Here's an overview of some of last week's most interesting news and articles: (IN)SECURE Magazine issue 40 released (IN)SECURE Magazine is a free digital security publication discussing some of …
Read the original post:
Week in review: Air gap-hopping malware, first PoS botnet, and the new issue of (IN)SECURE Magazine
UK BANKING GROUP Royal Bank of Scotland (RBS) has been hit by a distributed denial of service (DDoS) attack that took down its online services for the second time this week. Earlier this week, RBS irked customers when an IT systems failure shut down its websites and caused its customers’ bank cards to fail. On Friday it admitted that it has been struck by a DDoS attack affecting its online services once again. RBS took to Twitter to reveal news of the DDoS attack. It said, “Due to a surge in internet traffic directed at the Natwest website, customers experienced difficulties accessing some of our sites today. “This deliberate surge of traffic is known as a distributed denial of service (DDoS) attack. We have taken action to restore affected sites. “At no time was there any risk to customers. We apologise for the inconvenience caused.” RBS has yet to comment further, so it’s still unclear which websites were downed in the attack, although the tweet suggested that the RBS, Natwest and Ulster Bank websites were all affected. It is also still unclear who was responsible for the DDoS attack. However, it seems that the problems have not reached as far as those experienced by RBS customers earlier this week, when an IT systems failure struck the entire banking group. Speaking about the system failure on Monday evening, RBS CEO Ross McEwan said on Tuesday, “Last night’s systems failure was unacceptable. Yesterday was a busy shopping day and far too many of our customers were let down, unable to make purchases and withdraw cash. “For decades, RBS failed to invest properly in its systems. We need to put our customers’ needs at the centre of all we do. It will take time, but we are investing heavily in building IT systems our customers can rely on. “I’m sorry for the inconvenience we caused our customers. We know we have to do better. I will be outlining plans in the New Year for making RBS the bank that our customers and the UK need it to be. This will include an outline of where we intend to invest for the future.” Source: http://www.theinquirer.net/inquirer/news/2317692/rbs-hit-by-ddos-attack-that-takes-down-online-services-again
View article:
RBS hit by DDoS attack that takes down online services again
Just don’t bork our crim-busting honeypots again Microsoft has teamed up with the FBI to launch a renewed attempt to disrupt the operations of the infamous ZeroAccess botnet.…
Read More:
Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt
Microsoft and law enforcement agencies disrupt ZeroAccess, one of the world’s largest botnets responsible for millions in fraud losses.
See more here:
Microsoft disrupts ZeroAccess botnet
Eleven of the fourteen defendants in the PayPal 14 case have reached a plea deal with federal prosecutors. Under the agreement, the defendants will plead guilty to felonies and misdemeanors under the Computer Fraud and Abuse Act (CFAA). If they observe good behavior, federal prosecutors will ask that the felonies be dropped. This comes as good news to those who advance the notion that DDoS (Distributed Denial of Service) attacks are acts of civil disobedience. Two other defendants will serve 90 days in prison after pleading guilty to a misdemeanor charge pled guilty to a misdemeanor, while the last of the fourteen defendants was not eligible for a plea deal in the case. The PayPal 14 are only a small fraction of the over 1,000 participants identified in a DDoS attack aimed at PayPal, which Anonymous hit as part of “Operation Payback” after the company cut service to WikiLeaks’s donations page. Pierre Omidyar, founder of eBay, which is the parent company of PayPal, called for leniency. Ironic given that PayPal provided the Department of Justice with a list of the participants’ IP addresses, which helped the FBI locate the protesters. “I can understand that the protesters were upset by PayPal’s actions and felt that they were simply participating in an online demonstration of their frustration. That is their right, and I support freedom of expression, even when it’s my own company that is the target,” Omidyar wrote two days ago in a Huffington Post op-ed. “The problem in this case however is that the tools being distributed by Anonymous are extremely powerful. They turn over control of a protester’s computer to a central controller which can order it to make many hundreds of web page