Monday, 19 August 2013

Anonymous Hacks UK Government Site in Response to Detention of David Miranda

United Kingdom authorities have detained David Miranda, Glenn Greenwald's partner. Greenwald is the journalist responsible for publishing the information obtained by Edward Snowden from the NSA. Anonymous hackers have responded to the incident by hacking a UK government website.
The fact that UK authorities have detained Miranda has been heavily criticized – including by Amnesty International despite the fact that he was released after nine hours of questioning.
For their part, the hacktivists have defaced the official website of the Mole Valley District Council (, which they've used to publish a statement.
“We expect there to be many pointed questions asked in the coming days, both domestically and internationally as to how and why an already ridiculously broad and draconian act of law was ripped of its last remaining shred of legitimacy in what cannot be described as anything other than an act of pure spite and intimidation, an act intended to exert a chilling effect on a stream of high-quality journalistic reporting whose historic importance cannot possibly be overstated,” the hackers said.
The statement is accompanied by a table comprised of the personal details of US government employees. The table includes information on their children, parents, spouses and friends.
The hacktivists say that if Miranda can be detained under terrorism legislation just because he’s related to Greenwald, based on the same theory, other possible terrorists might be related to people working in the US government and military.
“We encourage anyone who is interested in preventing terror attacks to fully investigate these spouses and siblings and mothers and fathers and son and daughters, before they too are embroidered in terrible terror plots of the most heinous variety,” Anonymous members said.
Finally, they conclude their statement with a threat. The hackers say they’re preparing something that’s “befitting the gravity of the crimes.”
“Oh, and before we go, we should probably mention that we have been very, very angry over the last few months -- and very, very busy. The only reason you have not heard from us before now is that we have been waiting and watching as the leaks come out and the spooks trip up over own lies and distortions,” the hacktivists noted.
At the time of writing, the Mole Valley Council website still hosts Anonymous’ statement.

Google: UK privacy laws don't apply to us, we're American

google logo headquarters sign search engine seo
Google has argued that UK privacy laws do not apply to the firm as it is a US-based company.
According to law firm Olswang, Google made the statement after Olswang brought a High Court case against the search giant. The claimants in the case, backed by Safari Users Against Google's Secret Tracking, argue that Google is bypassing the Apple iPhone's built-in security settings in order to monitor and collect users' personal information through the Safari browser.
At the time of publishing, Google had not responded to V3's request for comment on the accusations.
The case is similar to one filed with the US Federal Trade Commission, which ended with Google being fined $22.5m. Claimant Marc Bradshaw said the UK action is designed to make UK authorities take even sterner action against Google, arguing that fines alone will not work.
"It seems to us absurd to suggest that consumers can't bring a claim against a company which is operating in the UK and is even constructing a $1bn headquarters in London. If consumers can't bring a civil claim against a company in a country where it operates, the only way of ensuring it behaves is by having a robust regulator," Bradshaw said.
"Fines would be useless – even if Google agreed to pay them – because Google earns more than the maximum fine in less than two hours. With no restraint Google is free to continue to invade our privacy whether we like it or not."
Olswang partner Dan Tench said the law firm has already started working to make departments such as the Information Commissioner's Office (ICO) take a more proactive and stern approach with Google.
"Our letter to the Information Commissioner conveyed our client's position that fines won't work and urged him to change Google's behaviour through an enforcement notice or other alternative sanctions. The response was that they found our client's position simplistic and difficult to implement," Tench said.
"But a leading QC disagrees and has advised that the Information Commissioner does have stronger powers. We note that France's regulator CNIL has been more robust, announcing a final ultimatum to Google to ensure quickly that its privacy policy complies with European law. Our regulator should listen to consumers and recognise that other sanctions are needed to get Google to behave."
The case is one of many privacy complaints facing Google. In the US, rights group Consumer Watchdog launched a similar complaint against the firm. Last week, Google claimed Gmail users should not expect privacy in a court filing for the case.

