and Yahoo, a mirror of the U.S. government recently banning the Moscow-based cybersecurity company Kaspersky Labs from […]

The post Hackers will target Putin’s reelection effort, Russian security chief warns appeared first on Cyberscoop.

Continue reading Hackers will target Putin’s reelection effort, Russian security chief warns

Report: cybercrime causes over $600 billion in damages annually

Posted on by

Cybercrime and espionage have caused over $600 billion worth of damages annually in recent years, according to new estimates from the Washington D.C. think tank Center for Strategic and International Studies (CSIS) and American cybersecurity firm McAfee. “When we talk about impact of cybercrime, really it’s an economic impact with significant ramifications toward things like jobs, opportunity, investment, innovation,” said Raj Samani, McAfee’s chief scientist. “The objective is to change the discussion from this-country-does-that to how cybercrime impacts all of us, why it matters and how to address it.” The total cost is rising. A 2014 estimate from CSIS put the annual cost of hacking at around $500 billion. Increasingly sophisticated hackers, quick adoption of new technology as well as the growing professionalization of cybercrime has made being a profitable crook online easier than it’s ever been. Even so, cybercrime ranks behind government corruption and narcotics trafficking for annual cost to the world, according […]

The post Report: cybercrime causes over $600 billion in damages annually appeared first on Cyberscoop.

Continue reading Report: cybercrime causes over $600 billion in damages annually

uTorrent vulnerabilities allow information disclosure and remote code execution

Posted on by

A BitTorrent client with more than 100 million users suffered numerous critical vulnerabilities including remote code execution and copying downloaded files, according to new information from Google’s Project Zero. Users were left exposed for several hours on Tuesday when the bug was public and a new security patch didn’t quite work. A new and effective patch was delivered Tuesday night. Google security researcher Tavis Ormandy informed BitTorrent Inc. of the issues with the uTorrent client in December 2017. A patch was made public early Tuesday but Ormandy says that, after a small tweak, his exploits continued to work in the default configuration. “This issue is still exploitable,” Ormandy explained. “The vulnerability is now public because a patch is available, and BitTorrent have already exhausted their 90 days anyway. I see no other option for affected users but to stop using uTorrent Web and contact BitTorrent and request a comprehensive patch.” On late Tuesday night, BitTorrent Inc.’s […]

The post uTorrent vulnerabilities allow information disclosure and remote code execution appeared first on Cyberscoop.

Continue reading uTorrent vulnerabilities allow information disclosure and remote code execution

Indictments reveal how Russia’s 2016 election information warfare worked

Posted on by

Russian operatives were able to obfuscate their activities in 2016 by stealing the identities of U.S. citizens, renting servers based in the U.S. and using a VPN all while posting targeted propaganda on social media to disrupt American politics, according to a new and lengthy criminal case against multiple Russian nationals. The Justice Department on Friday released an indictment against 13 Russian individuals and three Russian companies accused of violating federal U.S. criminal law to interfere with the 2016 U.S. presidential election. The defendants are charged with conspiracy to defraud the United States, wire fraud and identity theft. Special Counsel Robert Mueller’s investigation into Russian interference released the detailed charges Friday, accusing a long list of Russians of supporting Donald Trump’s presidential campaign and working against Hillary Clinton’s candidacy. A recent leak of Julian Assange’s personal messages showed WikiLeaks pushing for the same goal. “The defendants waged what they called ‘information warfare against the […]

The post Indictments reveal how Russia’s 2016 election information warfare worked appeared first on Cyberscoop.

Continue reading Indictments reveal how Russia’s 2016 election information warfare worked

Two Russians sentenced to prison for role in hacks against U.S. companies

Posted on by

Two Russian men were sentenced to prison in the United States on Wednesday after they pleaded guilty to their roles in one of the largest hacking schemes to ever hit the U.S. Vladimir Drinkman, 37, was sentenced Wednesday to 12 years in prison and Dmitriy Smilianets, 34, to 51 months and 21 days in prison. The pair were arrested in the Netherlands in 2012 and pleaded guilty in 2015. Prosecutors said there were 17 corporate victims, and three of them alone lost more than $300 million combined. As friends in Moscow, Drinkman and Smilianets “targeted major corporate networks, compromised 160 million credit card numbers and resulted in hundreds of millions of dollars in losses,” according to the Justice Department. “Drinkman and Smilianets not only stole over 160 million credit card numbers from credit card processors, banks, retailers, and other corporate victims, they also used their bounty to fuel a robust underground market for hacked […]

The post Two Russians sentenced to prison for role in hacks against U.S. companies appeared first on Cyberscoop.

Continue reading Two Russians sentenced to prison for role in hacks against U.S. companies

U.S. Air Force pays out $103,883 to hackers in bug bounties

Posted on by

The U.S. military’s love affair with bug bounty programs continues. The second iteration of “Hack the Air Force” in December paid out $103,883 in bounties to freelance hackers for 106 vulnerabilities found over a 20-day period. The highest bounty was $12,500, the largest paid by the U.S. government to date. The Air Force’s first bug bounty program launched in April 2017 following similar efforts like Hack the Pentagon and Hack the Army  in 2016. In total, more than 3,000 vulnerabilities have been found in federal government systems since the programs began. The bug bounty platform HackerOne, a private company, continues to handle the military’s bug bounty initiatives. Air Force CISO Peter Kim, who helped kick off and cheerlead the service’s first round last year, also played a leading role this time. “We continue to harden our attack surfaces based on findings of the previous challenge and will add lessons learned from this round,” Kim said in a […]

The post U.S. Air Force pays out $103,883 to hackers in bug bounties appeared first on Cyberscoop.

Continue reading U.S. Air Force pays out $103,883 to hackers in bug bounties

Why Salon is turning to cryptomining

Posted on by

Tuesday was an interesting day in the history of cybersecurity and media technology. In an effort to make money in the face of ad blockers, progressive news outlet Salon.com began to use opt-in cryptocurrency miners on readers’ computers. Using Coinhive, a piece of software that’s been described as the most prevalent malware currently online commonly used in attacks known as cryptojacking, the media group is now mining Monero. But Salon’s approach is clearly different. A big informational pop up window at Salon.com tells the user what’s going on and gives the their options: Turn on ads, pay a subscription or mine cryptocurrency for the website. It’s a fascinating move from multiple perspectives. For media and its dwindling ad dollars, it’s a potential revenue stream. For security, it’s a novel tactic when ad blockers are recommended by cybersecurity experts as a defense against the persistent threat of malvertising. For cryptocurrency, it’s a […]

The post Why Salon is turning to cryptomining appeared first on Cyberscoop.

Continue reading Why Salon is turning to cryptomining