requests per second to a target website.” DDoS works by connecting thousands of computers together to bombard websites with traffic until it collapses. As Omidyar noted, it multiplies the power of a single protester, which is something that cannot be done in the physical realm without significant grassroots effort. Nevertheless, the plea deal is significant because it sets a legal precedent that DDoS isn’t just some effort to cause significant financial harm. While the plea deal doesn’t define DDoS as digital protest, it might be the first step in acknowledging the attack as something akin to protesters blocking a road or a business. These physical protests are typically prosecuted as misdemeanors, not felonies that can bring hefty prison terms, high restitution costs, and a lifetime designation as a felon. The PayPal 14 plea deal might also help begin the very necessary process of amending the CFAA, which allows stiff penalties for these non-violent crimes in the first place. Shortly before the news was announced, activist lawyer Stanley Cohen tweeted: “Stay tuned for details. Pay Pal 14 will be resolved today, big win for civil disobedience. Up the Rebels.” And a good win for the internet, which is coming of age as the supreme venue for protest against political and financial power. Source: http://www.deathandtaxesmag.com/210854/paypal-14-plea-deal-a-win-for-ddos-as-civil-disobedience/
Read More:
PayPal 14 plea deal a win for DDoS as civil disobedience
Researchers from Arbor Networks have spotted an active Point of Sale (PoS) compromise campaign using the Dexter malware or variants of it, aimed at stealing credit and debit card data. “The exa…
Read More:
Researchers uncover Point-of-Sale botnet
A Wisconsin man has been sentenced to two years federal probation and ordered to pay restitution for taking part in a 2011 DDoS attack mounted against the official website of Koch Industries by the An…
Originally posted here:
Wisconsin man sentenced for DDoS attack against Koch Industries
Google Nexus smartphones including the latest Google Nexus 5 running Android 4.4 KitKat are vulnerable to denial-of-service attack via Flash SMS messages; it has been revealed on Friday during DefCamp security conference in Bucharest, Romania. Bogdan Alecu, a system administrator working with Levi9 – an IT services company, performed a live test during the conference on a Nexus 4 phone running Android 4.3. Alecu showed through the test that after receiving 30 odd Flash messages, the smartphone became unresponsive. During this state the phone neither responded to screen taps nor was it able to receive any phone calls and had to be rebooted manually to get it in functional order. Flash messages are Class 0 SMS that gets displayed on phones’ screen directly without getting stored on the device. Users have the option to saving the message or dismissing it. According to Alecu, there have been instances during this tests that the phone behaves in a different manner at times and loses mobile network connectivity temporarily. The connectivity is restored in a short while with ability to place and receive phone calls, but internet connectivity is lost up until the phone is manually restarted. There are instances when the messaging app crashes and the Nexus smartphone reboots. The issue has been discovered over a year ago revealed Alecu and has been tested on all Google Galaxy Nexus smartphones running Android 4.x including the recently released Nexus 5. Alecu revealed that he has contacted Google multiple times just to receive automated response. Some one did respond that the issue will be resolved in Android 4.3, but unfortunately it still persists and has been passed onto Android 4.4 KitKat. There is no official fix for the vulnerability and till then the only workaround is an app named Class0Firewall (https://play.google.com/store/apps/details?id=com.silentservices.class0firewall&hl=en) developed by Michael Mueller, an IT security consultant from Germany in collaboration with Alecu. Source: http://www.techienews.co.uk/973439/google-nexus-5-vulnerable-denial-service-attack/