Google Code fast becoming hackers' malware mule

malware virus security
A second cyber attack that hides malware in Google Code has been found, according to Zscaler researchers.
Zscaler's Pradeep Kulkarni reported finding the malware, claiming in a public blog post that attackers are targeting vulnerabilities in Google's validation procedures. "Recently we blogged about Google Code hosting malware. Within a month we have observed a second instance where malicious .jar files are being hosted on Google Code," said Kulkarni.
"Using Google code to distribute malware seems to be increasing in popularity, no doubt due not only to the free hosting provided, but also to the positive reputation of the domain. This indicates that there is presently inadequate validation performed by Google prior to content being uploaded to the Google Code site."
The original Google Code attack was uncovered by Zscaler ThreatLabZ security researcher Chris Mannon at the start of August. Unlike the first incident, Kulkarni said the second outbreak hides malware on the hxxp:// and hxxps:// URLs. He said that, while troubling, the architecture of the attack indicates that the hackers' only goal is to store malware in Google Code.
"The two projects are hosted on '' by the same uploader who has an email ID of ''. The second project is also currently live (hosted at "hxxp://") and contains the same 'Client.jar' file. You will note that other links within the projects like Project Home, Wiki and Issues contain minimal information about the project, suggesting that malware-hosting was the only goal," he wrote.
Kulkarni noted that the malware has likely been hiding in Google code for some time, predicting that the number of attacks targeting the platform will continue until the company adds more robust security.
"In the past, we have seen sites such as Dropbox, Google Code and other free hosting providers being leveraged to deliver malware. Free hosting providers, especially those with a positive reputation are becoming popular for attackers to serve malicious content. Enterprises and end users alike, should consider any third-party content, regardless of location, to be untrusted until it has been appropriately scanned," he wrote.
Zscaler is one of many companies to criticise Google's security protocols. Independent security researcher Elliott Kember came to blows with the company earlier this month over how Google's Chrome browser stores passwords.

LastPass Vulnerability Left IE Passwords Exposed, Update Now

SecurityWatch has confirmed with LastPass that a vulnerability existed in its software, leaving some passwords accessible. A patch has already been released and is available to download.
The Vulnerability
We learned about the vulnerability from our reader David Hughes. We in turn informed LastPass who confirmed that the issue was created by a recent update to their system. Their fix should be released today, and we encourage everyone to update their software or download the new version from LastPass. This issue would only affect users of IE with LastPass version 2.0.20.
Our reader informed us that when he performed a memory dump on Windows IE, he was able to retrieve stored LastPass passwords in plaintext. It seems that when the password manager autofills fields in IE, the unencrypted passwords remain accessible in memory. Passwords from previous sessions do not appear to be affected, as quitting IE cleans up the memory. Additionally, passwords which have not been used to autofill fields remain encrypted and cannot be retrieved using this vulnerability.
The issue appears to only affects IE users, so everyone else is safe unless you've been using your browser to store passwords for you—which you should stop doing.
While the issue sounds scary, the scope of the vulnerability is limited. LastPass told security watch, "this particular issue would be extremely difficult to exploit - requiring that you be using IE, that you've logged in to LastPass to decrypt your data, perform a memory dump, hunt through the memory dump, and actually locate the passwords - we have made fixing this a priority because we value the privacy and security of our users' data above all else."
Furthermore, dumping the memory is far easier to do if you have direct access to the target computer—something an attacker is unlikely to have. If an attacker can remotely access your machine and perform the dump, then you probably have a lot more to worry about.
Staying Safe
If you are using this version of LastPass in IE, the update from LastPass will surely take care of the issue, so the best way to stay secure is to download it immediate.
Most importantly, do not stop using a password manager. If you're feeling wary of LastPass, consider our other Editors' Choice DashLane 2.0. Storing and creating unique passwords is a very valuable service, and will absolutely keep you safer online.
We're going to continue to recommend LastPass as a password manager, and I've been impressed with the speed with which the issue has been addressed over the past few days. If any other tipsters out there are interested, you can report issues directly to LastPass from their website —or just drop us a line.

