Spyware, Viruses, & Security forum


NEWS - June 22, 2011

by Carol~ Moderator / June 22, 2011 1:22 AM PDT
WordPress plugins Trojanised, spotted, fixed

WordPress just announced that the source code of three plugins for its popular blog-hosting software was maliciously modified.

Plugins consist of add-in modules which you install on your WordPress server in order to implement additional functionality, instead of writing all the needed code yourself.

Where you might use a DLL with a Windows program - for example, to add a feature such as SSL support or an edit control into an existing application - you'd use a plugin with WordPress.

DLLs are usually written in a language such as C or C++ and compiled into native machine code; WordPress plugins are generally written in a mixture of JavaScript, PHP, HTML and CSS.

According to WordPress, the modified plugins were Trojanised to include backdoors.

Continued : http://nakedsecurity.sophos.com/2011/06/22/wordpress-plugins-trojanised-spotted-fixed/

Backdoor in popular WordPress plug-ins
WordPress Resets Passwords Due to Backdoored Plugins
WordPress Forces Password Reset
Discussion is locked
You are posting a reply to: NEWS - June 22, 2011
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - June 22, 2011
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Antichat Hacker Forum Breach Reveals Weak Passwords
by Carol~ Moderator / June 22, 2011 4:05 AM PDT
In reply to: NEWS - June 22, 2011

Ordinary Internet users frequently are scolded for choosing weak, easily-guessed passwords. New research suggests that hackers in the cyber underground are also likely to pick lame passwords for their favorite online forums.

Last month, KrebsOnSecurity was sent a massive database file that the source said was the user database of Antichat.ru, a Russian language hacker forum that has attracted more than 41,000 users since its founding nearly a decade ago. By matching the user names in the database with those listed in the public pages of the forum, I discovered that I'd been given a snapshot of all Antichat user information and private messages prior to June 2010, when Antichat.ru apparently experienced a forum compromise.

I wanted to match the Antichat user names, associated email and ICQ addresses with those of other forums for which I've collected user databases. I also wanted to see how many of the passwords were easily crackable. To do this, I enlisted the help of an anti-spam source that has access to some serious hardware and software capable of cracking thousands of passwords per hour.

More than 18,000 of the 41,037 passwords in the database were crackable within a few days. 4,500 passwords were used by five or more individual users.

Continued : https://krebsonsecurity.com/2011/06/antichat-hacker-forum-breach-reveals-weak-passwords/#more-10061

Collapse -
FBI Cripples Legit Sites in Search of Hackers
by Carol~ Moderator / June 22, 2011 4:05 AM PDT
In reply to: NEWS - June 22, 2011

FBI agents have raided a Maryland datacenter, possibly in connection with an investigation into LulzSec, and seized three racks of blade servers that contained innocent websites.

According to the New York Times, the raid began at 1:15 am and the seized servers belonged to a Switzerland-based co-location company called DigitalOne.

The company had previously been in contact with the law enforcement agency and gave it all the information necessary to identify one particular server corresponding to an IP address.

The seizure of multiple boxes came as a total surprise to DigitalOne CEO Sergej Ostroumow. "The agents took entire server racks, perhaps because they mistakenly thought that one enclosure is = to one server," he said.

The raid affected tens of DigitalOne's clients in one way or another. Curbed Network, a New York-based publisher of dining, nightlife, shopping, fashion, design and real estate blogs was left with its websites offline.

Online bookmarking site Pinboard had to resort to using a backup server with limited capabilities, while Instapaper, a service for saving news articles for a later read, experienced slowdowns.

"This problem is caused by the F.B.I., not our company. In the night F.B.I. has taken 3 enclosures with equipment plugged into them, possibly including your server - we cannot check it," Ostroumow wrote to one of the affected clients.

Continued : http://news.softpedia.com/news/FBI-Cripples-Legit-Sites-in-Search-of-Hackers-207545.shtml

Collapse -
FBI Scrubbed 19,000 PCs Snared By Coreflood Botnet
by Carol~ Moderator / June 22, 2011 4:05 AM PDT
In reply to: NEWS - June 22, 2011

The FBI has scrubbed some 19,000 PCs that were infected with the Coreflood bot malware, the agency told a federal court last week. The effort is part of an ongoing and unprecedented legal campaign to destroy one of the longest-running and most menacing online crime machines ever built.

In April, the Justice Department and the FBI were granted authority to seize control over Coreflood, a criminal botnet that enslaved millions of computers. On April 11, 2011, the U.S. Attorney's Office for the District of Connecticut was granted authority to seize 29 domain names used to control the daily operations of the botnet, and to redirect traffic destined for the control servers to a substitute server that the FBI controlled. More significantly, the FBI was awarded a temporary restraining order allowing it to send individual PCs infected with Coreflood a command telling the machines to stop the bot software from running.

[Screenshot: Coreflood Beacons per Day]

In a declaration filed with the district court, FBI special agent Kenneth Keller said the bureau has issued approximately 19,000 uninstall commands to infected computers of two dozen identifiable victims in the United States. The FBI said it obtained written consent from all 24 victims, and that none reported any adverse or unintended consequences from the uninstall commands.

Continued : https://krebsonsecurity.com/2011/06/fbi-scrubbed-19000-pcs-snared-by-coreflood-botnet/#more-10373

Collapse -
Dutch Lawmakers Adopt Net Neutrality Law
by Carol~ Moderator / June 22, 2011 5:24 AM PDT
In reply to: NEWS - June 22, 2011

The Netherlands on Wednesday became the first country in Europe, and only the second in the world, to enshrine the concept of network neutrality into national law by banning its mobile telephone operators from blocking or charging consumers extra for using Internet-based communications services like Skype or WhatsApp, a free text service.