Hacktivist collective Anonymous has taken credit for an attack that unintentionally affected a number of Microsoft services last week. On Monday, members of the loose-knit hacker group posted on Pastebin about how a distributed denial-of-service (DDoS) attack targeting Japanese Microsoft websites and servers had gone awry – resulting in several of the technology giant’s services going down. “A couple days ago a DDoS attack was launched at Japanese Microsoft (Domain) Websites and Servers,” according to the Anonymous post. “We are sorry to report that the Japanese Microsoft Websites and Servers did not go down as planned. Although something did go down. We took the pretty much the entire Microsoft domains down.” It appears the hackers had a motive. “The DDoS attack was launched in response to Taiji…Operation Killing Bay OR #OpKillingBay,” according to the post. Operation Killing Bay is an initiative protesting the slaughter of dolphins in the village of Taiji in Japan – a controversial topic that has gained a lot of coverage in recent years. “It’s the thought that counts right?” the hacktivists wrote, insinuating that they would strike against Taiji again. The claim explains why several people were reporting outages and disruptions of Microsoft services, including microsoft.com, outlook.com, msn.com, office365.com, Microsoft Developer Network, TechNet, SkyDrive, the Windows Store, sites hosted on Windows Azure, xbox.com and Xbox Live. Most of Microsoft’s affected services were restored quickly. Source: http://www.scmagazine.com/anonymous-ddos-attack-snowballs-affects-several-microsoft-services/article/322945/
See the original post:
Anonymous DDoS attack snowballs, affects several Microsoft services
Two months ago, BTC-China was growing fast. It was on a blazing trajectory that would soon see it become the world’s largest Bitcoin exchange. With Bitcoin, the world’s most popular digital currency, in the midst of an tremendous upswing of its own, BTC was on the verge of hitting it very, very big. But before that, there would be the double-barreled rite of passage. First came the extortion attempt, and then the non-stop computer attacks, known as distributed denial of service (DDoS) attacks. The extortionists contacted BTC-China in mid-September. Over instant-message chats, they first said they wanted just a few hundred dollars — paid out in bitcoins, naturally — but the demands soon escalated. BTC-China CEO Bobby Lee doesn’t want to get into specifics, but he says that they claimed to have been hired by one of his competitors. He doesn’t believe this, but he thinks that other Bitcoin companies should be concerned. “The DDoS attackers are hitting more and more of us, and it’s going to be a widespread problem,” he says. Since, September, there have been dozens of these attacks on BTC-China. According to Lee, one of them used up a remarkable 100 G/bits per second in bandwidth. “They’re throwing big-time resources into these attacks,” says Marc Gaffan, co-founder of Incapsula, the company that Lee hired to protect his exchange from the criminals. “The attack on BTC-China was one of the largest ever.” Incapsula has about two-dozen clients that are involved in Bitcoin businesses, Gaffin says. A year ago, it had none. CloudFlare, another provider of DDoS protection services has seen a big jump in attacks over the past three months, says Matthew Prince, the company’s CEO. “We’re seeing daily attacks targeting Bitcoin related sites on our network, most of which are relatively small but some get to very high volumes.” Some attacks have even exceeded the 100 G/bits per second volume that hit BTC-China, he says. Yesterday, European payment processor BIPS said it had been hit with a DDoS attack, and then hacked to the tune of nearly 1,300 bitcoins, or $1 million. Last week, Bitstamp, another major Bitcoin Exchange, went offline temporarily. The company has not responded to requests for comment, but it blamed the outage on software and networking issues, not a DDoS. On most websites, hackers can steal credit card numbers or personal information, but these have to be sold somehow. When you break into a Bitcoin business and get access to digital wallets, as was the case with BIPS and an Australian company, Inputs.io, which was hit last month, you’re stealing money itself. “If a Bitcoin wallet can get compromised, then the hackers can actually steal real money and there’s no way to refund the money,” Lee says. In April, Mt. Gox got clobbered via DDoS. The point, the company speculated, was to destabilize Bitcoin, and fuel panic-selling. “?Attackers wait until the price of bitcoins reaches a certain value, sell, destabilize the exchange, wait for everybody to panic-sell their bitcoins, wait for the price to drop to a certain amount, then stop the attack and start buying as much as they can,” Mt. Gox wrote on its website. Gaffan and Lee agree that, in addition to extortion, market manipulation is likely a motive with the recent DDoS attacks too. “It’s about trying to influence the market,” Gaffan says. “We see more Bitcoin exchanges going under attack.” Source: http://www.wired.com/wiredenterprise/2013/11/ddos_bitcoin/
Read the original:
Want Cheaper Bitcoins? Hit Someone With a DDoS Attack