Android under siege from 100,000-strong malware horde

Google Android
The amount of mobile malware targeting the Android community has boomed over the last four months, according to security firm Kaspersky.
Kaspersky researchers reported detecting 100,000 mobile malware variants during the second quarter of 2013, in its latest IT Threat Evolution report.
"Virtually all mobile samples that were discovered in the mobile realm were targeting Android in Q2 - just like in the first quarter of the year. One remarkable milestone was reached right at the end of the quarter - on 30 June the 100,000 modifications barrier (consisting of 629 malware families) was broken," read the report.
The report said 29,695 of the attacks were entirely new, marking a quickening in pace by hackers, who are believed to have created 22,750 new Android malware variants in the previous quarter. The paper said the figure is particularly troubling as each of the malware variants is being carried on a number of Trojan apps.
"We're not counting individual malicious apps, but malicious code samples. These code samples, however, are mostly used in multiple Trojanised apps, resulting in a significantly higher number of malicious apps waiting to be downloaded," read the report.
"The common procedure for cyber criminals is to download legitimate apps, adding malicious code and using them as a vehicle for distribution. The repackaged apps are then uploaded again, especially to third-party app stores. Popular apps are targeted to abuse their reputation, since users are actively searching for them and this therefore makes life easier for cybercriminals."
The researchers highlighted the discovery of a new Obad Trojan as being particularly troubling, confirming it has several new features.
"Those who created [Obad] took advantage of yet another previously unknown flaw in Android OS, which enables a malicious program to gain extended Device Administrator privileges without being listed among the applications having such privileges," they noted.
"This makes it impossible to remove the malware from the mobile device. Overall, the malicious program exploits three previously unpublished vulnerabilities. We have never encountered anything like it before in mobile malware."
The paper listed the Trojan as being particularly dangerous as it grants criminals a variety of powers over the infected device. "It can send SMS messages to premium numbers, download and install other malware on the infected device and/or send it via Bluetooth, as well as remotely perform commands from the console," read the report.
The growth in mobile malware comes during a wider boom in global cybercrime levels, with Kaspersky claiming to have neutralised 983,051,408 incidents during Q2 2013.
Mobile malware has been a growing concern within the security community, with vendors reporting new sophisticated attacks and vulnerabilities on a near daily basis. Most recently Symantec reported finding a flaw in Google Android's cryptographic protocols leaving as many as 360,000 applications open to attack.

PRISM: China to investigate IBM, Oracle and EMC following NSA snooping concerns

Chinese authorities are planning to launch a probe investigating the security of IBM, Oracle and EMC hardware, following concerns that the NSA could be using the tech for cyber espionage purposes as part of its PRISM programme.
According to Reuters, the Chinese government-owned news outlet Shanghai Securities News revealed the plans, quoting an unnamed source as saying: "At present, thanks to their technological superiority, many of our core information technology systems are basically dominated by foreign hardware and software firms, but the Prism scandal implies security problems."
At the time of publishing, EMC had not responded to V3's request for comment and IBM had declined V3's request for comment. Oracle told V3 the company is aware of the report but declined to offer any additional comment.
The decision by China to investigate major US giants comes after the US caused a stir by moving to ban Chinese vendor Huawei due to espionage concerns, as the two nations face off over cyber issues.
The PRISM scandal broke this summer when ex-CIA analyst Edward Snowden leaked documents revealing the NSA has been siphoning vast amounts of web user data from numerous technology companies including Google, Apple, Microsoft, Facebook, Twitter and Yahoo.
The scandal opened a Pandora's box of revelations with reports emerging that numerous other intelligence agencies are running similar campaigns, or used PRISM data for their own operations.
The UK is believed to be one of the worst offenders, with reports suggesting the GCHQ is collecting vast reserves of data by tapping into global telecoms cables, under an operation called Tempora.
The NSA has since moved to quell rights groups' concerns, releasing a paper claiming its agents only accessed 0.00004 percent of the world's web traffic while conducting their PRISM missions. Despite the paper, many companies remain concerned.
Most recently ex-Navy Seal and Silent Circle chief executive Mike Janke told V3 campaigns like PRISM will continue to run until governments create new legislation forbidding them.

Pakistani Hackers Defaced Indian Minister personal website

The personal website of Rajesh Tope (, the minister for higher and technical education for the Government of Maharashtra, Mumbai, has been breached and defaced by Pakistani hackers.
The attack took place on August 14, Pakistan’s Independence Day, The Hackers Post informs.
On the defaced website, the hackers, part of the Xploiters Crew, addressed messages riddled with expletives to the people of India, the country’s army, and Indian hackers.
“Next time if you try to attack our borders or cyber space we will [expletive] your economy by hitting your banks, Forex, exchangers and corporation as well as leaking customers detail and credit cards. This will be the worse face of cyber attack which you will ever face when we will leak 50 thousand Indian credit cards,” the hackers warned.
At the time of writing, the website of Rajesh Tope has been restored. A defacement mirror is available on