The measure, which was adopted with a broad majority in the lower house of the Dutch Parliament, the Tweede Kamer, will prevent KPN, the Dutch telecommunications market leader, and the Dutch units of Vodafone and T-Mobile, from blocking or charging for Internet services. Its sponsors said that the measure would pass a pro-forma review in the Dutch Senate without hitches.

Analysts said that the legal restrictions imposed in the Netherlands could shape Europe's broader, evolving debate over network neutrality, pushing more countries on the Continent to limit operators from acting as self-appointed toll collectors of the mobile Internet.

"I could also see some countries following the Dutch example," said Jacques de Greling, an analyst at Natixis, a French bank. "I believe there will be pressure from consumers to make it clear what they are buying, whether it is the full Internet or Internet-light."

Advocates hailed the move as a victory for consumers, while industry officials predicted that mobile broadband charges could rise in the Netherlands to compensate for the new restrictions.

Continued : http://www.nytimes.com/2011/06/23/technology/23neutral.html

Collapse -
Network Solutions' Systems Back Online Following DDoS Attack
by Carol~ Moderator / June 22, 2011 5:24 AM PDT
In reply to: NEWS - June 22, 2011

Web host and domain name registry Network Solutions reports that all of its systems are working today following two denial-of-service (DDoS) attacks earlier this week. The first DDoS attack hit their services Monday afternoon, June 21, while a consecutive attack occurred on Tuesday morning, June 21.

While engineers were busy fixing the issue, some users continued to have issues with the company's web and e-mails services, according to a blog post by spokesman Shashi Bellamkonda.

"The nature of a DDoS puts the root cause beyond our control," Bellamkonda wrote yesterday.

Hackers notably hit Network Solutions last summer by compromising a web template used by the companies' customers to direct users from old, parked sites to addresses serving up malware.


Collapse -
Essex geek 'is Sony Hacker'
by Carol~ Moderator / June 22, 2011 8:24 AM PDT
In reply to: NEWS - June 22, 2011

A NERDY teenager was arrested yesterday on suspicion of masterminding a global computer hacking operation from his bedroom.

Oddball student Ryan Cleary, 19, was held by cops who swooped on his mum's home in Wickford, Essex.

He is thought to be a leader of LulzSec, a group claiming responsibility for hacking into Britain's Serious Organised Crime Agency and the US Senate.

Geeky Cleary is also suspected of being the brains behind hacking raids on computer game giants Sony and Nintendo - and America's CIA secret service.

He allegedly did it all behind the closed curtains of his bedroom at his mum's extended bungalow. And a computer expert said last night: "It's the true nature of the internet that Wickford could be the centre of a global hacking movement."

Continued : http://www.thesun.co.uk/sol/homepage/news/3651298/Essex-geek-Ryan-Cleary-is-Sony-hacker.html

Also: Ryan Cleary charged with LulzSec DDoS attack on SOCA and other websites

Collapse -
Thousands of Australian Websites Destroyed in Hack Attack
by Carol~ Moderator / June 22, 2011 8:24 AM PDT
In reply to: NEWS - June 22, 2011

Hackers have managed to break into the network of an Australian web hosting provider called Distribute.IT and destroy data from four of its servers, including its backups.

The attack occurred last week and left a lot of customers unhappy with the company because it wasn't very forthcoming with information. This was probably because it was desperately trying out contingency plans. Unfortunately these failed.

The company issued a statement today announcing that it has suffered permanent data loss. "We regret to inform that the data, sites and emails that were hosted on Drought, Hurricane, Blizzard and Cyclone can be considered by all the experts to be unrecoverable," the company said.

"While every effort will be made to continue to gain access to the lost information from those hosting servers, it seems unlikely that any usable data will can be salvaged from these platforms.

"In assessing the situation, our greatest fears have been confirmed that not only was the production data erased during the attack, but also key backups, snapshots and other information that would allow us to reconstruct these servers from the remaining data
," it explained.

Some of the 4,800 affected websites will probably be restored from backups kept by their owners, but many have probably been lost forever. The incident has raised questions as to why Distribute.IT didn't keep offline and offsite backups, however, it's also the responsibility of site owners to backup their data regularly.

Continued : http://news.softpedia.com/news/Thousands-of-Australian-Websites-Destroyed-in-Hack-Attack-207633.shtml

Collapse -
Hack Attacks Escalating? Here's a Reality Check
by Carol~ Moderator / June 22, 2011 8:24 AM PDT
In reply to: NEWS - June 22, 2011

"Hack attacks by LulzSec and Anonymous suggest an uptick in computer attacks, network break-ins, and data breaches."

Hack attacks from online thugs such as Anonymous and LulzSec appear to signal a hacker Armageddon. Not only has Sony been relentlessly targeted by hackers this year so has the Central Intelligence Agency, Sega, PBS.com, the U.K. government, and dozens of other high-profile company and government agency Web sites.

But security experts say despite the uptick in reported computer attacks, network break-ins, and data breaches the volume of hack attacks is not rising. What has changed is that hacker groups such as Anonymous and LulzSec have gotten media savvy creating an illusion of an escalating cyberwar that in reality does not exist, says Graham Cluley senior technology consultant at the security firm Sophos.

LulzSec and Anonymous Love the Limelight

Social networking tools have made it easy for hackers to brag about their exploits - sometimes issuing press releases - where in the past hackers lurked quietly in the shadows, Cluley says.

"There's no reliable count of just how many hacks take place," Cluley says. "What has changed recently is that some of the hackers are getting more effective and keener to publicize their hacks."

Continued : http://www.pcworld.com/article/230882/hack_attacks_escalating_heres_a_reality_check.html

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.