FBI

FBI: Hundreds Of Thousands May Lose Internet In July

Posted on


Cybersecurity

WASHINGTON (AP) — For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.

Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.

The FBI is encouraging users to visit a website run by its security partner, http://www.dcwg.org , that will inform them whether they’re infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.

Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.

Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.MORE

How Anonymous spied on FBI / UK Police hacking investigation conference call

Posted on


 

http://sophosnews.files.wordpress.com/2012/02/conference-call-spy-170.jpg” alt=”Conference call spy image from Shutterstock” align=”right” hspace=”10″ vspace=”10″ />

Conference call spy image from ShutterstockLast month, we reported how a conference call, between the FBI and Scotland Yard, discussing their investigation into Anonymous hackers had been secretly recorded by the hacking collective and published on the net.

We surmised at the time that the unknown hackers might have secretly accessed the call by compromising a police investigator’s email account, as the call-in details and passcode were posted by Anonymous on their usual dumping ground – the PasteBin website.

http://sophosnews.files.wordpress.com/2012/02/fbi-email1.jpg” alt=”Conference call email, republished by Anonymous” />

Conference call email, republished by AnonymousYesterday’s announcement by the FBI about the prominent LulzSec hacker Sabu, and other alleged hacktivists, has revealed more details about what actually happened.

According to an FBI press release, a Garda (Irish police) officer who was invited to attend the conference call about ongoing hacking investigations forwarded the message to a personal email account.

Unfortunately, that personal email account was compromised by a hacker.MORE

FBI investigates grade change hacking at Santa Clara

Posted on


Mark Loiseau, who says the FBI gained access to his Verizon and Google Voice accounts

A Twitter post from an undergraduate student at Santa Clara University has prompted the school to acknowledge that it asked the FBI to investigate how a few dozen grades were electronically altered.

Mark Loiseau, 25, a senior electrical engineering student, received an unpleasant surprise this morning: three FBI agents showed up at his off-campus apartment wanting to have a friendly chat with him.

FBI agent Jeffrey Miller and his colleagues had complete dossiers on him and his friends, Loiseau told CNET this afternoon. “They had all my grades. They had pictures of me.”

It started out as a friendly conversation, Loiseau said, but then the FBI agents began to suggest that he was involved in illegally changing his or someone else’s grades. After receiving a denial, the trio of agents said that lying to a federal agent was a crime and that they wanted to search his computers.MORE

FBI searches homes of suspected Anonymous hacktivists in New York

Posted on


FBI badge

In the early hours of this morning, the FBI executed search warrants at to gather evidence at the homes of alleged members of the Anonymous hacktivist group.

According to a Fox News report, two homes in Long Island, New York, and one in Brooklyn, were searched by FBI agents looking for evidence that computers at the addresses had been used in distributed denial-of-service (DDoS) attacks against a number of websites.

Computer equipment is said to have been removed from the home of Giordani Jordan in Baldwin, Long Island by FBI agents.

In recent months, a number of high profile websites (including those belonging to Mastercard, Visa and the Recording Industry Association of America) were blasted off the internet in a series of DDoS attacks, with different computers scattered across the world deployed to bombard targeted sites with traffic using a tool called LOIC.

However, the Low Orbit Ion Cannon (LOIC) tool doesn’t do a very good job of covering the tracks of attackers – making it potentially easy for computer crime authorities to track those behind the attacks.

The raids in New York followed just hours after hackers launched an attack against The Sun newspaper, redirecting visitors to a false news story that News Corporation CEO Rupert Murdoch had been found dead.

In recent months we have seen Anonymous-related arrests in the USAUK,Spain, and Turkey.

Facilitating or conducting a DDoS attack is illegal in many countries around the world, and in the United States is punishable by up to 10 years in prison and considerable fines.

FBI searches LulzSec suspect’s home in Hamilton, Ohio

Posted on Updated on


The international investigation into the notorious LulzSec hacking gang continues, with news that FBI agents have searched a house in Hamilton, Ohio.

According to local media reports, federal agents are said to have searched a teenager’s home in Jackson Road, Hamilton, although no-one was charged after the search warrant was served.

Whether the FBI was acting upon information gleaned from Ryan Cleary, the British teenager who was charged last week in relation to a series of denial-of-service attacks, is unclear.

However, there is speculation that US law enforcement officers may have been acting in part based upon information released by the LulzSec group earlier this group, outing members believed to have leaked the group’s private online chat logs.

A June 21st posting by LulzSec on PasteBin claimed to reveal the true identities of members who called themselves “m_nerva” and “hann”. Apparent real names and addresses were given for both individuals by LulzSec who said:

"These goons begged us for mercy after they apologized to us all night for leaking some of our affiliates' logs. There is no mercy on The Lulz Boat."

In m_nerva’s case, his address was listed by LulzSec as being in Hamilton, Ohio.

Part of a statement from LulzSec

A tweet published at the same time as the information was posted indicated that there was little love between LulzSec members and the member they believed had snitched on them.

The Lulz Boat@LulzSec
The Lulz Boat

Remember this tweet, m_nerva, for I know you’ll read it: your cold jail cell will be haunted with our endless laughter. Game over, child.

Hackers, eh? You just can’t trust ‘em..

With rival hackers apparently turning on each other, and with law enforcement agencies around the world on their tail, it certainly feels as if those who sailed on the Lulz Boat may not be quite so merry as they once were.

 

 

FOR LATEST NEWS ON SCAM, SPAM ALERTS, HACKING, TECHNOLOGY NEWS. PLEASE

FOLLOW “COMPUTER ADDICTED” PAGE IN FACEBOOK:CLICK HERE

Is Facebook the right place to report a crime?