Edward Snowden documents show NSA broke privacy rules

The US National Security Agency (NSA) broke privacy rules and overstepped its legal authority thousands of times in the past two years, according to documents leaked by Edward Snowden.
The incidents resulted in the unauthorised electronic surveillance of US citizens, according to documents published by the Washington Post.
Mr Snowden, a former NSA contractor, has leaked top secret documents to the US and British media.
He has been given asylum in Russia.
On Thursday, the Washington Post posted on its website a selection of documents it said had been provided by Mr Snowden, who fled the US in June after providing documents detailing NSA surveillance programmes to the Guardian and Washington Post newspapers.
'Operator error'
The documents purport to show that the unauthorised interception of telephone calls and emails of Americans and foreign nationals on US soil resulted from errors and departures from standard agency processes, including through a data collection method that a secret US surveillance court later ruled unconstitutional.
The documents offer more detail into the agency practices than is typically shared with members of Congress, the US justice department, and the Office of the Director of National Intelligence.
An internal audit dated May 2012 counted 2,776 incidents over the previous 12 months of unauthorised data collection. The rate of violations grew significantly each quarter, from 546 in the second quarter of 2011 to 865 in the first quarter of 2012.
It is unclear how many individuals were subjected to unauthorised surveillance.
NSA auditors speculated the number of incidents jumped in the first quarter of 2012 because a large number of Chinese surveillance targets visited the US for the Chinese New Year. NSA surveillance of foreign nationals while they are on US soil is restricted.
According to an internal NSA audit report detailing the incidents in the first quarter of 2012, the majority occurred due to "operator error", usually from failure to follow procedures, typographical errors, insufficient research information, or workload issues.
Other incidents were attributed to "system error", such as a lack of capabilities or glitches and bugs.
Some data was intercepted when foreign targets entered the US - where NSA surveillance is restricted - but the system was unaware the target had entered US soil.
Other "inadvertent collection incidents" were targets believed to be non-Americans but who turned out to be US citizens upon further investigation.
In one instance in 2008, a "large number" of calls placed from Washington DC were intercepted after an error in a computer program entered "202" - the telephone area code for Washington DC - into a data query instead of "20", the country code for Egypt.
NSA reaction
In another case, the agency vacuumed up vast amounts of international data from a fibre optic cable running through the US into an NSA computer, where it was stored and analysed. Months later, the secret Foreign Intelligence Surveillance Court ruled the programme violated the search and seizure protections afforded by the US constitution.
Mr Snowden, 30, has been charged with espionage in a federal court in the US. He is currently in Russia, where the government of Vladimir Putin has granted him a year of asylum on the condition he cease disclosing secret US government information.
In a statement provided to the BBC, John DeLong, the NSA's director of compliance, pointed to internal privacy safeguards such as a hotline for people to report NSA activity they believe to be inconsistent with the rules.
"We take each report seriously, investigate the matter, address the issue, constantly look for trends, and address them as well - all as a part of NSA's internal oversight and compliance efforts," Mr DeLong said.
He said the agency's internal privacy compliance programme had a staff of 300, a fourfold increase since 2009.
US President Barack Obama has defended the series of programmes described in Mr Snowden's leaks, but has promised reforms to guarantee greater oversight.
"Given the history of abuse by governments, it's right to ask questions about surveillance, particularly as technology is reshaping every aspect of our lives," he said last week.

Snowden's father contacts son via internet: lawyer

The father of former U.S. intelligence contractor Edward Snowden had contacted his son via the Internet despite security concerns, Snowden's lawyer said Thursday.
"We don't recommend using the Internet for communication, not even via an encrypted channel, even though we understand that Edward is an IT expert," RIA Novosti news agency quoted Anatoly Kucherena as saying.
Still, Lon Snowden's fatherly feelings "proved stronger than security awareness," Kucherena said.
Earlier media reports said Lon Snowden had contacted his son using encrypted messages. Previously, the father communicated with his son only via his lawyer Kucherena.
According to the lawyer, Snowden is taking an adaptation course in a safe place, and "he is missing his family."
The former National Security Agency (NSA) leaker's father said Saturday he had secured documents to visit the whistleblower in Russia, where the son has been granted a year's temporary asylum after spending almost seven weeks stranded in Moscow's Sheremetyevo airport because Washington revoked his passport.
Snowden faces espionage charges in the United States after disclosing a classified intelligence surveillance project code-named PRISM.
Russia's decision on Aug. 1 to grant him asylum in the face of calls by the the U.S. to return him for a trial has cooled U.S.-Russian relations and prompted President Barack Obama to cancel a scheduled meeting with counterpart Vladimir Putin in September.

