Hacks

The Wi-Fi router you use to broadcast a private wireless Internet signal in your home or office is not only easy to hack, says a report released today, but the best way to protect yourself is out of your hands.

The report, written by research firm Independent Security Evaluators of Baltimore, found that 13 of the most popular off-the-shelf wireless routers could be exploited by a "moderately skilled adversary with LAN or WLAN access." It also concludes that your best bet for safer Wi-Fi depends on router vendors upping their game. All 13 routers evaluated can be taken … Read more

Anonymous is once again trying to raise the hackles of North Korea by hacking into one of the country's official news sites.

For the second time this month, the North Korean news and information site Uriminzokkiri.com has been taken down. Trying to access the site today delivers an eventual timeout error. In the official Twitter account for Uriminzokkiri, which Anonymous took over earlier this month, the group tweeted that "more of North Korean websites are in our hand. They will be brought down."

North Korean Web sites minjok.com, jajusasang.com, and paekdu-hanna.com had also … Read more

South Korea has accused North Korea of launching a recent cyberattack that hit tens of thousands of PCs.

A spokesman for South Korea's Internet agency said today that six computers in North Korea were identified as the source of the attack, according to The Guardian. Those computers used more than 1,000 IP addresses from across the world to infect 48,000 PCs and servers at South Korean banks and broadcasting stations.

The spokesman told the Associated Press that the attack mimicked past hacking attempts by North Korea and pointed the finger at an espionage agency run by the military. … Read more

Anonymous continues to target North Korea with its latest round of exploits.

Citing the threat posed by the North Korean government, the "hacktivist" group defaced the country's official Twitter and Flickr accounts yesterday.

The North Korean Twitter feed now displays a series of tweets with links that poke fun at the country's leader Kim Jong-un. One linked image portrays Kim Jong-un in a less than flattering light and criticizes him for "threatening world peace with ICBMs and nuclear weapons" and "wasting money while his people starve." The country's Flickr account shows … Read more

The People's Liberation Army unit (PLA) allegedly responsible for cyberspying on Western targets has collaborated with a top Chinese university on networking and security research papers.

In a finding uncovered by Reuters, Shanghai Jiaotong's School of Information Security Engineering (SISE) and the People's Liberation Army Unit 61398 have worked in partnership on at least three papers in recent years. PLA Unit 61398 is well-known for its alleged links to cyberattacks on the West, after a report was released by security firm Mandiant which stated that an "overwhelming" number of cyberattacks originate from the single unit … Read more

A newly discovered botnet has found a way to siphon cash from advertisers.

Spider.io, a security researcher, yesterday announced that it has discovered a new botnet, called Chameleon, that's targeting "at least" 202 Web sites. The botnet is made up of over 120,000 host machines running Windows, according to Spider.io. Those machines are connecting to the Web with a Flash-friendly Trident-based browser that executes JavaScript. The vast majority of the machines -- 95 percent -- have come from U.S.-based IP addresses.

The botnets have targeted at least 202 Web sites, hitting them … Read more

Apple has finally managed to contain the Evasi0n jailbreak.

Released yesterday, iOS 6.1.3 fixes a security bug that allowed someone to sneak past the lock screen and make phone calls, listen to voice mail, and view contact photos.

But the update also patched several holes that Evasi0n exploited to perform an untethered jailbreak on all iOS devices, including the latest iPhone, iPad, and iPod Touch. People who upgrade to iOS 6.1.3 will no longer be able to use Evasi0n to jailbreak their devices. And once on 6.1.3, newer Apple devices cannot be downgraded to … Read more

Two California men have been indicted for allegedly hacking point-of-sale terminals at Subway shops to steal at least $40,000.

Prosecutors accused Shahin Abdollahi, aka "Sean Holdt," and Jeffrey Thomas Wilkinson of hacking at least 13 point-of-sale (POS) terminals to install software that fraudulently loaded at least $40,000 onto Subway gift cards, according to an indictment unsealed in Boston on Friday (see below). The pair then allegedly used the cards to make purchases at Subway shops and sold them on eBay and Craigslist.

Abdollahi owned a Subway franchise in Southern California from 2005 to 2008 and later … Read more

"Swatting" is what you do to a fly that's buzzing around your head. But when that fly is respected security reporter Brian Krebs, swatting is what you do to him when you want to scare him and possibly cause him serious physical harm.

As recounted by Ars Technica this morning and later today by Krebs himself, the reporter was at home and cleaning his house when he opened his front door to come face-to-barrel with at least three guns, including a shotgun, handgun, and semiautomatic rifle; numerous police officers; and a half dozen police cars.

The term &… Read more