Spyware, Viruses, & Security forum

Alert

NEWS - December 03, 2013

by Carol~ Forum moderator / December 3, 2013 3:25 AM PST
Scientist-developed malware covertly jumps air gaps using inaudible sound

"Malware communicates at a distance of 65 feet using built-in mics and speakers. - [Screenshot]

Computer scientists have developed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

Continued: http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

Related:
Acoustical Mesh Network Used to Infect Air-Gapped Computers
Researchers prove malware can communicate via computer speakers and microphones
Experimental malware uses inaudible sound to defeat network air gaps
Discussion is locked
You are posting a reply to: NEWS - December 03, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - December 03, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
A Thief Is Attempting To Hide $100 Mil In Stolen Bitcoins -
by Carol~ Forum moderator / December 3, 2013 3:44 AM PST
— And You Can Watch It Live Right Now

A person who allegedly robbed the web site Sheep Marketplace of 96,000 Bitcoins — about $100 million at current prices — is attempting to hide the heist by breaking up the massive online currency cache and repeatedly trading it through various "tumblers," which mix up and (supposedly) launder old Bitcoins for new.

You can watch his progress here, on a Bitcoin address tracker where the money has been tagged with the marker "Sheep Market Scam."

It's not clear exactly how big this Bitcoin theft is, but it is shaping up to be one of the biggest. Sheep Marketplace was an anonymous site for drug dealers that became prominent when Silk Road was closed down. In the last couple of days, Sheep Marketplace was hacked in such a way that users' accounts were drained even though their balances continued to show the money was still there. The robbery was discovered in late November and Sheep Marketplace promptly shut down.

Continued : http://www.businessinsider.com/a-thief-is-attempting-to-hide-100-million-in-stolen-bitcoins-and-you-can-watch-it-live-right-now-2013-12

Related:
Huge bitcoin heist: Black market drug shop Sheep Marketplace poofs with $40 million
Online black market members hunt down $100 million in bitcoins, blame site owners for theft
Huge quantity of Bitcoins stolen from Sheep Marketplace
Collapse -
Wisconsin man sentenced for role in Anonymous DDoS
by Carol~ Forum moderator / December 3, 2013 4:17 AM PST

A man from Wisconsin was sentenced for participating in a DDoS (distributed denial-of-service) attack by hacker group Anonymous on a Kansas company.

Eric J. Rosol, 38, is said to have admitted that on Feb. 28, 2011, he took part in a denial of service attack for about a minute on a Web page of Koch Industries -- Kochind.com, using software called a Low Orbit Ion Cannon Code, which was loaded on his computer.

LOIC is a popular DDoS tool used by Anonymous and other online attackers to overload websites with requests and disrupt the target server.

Rosol, who pleaded guilty to one misdemeanor count of accessing a protected computer, was sentenced to two years of federal probation and ordered to pay $183,000 in restitution, the Department of Justice said in a statement.

Continued: http://www.computerworld.com/s/article/9244494/Wisconsin_man_sentenced_for_role_in_Anonymous_DDoS

Related:
Wisconsin man sentenced for DDoS attack against Koch Industries
Hacker of Koch Industries website sentenced in Kansas
Man Sentenced to 2 Years Probation for Taking Part in Anonymous DDOS Attacks

Collapse -
Simple But Effective Point-of-Sale Skimmer
by Carol~ Forum moderator / December 3, 2013 4:17 AM PST

Point-of-sale (POS) skimmers — fraud devices made to siphon bank card and PIN data at the cash register — have grown in sophistication over the years: A few months back, this blog spotlighted a professionally made point-of-sale skimmer that involved some serious hacking inside the device. Today's post examines a comparatively simple but effective POS skimmer that is little more than a false panel which sits atop the PIN pad and above the area where customers swipe their cards.

In scams, as with most things in life, there is a certain elegance in simplicity. This is doubly true with ATM and credit card skimmer scams: The more components and electronics involved, the greater the chance that the fraud devices will malfunction, lose juice, or else be detected too quickly. In fact, some of the most elegant skimming attacks I've seen to date never even touched the cash machine, and relied on very basic components.

Recently, I encountered a fraudster selling a remarkably simple but brilliant POS skimming device that can be installed and removed in the blink of an eye. This video, which was produced by a fraudster who sells these devices for thousands of dollars on semi-private underground forums, shows a late-model Verifone point-of-sale device retrofitted with a skimmer overlay. The underside of the device (not pictured) includes a tiny battery and flash storage card that allows the fake PIN pad to capture the key presses, and record the data stored on the magnetic stripe of each swiped card.