Webcam hack 'sextortion' target Miss Teen USA

The Federal Bureau of Investigation confirmed Wednesday they were investigating an alleged "sextortion" case involving newly crowned Miss Teen USA Cassidy Wolf from Orange County and other women.
Laura Eimiller, spokeswoman for the FBI's Los Angeles office, said the investigation was several months old but would not discuss any details of the case, including whether a suspect had been identified.
Wolf, who was Miss California Teen USA before winning the Miss Teen USA pageant over the weekend at the Atlantis Hotel in the Bahamas, said in media interviews that she received an anonymous email from someone claiming to be in possession of nude photos of her taken via the webcam on her computer.
Wolf also said the author tried to extort her to ensure that the photos were not made public.
The incident, in which someone was able hack into Wolf's computer and turn on its webcam, is the latest in a string of so-called "sextortion" cases involving individuals who have used email accounts, social media or a computer's own hardware to glean compromising information or images of its user.
A Glendale man, Karen “Gary” Kazaryan, pleaded guilty last month in a “sextortion” case in which he targeted 350 women and coerced them into showing him pictures of them nude.
Prosecutors alleged Kazaryan hacked into the Facebook, Skype and email accounts of victims and changed their passwords, locking them out of their own online accounts. He then searched emails and other files for naked or semi-naked pictures of the women, as well as other information, such as passwords and the names of their friends.
Kazaryan then posed online as those women and sent instant messages to their friends, convincing them to remove their clothing so he could view and take pictures of them, authorities alleged.
Once the victims learned that someone had impersonated their friend, Kazaryan then used the photos to coerce them to remove their clothing on camera, according to authorities.
In December, a Florida man who hacked into email accounts and procured naked images of celebrities, including Mila Kunis, Christina Aguilera and Scarlett Johansson, was sentenced to 10 years in prison.
Christopher Chaney, 35, pleaded guilty in federal court in Los Angeles to nine counts of computer hacking and wiretapping for the unauthorized access of email accounts belonging to 50 people in the entertainment industry.
Once Chaney got photos of the celebrities and other information, he forwarded the material to another hacker and two celebrity websites that made them public, according to a plea agreement made public last year.
Chaney has admitted that from at least November 2010 to October 2011, he hacked into the email accounts of Johansson, Kunis and others by taking their email addresses, clicking on the “Forgot your password?” feature and then resetting the passwords by correctly answering their security questions using publicly available information he found by searching the Internet.

WikiLeaks Released 3.6 gigabytes of encrypted insurance data online

WikiLeaks post on its Facebook page link to 3.6Gb encrypted data insurance documents.
The group described encryption as a necessary measure in light of previous attempts to block its leaking of classified information.

Online porn consumers exposed to cyber crimes

Hundreds of Australians accessing pornography online have been caught - some quite literally - with their pants down by cyber criminals who fraudulently claim to be members of the Australian Federal Police.
Using viruses known as ''ransomware'', foreign gangs film users of adult websites by activating the webcams on the users' computers.
The viruses lock the desktop and post an incriminating image of the person on their screen, before warning they have breached federal laws relating to child pornography, copyright or privacy.
The victims are instructed by the hackers to pay a fine of $100 or $199 using a credit card or money transfer service. If credit card details are handed over, further frauds often occur. If the fine is not paid within 72 hours, data files on the computer can be encrypted or wiped.
The police and the Australian Competition and Consumer Commission have been inundated with calls from victims of ransomware, which include the ''ukash'', ''reveton'' and ''trojan.ransomlock'' viruses.
''We've taken some very interesting calls. Some people are very open, while others swear they have been hacked while using Facebook.
We had one bloke who was almost in tears because they were caught in their underpants,'' a police source said.
Originating in Russia in 2009, the virus has swept through western Europe, Canada and the US using logos of local law enforcement agencies to lend credibility to the scam.
AFP cybercrime operations manager Commander Glen McEwan has issued several warnings about ransomware, which has evolved over the past six months to evade detection by some anti-virus software, spam filters and firewalls.
''The Australian community is reminded that the AFP does not solicit funds and this message is not associated with the AFP in any way,'' Commander McEwan said. He urged victims to report any cyber fraud to the ACCC website SCAMwatch.
The Australian Crime Commission recently identified ransomware as a new frontier for cyber gangs and an emerging threat to Australia's 12 million internet subscribers.
Sean Kopelke, technology director with IT security firm Symantec has identified 16 versions of malware linked to organised crime gangs in Russia, Europe and the Middle East.
A recent Symantec study of one virus found 68,000 computers were infected within a month, with 2.9 per cent of those ensnared by the scam making payments of almost $400,000.

