Spyware, Viruses, & Security forum


NEWS - February 28, 2014

by Carol~ Moderator / February 27, 2014 9:53 PM PST
Optic Nerve: millions of Yahoo webcam images intercepted by GCHQ

Britain's surveillance agency GCHQ, with aid from the US National Security Agency, intercepted and stored the webcam images of millions of internet users not suspected of wrongdoing, secret documents reveal.

GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.

In one six-month period in 2008 alone, the agency collected webcam imagery - including substantial quantities of sexually explicit communications - from more than 1.8 million Yahoo user accounts globally.

Continued: http://www.theguardian.com/world/2014/feb/27/gchq-nsa-webcam-images-internet-yahoo

UK, US Spies Stored Millions of Yahoo Webcam Images: Report
Report: UK spies on MILLIONS of Yahoo! webcams, ogles sex vids
Report: UK spies captured millions of Yahoo users' webcam images
Discussion is locked
You are posting a reply to: NEWS - February 28, 2014
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - February 28, 2014
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
2 in 5 Brits cough up for CryptoLocker ransomware's demands
by Carol~ Moderator / February 27, 2014 10:18 PM PST

"Cowed victims hand over thousands rather than install basic security measures"

Around two in five people who fall victim to CryptoLocker have agreed to pay a ransom of around £300 to recover their files, according to a survey of victims.

Researchers from the University of Kent quizzed a total of 48 people who had been affected by CryptoLocker. Of the sample, 17 said they paid the ransom and 31 said they did not.

CryptoLocker encrypts files on compromised machines. Compromised files become unintelligible and unrecoverable - unless victims have made back-ups - without paying crooks an unlock fee, which skyrockets to as much as four Bitcoins (about £1,350) unless victims cough up within a 72 hour deadline.

The finding comes from the second survey (PDF) on Cyber Security by members of the University's Interdisciplinary Research Centre for Cyber Security. The "fieldwork" for the online study involved polling a sample of 1,500 adult Brits of various ages on eight cybercrime and information security-related questions.

Continued: http://www.theregister.co.uk/2014/02/28/cryptolocker_victims_pay_up_survey/

Cryptolocker hit more UK victims than previously realised, researchers find
41% of British CryptoLocker Victims Sent Money to Cybercriminals

Collapse -
How emails can track your location and how to stop it
by Carol~ Moderator / February 27, 2014 10:18 PM PST

A new, free Google Chrome browser extension called Streak lets email senders using Google accounts see when recipients open email.

And, oh my, it also lets senders see who, exactly, opened the email, and where the recipient is located.

The extension, part of a customer relationship management (CRM) system that includes tools for sales, support and hiring, places email recipients on a map, with big red dots indicating their locations. It also gives users real-time location updates. [Screenshot]

Streak is a bit creepy. But it's not, of course, "changing the email game", as has been somewhat breathlessly claimed.

Streak may well be in the business of giving marketers the ability to eyeball our whereabouts and our email-opening schedules, but it certainly didn't invent email tracking - not by a long shot.

Continued: http://nakedsecurity.sophos.com/2014/02/27/how-emails-can-be-used-to-track-your-location-and-how-to-stop-it/

Collapse -
RSA rebel conference TrustyCon sells out despite ..
by Carol~ Moderator / February 27, 2014 10:19 PM PST
.. 'dirty tricks'

"Raises $20,000 for EFF, and support for some in security industry"

TrustyCon The TrustyCon security convention in San Francisco today has had a sell-out first show - which generated a $20,000 check for the Electronic Frontier Foundation.

TrustyCon was organized following the decision by F-Secure's Mikko Hypponen to pull out of the annual RSA conference in protest at the company's apparent complicity in using a cryptographic algorithm at the behest of the NSA - an algorithm that turned out to be hopelessly flawed. After more speakers pulled out of the RSA 2014 gathering, the decision was made to hold an alternative security conference discussing how to ensure trust in technology.

"For me it was a very personal decision. The revelations of the cooperation of a security company with an intelligence agency regarding weakening security are the definition of losing trust. If our users don't trust us we lose," Hypponen said.

Continued: http://www.theregister.co.uk/2014/02/28/rsa_rebel_conference_trustycon_sells_out_despite_claimed_dirty_tricks/

Related: TrustyCon's RSA Conference rebels promise more to come
Collapse -
TrustyCon Video
by Carol~ Moderator / February 28, 2014 2:27 AM PST

F-Secure Antivirus Research Weblog:

TrustyCon, the first "Trustworthy Technology Conference" was held yesterday in San Francisco. And Google/YouTube volunteered a camera crew. Nice! The full event can be viewed here:

Mikko's presentation begins at 15 minutes and 45 seconds.

Other speakers: Alex Stamos, Cindy Cohn, Marcia Hofmann, Christopher Soghoian, Joseph Menn, Bruce Schneier, Garrett Robinson, Yan Zhu, Chris Palmer, Dan Boneh, Steve Weis, Jeff Moss, and Ed Felten.

Continued : http://www.f-secure.com/weblog/archives/00002679.html

Collapse -
RSAC: FBI Director Comey Outlines Vision For Secure America
by Carol~ Moderator / February 27, 2014 10:45 PM PST

A mere five months after being sworn in as the seventh director of the FBI, James Comey took the stage at the RSA Conference and made his case for industry cooperation with government. He outlined plans to take on hackers, nation states, and data thieves, but at times he seemed to face an uphill battle against an industry grappling with concerns of government meddling.