Posted on


Ballarat, a country town in Victoria, Australia, has made the news today thanks to social networking.

Under the headline Police tell users Facebook takes the complaints, regional newspaper The Courier reports:

Flyers have been sent to several police stations in the region, urging residents to contact Facebook's abuse department for minor matters rather than involve police.

But breathless, if unofficial, evangelist website All Facebook has reworked this headline to make it more impressive. They’re shouting out loud thatAustralian Cops Want Crimes Reported Via Facebook.


But this isn’t at all what the cops are suggesting. In fact, it looks as though the cops are urging people to seek resolution from Facebook for all matters which aren’t crimes, so that they can have more time to deal with serious online matters which require police involvement.

Facebook isn’t a law enforcement agency – and even if it were, it wouldn’t have jurisdiction in Victoria, or almost all other places on earth. Crimes should be reported to the police. They’re empowered to investigate and to act against wrongdoers.

(Police in your jurisdiction may have online reporting systems for cybercrimes. It’s well worth checking. Examples include the FBI’s gloriously easy-to-remember IC3 – the Internet Crime Complaint Center – athttp://ic3.gov/, and the Queensland Police Service’s Advance Fee Fraud Reporting Form for dobbing in scammers.)

The Ballarat region, and the Ballarat police, are no strangers to Facebook-related criminality: almost exactly a year ago, the cops intervened over an odious Facebook page entitled “100 Biggest Sluts of Ballarat”, which allegedly named girls as young as 14.

Of course, this raises the question, “How do I know whether online anti-social behaviour, or the latest outbreak of fraudulent Likejacking, is a crime or not?”

Where does online behaviour cross from being odious and reprehensible to being criminal? And what about cases which might feel to be on the borderline?

I suspect that many Facebook users might assume that the simplest way to get rid of abusive content would be to ask Facebook simply to to knock it offline. No need for police reports, official statements and potential lengthy entanglement in a criminal court case in which you have to front up to your abuser from the witness box.

But it’s not always that easy to get Facebook on your side. Naked Security’s own Graham Cluley found that out three years ago when he returned from an overseas vacation to discover that he was being subjected to arson and death threats against his family.

The provocation for this behaviour was a fraudulent Facebook page using Graham’s identity to taunt British soldiers.

Graham was informed by Facebook that this was out of their bailiwick – indeed, they advised him to go to the police – and only took down the offending material when he came up with the master-stroke of pointing out that some of the malevolent material was violating Sophos’s copyright. That got Facebook’s attention at once!

So the Catch-22-esque problem faced by the Ballarat police is that to persuade people to stop phoning them with online behavioural complaints which are out of their remit, they’ve had to invite people to phone them to find out which complaints are in their remit.

Nevertheless, common sense can help shield you from a lot of odious on-line trouble. As Craig Pearce, a Sergeant with the Ballarat police, wryly points out, There’s no need to have 1600 friends on Facebook if you don’t like them.”

You should also consider joining the SophosSecurity page on Facebook, where you can keep on top of the latest security threats, and ask for help with Facebook issues amongst our thriving community of more than 95,000 people. No, we’re not suggesting you befriend them all. Keep friendships – both on-line and off-line – for people you actually know, and like, and trust.

Infragard Atlanta, an FBI affiliate, hacked by LulzSec

Posted on


Infragard logo

In a self-titled hack attack called “F**k FBI Friday” the hacking group known as LulzSec has published details on users and associates of the non-profit organization known asInfragard.

Infragard describes itself as a non-profit focused on being an interface between the private sector and individuals with the FBI. LulzSec published 180 usernames, hashed passwords, plain text passwords, real names and email addresses.

Where did the plain text passwords come from? Considering LulzSec was able to decrypt them it would imply that the hashes were not salted, or that the salt used was stored in an insecure manner.

One interesting point to note is that not all of the users passwords were cracked… Why? Because these users likely used passwords of reasonable complexity and length. This makes brute forcing far more difficult and LulzSec couldn’t be bothered to crack them.

In addition to stealing data from Infragard, LulzSec also defaced their website with a joke YouTube video and the text “LET IT FLOW YOU STUPID FBI BATTLESHIPS” in a window titled “NATO – National Agency of Tiny Origamis LOL”.

defaced website below…pics.proof.

Aside from defacing their site and stealing their user database, they tested out the users and passwords against other services and discovered many of the members were reusing passwords on other sites – an violation of FBI/Infragard guidelines.

LulzSec singled out one of these users, Karim Hijazi, who used his Infragard password for both his personal and corporate Gmail accounts according to the hackers.

They’ve published a BitTorrent with what they claim are nearly 1000 of Hijazi’s corporate emails and a IRC chat transcript that proclaims to be a conversation they had with him.

They also disclosed a list of personal information including his home address, mobile phone and other details.

It’s hard to say when these attacks will end, but a great start would be to carefully analyze your security practices and ensure that your data isproperly encrypted and to regularly scan your servers for vulnerabilities.

As for LulzSec? It appears they have declared war on one of the premier police forces in the world… Their fate remains a mystery.

src :http://nakedsecurity.sophos.com/2011/06/04/infragard-atlanta-an-fbi-affiliate-hacked-by-lulzsec/

Contact me at : contactme.bijay@gmail.com

https://computeraddicted.wordpress.com

http://shenanigans-nepal.blogspot.com/

http://losthacker-deadbj.blogspot.com/