Pentagon to host China's defence minister for talks

The Pentagon will host China's Defence Minister General Chang Wanquan for talks on Monday at a time of "positive momentum" in military relations between the two countries, a US official said.
Chang was due to start his visit on Friday in Hawaii where he was scheduled to meet the head of US Pacific Command, before heading to Colorado to the headquarters for Northern Command, which oversees forces in North America, officials said.
"The purpose of the visit is to sustain the very positive momentum that we've seen in the US-China mil-to-mil relationship that's really been present for the past year and a half or so," said a senior defence official, who spoke on condition of anonymity.
US military officials have touted progress in the defence dialogue with China after years of false starts and say a counter-piracy exercise next week in the Gulf of Aden will see unprecedented cooperation between the two countries' naval forces.
Despite improving ties, US concerns over Chinese cyber espionage are expected to feature high on the agenda when Chang meets his American counterpart, Pentagon chief Chuck Hagel, in Washington on Monday.
At a security conference in Singapore in June, Hagel blamed the Chinese government and armed forces for snooping on sensitive US computer networks.
Some cyber intrusions "appear to be tied to the Chinese government and military," Hagel said in the speech.
But revelations about US electronic surveillance of Internet traffic and phone records, leaked by former intelligence contractor Edward Snowden, have made it more difficult for Washington to level accusations against Beijing.
Chang's meeting with Hagel and other senior officials and officers will allow "the two leaders an opportunity to have a robust exchange of views on a variety of issues in the US-China relationship," including Cyber security, the defence official said.
The talks are also likely to cover North Korea's nuclear and missile programs, territorial disputes in the South China Sea between China and neighbouring nations as well as rival claims between Japan and China over islands in the East China Sea.
Hagel has been invited to visit China next year.

Virus targets the social network in new fraud twist

In the world of cyber fraud, a fake fan on Instagram can be worth five times more than a stolen credit card number.
As social media has become increasingly influential in shaping reputations, hackers have used their computer skills to create and sell false endorsements - such as "likes" and "followers" - that purport to come from users of Facebook , its photo-sharing app Instagram, Twitter, Google's YouTube, LinkedIn and other popular websites.
In the latest twist, a computer virus widely used to steal credit card data, known as Zeus, has been modified to create bogus Instagram "likes" that can be used to generate buzz for a company or individual, according to cyber experts at RSA, the security division of EMC Corp.
These fake "likes" are sold in batches of 1,000 on Internet hacker forums, where cyber criminals also flog credit card numbers and other information stolen from PCs. According to RSA, 1,000 Instagram "followers" can be bought for $15 and 1,000 Instagram "likes" go for $30, whereas 1,000 credit card numbers cost as little as $6.
It may seem odd that fake social media accounts would be worth more than real credit card numbers, but online marketing experts say some people are willing to spend heavily to make a splash on the Internet, seeking buzz for its own sake or for a business purpose, such as making a new product seem popular.
"People perceive importance on what is trending," said Victor Pan, a senior data analyst with WordStream, which advises companies on online marketing. "It is the bandwagon effect."
Facebook, which has nearly 1.2 billion users, said it is in the process of beefing up security on Instagram, which it bought last year for $1 billion. Instagram, which has about 130 million active users, will have the same security measures that Facebook uses, said spokesman Michael Kirkland.
He encouraged users to report suspicious activity through links on Facebook sites and apps.
"We work hard to limit spam on our service and prohibit the creation of accounts through unauthorized or automated means," Kirkland said.
The modified Zeus virus is the first piece of malicious software uncovered to date that has been used to post false "likes" on a social network, according to experts who track cyber crime.
Fraudsters most commonly manipulate "likes" using automated software programs.
The modified version of Zeus controls infected computers from a central server, forcing them to post likes for specific users. They could also be given marching orders to engage in other operations or download other types of malicious software, according to RSA.
Cyber criminals have used Zeus to infect hundreds of millions of PCs since the virus first surfaced more than five years ago, according to Don Jackson, a senior security researcher with Dell SecureWorks.
That the virus is now being adapted to target Instagram is a sign of the rising importance of social media in marketing, and the increasing sophistication of hackers trying to profit from the trend.
Online marketing consultant Will Mitchell said he sometimes advises clients to buy bogus social-networking traffic, but only to get an early foothold online.
When asked about the ethics of faking endorsements, Mitchell replied, "It's fine to do for the first 100, but I always advise stopping after that."
He said one of his clients once bought more than 300,000 "likes" on Facebook against his advice, a move that Mitchell felt damaged the client's reputation. "It was just ridiculous," he said. "Everybody knew what they were doing."
Still, experts say schemes to manipulate social networks are unlikely to go away. Creating fake social media accounts can also be used for more nefarious purposes than creating fake "likes," such as identity theft.
"The accounts are always just a means to an end. The criminals are always looking to profit," said computer security expert Chris Grier, a University of California at Berkeley research scientist who spent a year working on a team that investigated fake accounts on Twitter.