Protecting Privacy
A large portion of Comey's speech centered on privacy, acknowledging both the climate of distrust around the federal government created by the Snowden leaks and also market concerns.

"Our goal is to be surgical and precise in what we're looking for, and do whatever we can to protect privacy rights and competitive advantage," said Comey.

Continued : http://securitywatch.pcmag.com/security/321174-rsac-fbi-director-comey-outlines-vision-for-a-more-secure-america

New FBI Director Facing Information-Sharing Challenges
FBI expects to roll out malware-analysis system to help businesses identify attacks

Collapse -
WhatsApp Hack Promises Messages, Delivers PUPs
by Carol~ Moderator / February 27, 2014 11:54 PM PST

"Malwarebytes Unpacked" Blog:

What is it? A site claiming to offer up a tool designed to grab WhatsApp user messages.

What does it do? Installs PUPs (Potentially Unwanted Programs) instead. Your messages are safe from would-be thieves.

Do we detect it? Yes, we detect the updater as PUP.Optional.OutBrowse

As we saw yesterday, WhatsApp is currently a hot target for scammers wanting to infect PCs - but it isn't just email spam you have to be wary of.

Here's a site offering up what it claims is a program designed to "grab all the messages of your friends now!" located at

whatsapp-hack(dot)in [Screenshot]

Continued : http://blog.malwarebytes.org/fraud-scam/2014/02/whatsapp-hack-promises-messages-delivers-pups/

Collapse -
Google keeps an ever-closer eye on non-Play Store apps
by Carol~ Moderator / February 27, 2014 11:54 PM PST

SAN FRANCISCO -- Android owners who use apps installed from outside of the Play Store will soon find their devices just a smidge safer, as Google announced at the RSA Conference here that Verify Apps will soon keep an eye on non-Play Store apps even after you install them.

Adrian Ludwig, Google's Android security engineer lead, said the change builds on the Verify Apps security feature introduced last year. He explained the change during a talk on how Google has created a secure open-source operating system.

When the Verify Apps option is checked, Google will scan apps installed outside of the Play Store to make sure they're not malicious. This was a one-time check, but the new component, which requires no additional changes by the user, will warn you when an app is determined to be malicious even if it passes muster the first time around.

Continued: http://news.cnet.com/8301-1009_3-57619690-83/google-keeps-an-ever-closer-eye-on-non-play-store-apps/

Collapse -
Gameover malware tougher to kill with new rootkit component
by Carol~ Moderator / February 28, 2014 2:27 AM PST

A new variant of the Gameover malware that steals online banking credentials comes with a kernel-level rootkit that makes it significantly harder to remove, according to security researchers from Sophos.

Gameover is a computer Trojan based on the infamous Zeus banking malware whose source code was leaked on the Internet in 2011. Gameover stands apart from other Zeus-based Trojan programs because it uses peer-to-peer technology for command and control instead of traditional servers, making it more resilient to takedown attempts.

At the beginning of February, researchers from security firm Malcovery Security, reported that a new variant of Gameover was being distributed as an encrypted .enc file in order to bypass network-level defenses. However, the latest trick from the Gameover authors involves using a kernel rootkit called Necurs to protect the malware's process from being terminated and its files from being deleted, researchers from Sophos said Thursday in a blog post.

Continued : http://www.pcworld.com/article/2103401/gameover-malware-tougher-to-kill-with-new-rootkit-component.html

Notorious "Gameover" malware gets itself a kernel-mode rootkit..
Gameover Borrows Kernel-Mode Rootkit from Necurs Malware

Collapse -
Identity Theft, Among Most Popular Complaints of 2013
by Carol~ Moderator / February 28, 2014 2:27 AM PST

Identity theft was one of the most prevalent complaints of US customers in 2013, a new Federal Trade Commission report (pdf) reveals.

Of the 2 million complaints analyzed last year, over 290,000 were related to identity theft. Some 30 per cent of the incidents were tax-related, the largest category within identity theft complaints.

The study also shows 43 percent of scammed victims were contacted via email, 21 percent by telephone and 20 percent via spoofed websites. In most cases, an identity thief used a legitimate taxpayer's identity to fraudulently file a tax return and claim a refund.

The report says 41 per cent of those affected by ID theft contacted law enforcement to solve the problem.

Florida has the highest rate of fraud and identity theft among US states, followed by Georgia and California. Theft affected all age groups fairly equally. One in five of those who fell victim to identity theft are in their 20s, while 19 per cent were between 30 and 39 and 17 per cent were aged from 50 to 59.

Continued: http://www.hotforsecurity.com/blog/identity-theft-among-most-popular-complaints-of-2013-8056.html

Collapse -
Netflix Phishing Scam leads to Fake Microsoft Tech Support
by Carol~ Moderator / February 28, 2014 4:41 AM PST

"Malwarebytes Unpacked" Blog:

Tech Support scammers are really creative these days. As if the Microsoft ruse was no longer in fashion, they are impersonating other popular companies, such as Netflix.

I came across what I first thought was a typical phishing scam targeting Netflix: [Screenshot]

Until I realized it wasn't, or at least that there was something more to it. Of course it stole my credentials: [Screenshot]

But it also displayed a message saying my account had been suspended: [Screenshot]

In order to fix this issue, you are urged to call "Netflix" at a 1-800 number. If you do a bit of a search you will find out this is not the official hotline, so this warranted a deeper investigation.

Once I called the number, the rogue support representative had me download a "NetFlix Support Software":

Continued: http://blog.malwarebytes.org/fraud-scam/2014/02/netflix-phishing-scam-leads-to-fake-microsoft-tech-support/

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.