Continued : http://krebsonsecurity.com/2013/12/simple-but-effective-point-of-sale-skimmer/

Collapse -
Spammers pay tribute to Paul Walker using 'Word Salad'
by Carol~ Forum moderator / December 3, 2013 4:17 AM PST

Symantec Security Response Blog:

Word Salad, a workaround method invented by spammers to counter Bayesian spam filtering, is an old trick in the spammer's manual, but cutting edge anti-spam filtering technology has made this ploy blunt.

As a form of Bayesian poisoning, Word Salad is an incongruous string of words. It uses words that are very legitimate and can be seen in any form of legit prose. From the perspective of Bayesian filtering, there is a large volume of legit data in emails which employs Word Salad. The word salad are often seen in the form of HTML, where nonsensical tags are used to break URLs up so analysers will have a hard time tracking down the spammy URL. The latest trend in word salad is to add the most current keywords, like the hottest news or an upcoming event.

The demise of Paul Walker, the 'Fast and Furious' franchise star, in a fiery car accident on Saturday, is the latest example exploited by spammers. Within hours of this breaking news, Symantec observed snowshoe spam or hit-and-run attacks, using "PAUL WALKER" in Word Salad. This topic is a highly searched topic at the moment, as his fans anxiously wait for his autopsy report. Earlier on, there was also fake news circulating claiming that Paul Walker has survived the crash.

Continued : http://www.symantec.com/connect/blogs/spammers-pay-tribute-paul-walker-using-word-salad

Collapse -
Facebook users warned of leaked Snapchat photos phishing..
by Carol~ Forum moderator / December 3, 2013 5:23 AM PST
.. threat

Facebook pages claiming to link to leaked photos distributed via the Snapchat smartphone app can be attempting to steal your passwords, according to one security researcher.

Snapchat, you will remember, is the smartphone app that allows you to send a photograph or video to an acquaintance.

The app's gimmick is that the snap is only supposed to be viewable for a few seconds before it is destroyed. But, as I explained last year, it doesn't actually prevent the recipient from making a digital copy.

Regardless, you can imagine just how many young people have used the app for sexting, without thought of the possible embarrassing and humiliating consequences.

Continued: http://grahamcluley.com/2013/12/facebook-users-warned-leaked-snapchat-photos-phishing-threat/

Related : Leaked Snapchats Facebook Page Lures Users to Phishing Site

@ Symantec Security Response Blog: Spamchat: Snapchat Users Subjected to Porn and Secret Admirer Spam
Collapse -
"Buy $500 antivirus from us," say cyber-criminals
by Carol~ Forum moderator / December 3, 2013 5:23 AM PST

"Malwarebytes Unpacked" Blog:

In yet another twist, the guys behind the browser-based FBI (or geo-specific police force) ransomware are pushing the envelope to another level.

This type of extortion, where your browser locks up until you pay up, has been going on for months. It preys on people's fear of authority when confronted for supposedly bad online behaviour (downloading pirated movies, viewing child pornography, etc).

About two weeks ago, I had blogged about a new fee in addition to the first ransom. Not satisfied with only one payment, cyber crooks had decided to ask for more money in exchange for purging your 'criminal records'.

Of course, these scammers do not have access to your criminal records and simply want to trick you to clear up your conscience.

This time around, the bad guys want you to buy a $500 antivirus from them, on top of paying the browser unlock and criminal records fees ($300 and $450 respectively). [Screenshot]

Continued: http://blog.malwarebytes.org/fraud-scam/2013/12/buy-500-antivirus-from-us-say-cyber-criminals/

Related: Cybercriminals Become Greedy, Ask Ransomware Victims to Buy AV

Collapse -
Kaspersky and Bitdefender Earn Top Marks for Malware Cleanup
by Carol~ Forum moderator / December 3, 2013 5:24 AM PST

Some antivirus tests are really, really simple. For example, you could run a scan on a test system containing 100,000 static malware samples and record how many of those were detected. Testing how products handle malware that has already infected the system is quite a bit tougher, but can reveal more about an antivirus product's malware-fighting prowess. That's what the malware removal test by AV-Comparatives tries to do.

To get started, the researchers chose 11 widely prevalent samples known to be detected by every product under testing. I wish they'd used a larger sample set; 11 is pretty small. The report notes that they started with more, but eliminated some samples on finding that "their malware behavior/disinfection process was identical to samples already included."

With sample selection complete, they installed each on a test PC, carefully monitoring the changes it made to the file system and Registry. Then they installed an antivirus product and recorded how well it managed to clean up the problem.

Continued: http://securitywatch.pcmag.com/security-software/318515-kaspersky-and-bitdefender-earn-top-marks-for-malware-cleanup

Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.