Tuesday, 30 September 2014

Ello social network hit by suspected DDoS attack

Ello, the social network site intended to serve as something of an antidote to ad-stuffed Facebook, was hit by a suspected Distributed-Denial-of-Service attack today.
The outfit, which has gained plenty of press coverage in the past week after employing the classic invite-only marketing trick to lure in more users, said on its status page within the last hour that it had suffered a major front-end outage on its network.

Russian-speaking fraud on Skype

It used to be a common scam: Russian cybercriminals would send an SMS like: "Mom, I'm in trouble. Please, transfer me some funds. I will explain it properly when I get home". A whole bunch of friends and relatives got suckered by this fraud, believing that the message had genuinely come from someone close to them.
Fortunately, Russian mobile operators cracked down hard on this, forcing the criminals to give up. But now they've moved on to Skype. Yesterday I got this Skype message from one of my contacts:
Translation of the text:
Hey. I'm on a trip right now and I can't get to a payment terminal and top up my balance. Could you please transfer 100 rubles – or even better 200 – to the number  +7925XXXXXXX? I can't think of anyone else who could help me. It would really do me a big favor! I pay you back as soon as I get home!!
What happened? The cybercriminals stole my contact's password, probably using password stealing malware. Suddenly, even a Skype account without any money attached is worth something to a crook.
The victim will never see that couple of hundred rubles again. The number mentioned belongs to the cybercriminals, not to the Skype account-holder. It's impossible to say how many people fall victim to this kind of social engineering fraud, but in general we know that social engineering is an effective trick for scammers.

Kali Linux “NetHunter” Released – Turn Your Android Device into Hacking Weapons


After making its influence in hacker and security circles, Kali Linux has now been published with Kali Nethunter, a version of the security suite for Android devices. The tool is a mobile distribution designed to compromise systems via USB when installed and run on an Android phone.
Kali Linux NetHunter project provides much of the power to Nexus users, those running the NetHunter penetration testing platform can now launch attacks including Teensy keyboard via HID style attacks and BadUSB man-in-the-middle (MITM) networking attacks via USB human interface device (HID), wireless 802.11 frame injection, and could setup evil access points in a single click.
Our NetHunter images support programmable HID keyboard attacks, (a-la-teensy), as well as “BadUSB” network attacks, allowing an attacker to easily MITM an unsuspecting target by simply connecting their device to a computer USB port,” the Offensive Security team said. “In addition to these built in features, we’ve got a whole set of native Kali Linux tools available for use, many of which are configurable through a simple web interface.
Nethunter is currently available for Nexus devices only, but builds for other Android devices are likely on the way. Nethunter contained a full Kali Linux toolset, including support for self destruction, software defined radio and the ability to launch a Kali desktop VNC session on Nexus phone.
The tools are designed for use by an attacker who has physical access to a device — an insider threat — or someone who gains access through social engineering, tailing etc.
Kali Linux nethunter hacking tool android
On one hand, Teensy Keyboard attacks on PCs can be used to automatically elevate privileges on a Windows PC and install a reverse-HTTP tunnel to a remote workstation. On the other hand, BadUSB can force a Windows PC to recognize the USB-connected phone as a network adapter and re-route all the traffic of the PC through it for monitoring purposes.
Additionally, the Kali NetHunter configuration interface helps users to easily manage complex configuration files through a local web interface, which together with 802.11 wireless injection and a pre-configured connect VPN service make it a “formidable network security tool or discrete drop box – with Kali Linux at the tip of your fingers wherever you are.
Kali NetHunter open source security platform supports Nexus 10 and 7 tablets and Nexus 5 phones built on the existing Kali (formerly Backtrack) Linux platform. The official Kali NetHunter images can be downloaded from the Offensive Security NetHunter download page.

FBI opens Malware Investigator portal to industry

The Federal Bureau of Investigations has released a formerly in-house malware-analysing portal to help speed up incident responses and help industry and law enforcement with investigations.
The G-men hope the Malware Investigator portal can let businesses build responses to new malware without such heavy reverse-engineering loads.
Information crime unit chief Steve Pandelides said during the portal's initial launch it would benefit the agency and the private sector.
"After submission, the report can get turned around in a matter of minutes to a matter of hours," Pandelides said.
"It will enable our private partners to protect their company's networks and help our state and local law enforcement partners further their investigations.
"It will also provide the FBI a global view of the malware threat."
Malware Investigator: FBI Malware Investigator: FBI
Windows malware submitted to the portal would be correlated against other submissions and the FBI's intelligence to produce reports. It would be expanded to cater for other virus types.
Malware would be analysed in part through fuzzy hashing including section hashing, virus scanning cluster, sandboxing, file system modification and others.
The agency opened API access for organisations seeking to integrate the system into their platforms, and maintained that a submitters' private details would remain undisclosed, the Bureau's Jonathan Burns said at the Virus Bulletin conference in Seattle last week.
The FBI began manual malware analysis in 1998 and over subsequent years had built systems to help store and examine viruses, trojans, worms and bots. The process became automated in 2011 with work beginning on Malware Investigator last year.

Alleged mobile spyware sellers cuffed in US

Allegedly selling spyware has landed a Pakistani man in trouble with the Feds, with the FBI collaring 31-year-old Hammad Akbar from Lahore cuffed on Monday for flogging StealthGenie.
The US Justice Department says Akbar was indicted in the Eastern District of Virginia for operating a company called InvoCode, which sold the software online.
According to the statement, StealthGenie – which Akbar allegedly wrote with co-conspirators – can intercept calls, texts, videos and other communications from iPhones, Android phones, and Blackberrys. The cabal advertised it as “untraceable” and the DoJ says it's “undetectable by most users”.
The indictment says the charge sheet includes “conspiracy, sale of a surreptitious interception device, advertisement of a known interception device and advertising a device as a surreptitious interception device”.
StealthGenie's real capabilities, the indictment says, include:
  • It recorded all incoming/outgoing voice calls;
  • It intercepted calls on the phone to be monitored while they take place;
  • It allowed the purchaser to call the phone and activate it at any time to monitor all surrounding conversations within a 15-foot radius; and
  • It allowed the purchaser to monitor the user’s incoming and outgoing e-mail messages and SMS messages, incoming voicemail messages, address book, calendar, photographs, and videos.
If someone – say, a jealous spouse – installed the software, the user would never know these functions were enabled. The software also synched to Amazon servers, the government alleges, and the government has taken down the company's Website for the time being.