Anonymous Targets Italy’s Ministry of Defense

Anonymous hackers continue to target the Italian government as part of their protests against the installation of a US Navy Mobile User Objective System (MUOS) station in Niscemi, Sicily.
Earlier this week, we learned that the hacktivists leaked emails sent to Italian government officials relating to the MUOS project.
Today, the hackers have contacted me to reveal that they’re launching distributed denial-of-service attacks against the website of Italy’s Ministry of Defense, and the official site of Niscemi.
“Stop MUOS, stop militarization of Italy,” the hackers said.
Currently, the website of Niscemi ( is down and, according to the hackers’ reports, it has been down for several hours. The website of the Ministry of Defense ( is working intermittently.
The hacktivists have cited research papers which show that the installation of a MUOS station in the area would harm not only the environment, but also the people living in Niscemi.

Syria Versus The World

A group of Syrian hackers, calling themselves the Syrian Electronic Army (SEA) and loyal to the beleaguered Assad dictatorship in Syria, have been grabbing a lot of headlines in the last year for their increasing number of Internet based attacks.
However, this tends to be low level stuff, like breaking into Twitter accounts. The Assads remained power for decades by favoring the most talented, best educated and wealthy families at the expense of everyone else and now many of those Syrians are supporting the Assads anyway they can. For the last two years the 80 percent who were left out have been in open rebellion and early on the SEA showed up to help their families hang on to their wealth and position in Syria.
The SEA has not made any really sophisticated hacks and appear to be young, well-educated and savvy computer users who knew enough to get access to the underground hacker market place where all sorts of hacking tools and services are for sale. SEA has used these to publicize their cause (via defacing of anti-Assad websites) and seeking to identify rebel leaders, especially those operating inside Syria. This intel collection effort does not get much publicity but it is probably more helpful than the low-level hacks. That’s because the Assad secret police are still very active inside Syria and have been effective in finding and capturing (or just killing) lots of rebels.
Occasionally SEA will get really ambitious. Last May SEA attempted to take control of the water system in an Israeli city (Haifa). The effort failed, although the attackers had reasonable expectations that they might succeed. That’s because earlier that year an American Internet security firm set up three honey pot servers to measure the extent that hackers are attacking SCADA (supervisory control and data acquisition) and ISC (industrial control system) targets. The response by hackers was surprising and scary, and the hackers going after Haifa apparently knew this. But the Israelis also knew of the danger and took precautions.
At the heart of modern industry are the ISC and SCADA systems which control motors, sensors, alarms, pumps, valves, and other essential equipment. Water systems are among the most common SCADA systems. The successful hack of SCADA systems allows the attacker to take remote control of these systems. Options for the attacker include turning off safety systems in a nuclear reactor, opening or shutting a dam’s overflow sluices, opening oil pipelines to contaminate sea or land, or shutting down water supplies and sewage systems for large numbers of people.
There are a lot of Arab, and Moslem, hacking groups like SEA and one thing they all have in common is a desire to stick it to Israel. That has proved difficult, despite the degree to which the Israeli economy is dependent on the Internet. Fortunately for Israel, many of the most successful and talented Internet security experts and companies are Israeli. The Israeli government has also been energetic in supporting Internet security measures. Thus the constant Arab and Moslem attacks just make the Israeli defenses more formidable. Practice makes perfect, which is essential if you are playing defense in Cyber War.

Facebook Exploit august 2013,hacker Post's on Zuckerberg’s wall

A Palestinian information system expert says he was forced to post a bug report on Mark Zuckerberg’s Facebook page after the social network’s security team failed to recognize that a critical vulnerability he found allows anyone to post on someone's wall.