Spyware, Viruses, & Security forum

General discussion

NEWS - September 18, 2009

"Carder forum drops offline after hack"

White hat cavalry shoot up black hat site

By John Leyden
18th September 2009

A Pakistan-based carder site has dropped off the net, after white hat hackers broke into the forum and posted details of the hack on a full disclosure mailing list.

Pakbugs.com provided a forum for ne'er do wells to discuss hacking tactics and trade malware, bank logins details and stolen credit card credentials. However this activity was interrupted after login details for the forum and email addresses were posted online following a break-in.

A previously unknown group called War Against Cyber Crime claimed credit for the hack. The group expressed the hope that law enforcement agents will begin an investigation against individuals named on the leaked list.

Continued here: http://www.theregister.co.uk/2009/09/18/carder_forum_hack_attach/
Discussion is locked
You are posting a reply to: NEWS - September 18, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - September 18, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
World's nastiest trojan fools AV software

In reply to: NEWS - September 18, 2009

Pounces on banking passwords

By Dan Goodin in San Francisco
18th September 2009 00:37 GMT

One of the world's nastiest password-stealing trojans evades detection by the majority PCs running anti-virus programs, according to a study that examined 10,000 machines.

Zeus, a stealthy piece of malware that sits on a PC and waits for users to log in to bank websites, is detected just 23 per cent of time by AV programs, according to the study (PDF) released by security firm Trusteer. Even AV programs with up-to-date malware signatures were unable to identify the infection a majority of the time, the authors said.

Zeus, which also goes by the name Zbot and PRG, escapes detection using sophisticated techniques such as root-kit technology, the Trusteer report said. The company is able to detect it by examining the fingerprint Zeus leaves when it penetrates an infected PC's browser process

Continued here: http://www.theregister.co.uk/2009/09/18/zeus_evades_detection/
Collapse -
Microsoft Files Five Lawsuits To Halt Malicious Advertising

In reply to: NEWS - September 18, 2009

In an effort to protect Windows users, Microsoft is suing unidentified scammers for distributing malware through online ads.

By Thomas Claburn
September 18, 2009

Microsoft on Tuesday filed five civil lawsuits in Seattle's King County Superior Court to combat malicious online advertising, or malvertising.

The lawsuits allege that an unknown number of individuals using various business names distributed malicious software through Microsoft AdManager, the company's online advertising platform.

"These ads then lead to harmful or deceptive content," said Microsoft associate general counsel Tim Cranton, in a blog post. "For example, ads may redirect users to a Web site that advertises rogue security software, also known as scareware, that falsely claims to detect or prevent threats on the computer."

Continued here: http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=220000975&cid=RSSfeed_IWK_Security
Collapse -
Pick Your Poison: KOOBFACE or FAKEAV?

In reply to: NEWS - September 18, 2009

The Koobface botnet is widely known to install FAKEAV or rogue antivirus malware onto a victim?s PC. It has a dedicated component which actually installs the FAKEAV onto the user?s system. However, the Koobface gang has added a new twist to its fake Facebook page.

When the user closes the window/tab with the fake Facebook page, a popup window appears. Whatever button the user clicks, this new Koobface variant is downloaded onto the affected system.

Continued here w/video and screenshots:

Collapse -
Your Facebook account is worth $100

In reply to: NEWS - September 18, 2009

PandaLabs found a website that offers Facebook account hacking service. They wrote in a blog post:

Yesterday I came across (thanks Sean-Paul!) the following site, which really attracted my attention. As you can see, it is an online service which promises to hack any Facebook account just for 100 bucks (!). My first thought about this was "ok, just another scam", but I wanted to see how far they could go with this. The first thing they request you is to register in their site, which I did. The next step to hack an account was to provide them with the ID of the Facebook account you wanted to hack.

Screenshots and more info in http://pandalabs.pandasecurity.com/archive/Your-Facebook-account-is-worth-_2400_100.aspx

Collapse -
Yahoo! Group Spam Traps

In reply to: NEWS - September 18, 2009

ESET's David Harley recently noted the increase of Yahoo! Groups spam, a phenomenon where you get an e-mail saying your request to join their group has been received and all you have to do is click the link to confirm it.

This caught my eye because I've seen a bit more of this myself recently. What you want to do with these requests is to ignore them because they expire in a week. They are genuine Yahoo! Groups requests (at least the ones I've seen), but they are set up to distribute spam. The YG requests get through filters because Yahoo! has a good reputation in spam terms and filters can't, as a general matter, block messages from them.

Collapse -
Brute-force attacks target two-year hole in Yahoo! Mail

In reply to: NEWS - September 18, 2009

Your password is 123456

Scammers are exploiting a two-year-old security hole in Yahoo's network that gives them unlimited opportunities to guess login credentials for Yahoo Mail accounts, a researcher said.

The vulnerability resides in a web application that automates the process of logging in to the widely used webmail service. Because it fails to carry out a variety of security checks followed by the login page Yahoo! Mail users typically use, it's providing criminals with a backdoor through with user accounts can be breached, said Ryan Barnett, director of application security research at Breach Security.

"If the front gate of your castle is your login page to Yahoo Mail, they've done a good job of securing it," he told The Register. The web application amounts to "some sort of water tunnel that the bad guys are walking right through."

Over the past seven weeks, a sensor deployed by WASC, or the Web Application Security Consortium, has detected "a few thousand" or more attempts to use the unprotected web application to carry out brute force attacks on user passwords, Barnett said. Because the sensor is installed on just one of a massive number of open proxies, the ******** is likely detecting only a small fraction of the overall activity, he added.


Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Here's Everything to Know About the 2019 Grammys

Find out how to watch the Grammy Awards if you don't have cable and more.