pcAnywhere Source Posted

According to the Register, hacktivists affiliated with Anonymous have uploaded what they claim is the source code of Symantec’s pcAnywhere software today, after negotiations broke down with a federal agent posing as a Symantec employee.  Symantec confirmed that it had turned the case over to the Feds as soon as the hackers made contact.

According to the article, the release of the 1.27GB file coincides with the breakdown of the “negotiations” – which the group has now published on Pastebin – that took place between “Symantec” and the spokesperson of hacker group Lords of Dharmaraja, an Indian hacking crew affiliated with Anonymous.

Catch the details in the original article.  Beware downloading anything purporting to be a source code cache.  These things are tracked by the vendor, law enforcement agencies, and others, and are most often laced with some type of malicious software.  Stories like this are news-worthy, generating a lot of interest, and anything that generates conversation and controversy is fair game for miscreants.  And what better way to get their hooks into your computer than to offer you something enticing, like a peak at some commercial source code?

-=[BUSTED]=- Two Scareware Rings Taken Down

InformationWeek reports that the FBI has disrupted two scareware (fake anti-virus) crime rings, as part of “Operation Trident Tribunal.”  The FBI obtained warrants to seize 22 PCs and servers located across the United States that were used to support the scammers’ operations.  They also worked with law enforcement agencies in France, Germany, Latvia, Lithuania, Netherlands, Sweden, and the United Kingdom to seize an additional 25 PCs and servers.  It would appear the seizure of several servers hosted by DigitalOne in data center space it leased in Reston, Va. may have impacted some unrelated sites.

The first group bagged at least $72 million over a three-year period by tricking one million people into buying the scareware for up to $129 per copy.  The second criminal operation resulted in the arrest of 2 people in Latvia, and charges each with two counts of wire fraud, one count of conspiracy to commit wire fraud, and computer fraud.  The pair were apparently running a “malvertising” scam by creating a phony advertising agency, and purchasing advertising space on the Minneapolis Star Tribunewebsite.  Newspaper staff vetted the digital advertisement before posting it to the site.

The defendants altered the advertisement code to infect website visitors with malware that launched scareware applications on their PCs.  The scareware froze PCs until the user paid to purchase fake AV software.  Those that didn’t pay  found that all information, data, and files stored on the computer became inaccessible.  As part of this scam, the two Latvians allegedly netted $2 million.

These scams may sound lucrative, but it is good to hear that arrests are being made.  Watch for an increase in arrests as the FBI and other Law Enforcement Organizations get a handle on the scope and scale of this type of activity and trace it back to the nest.

LulzSec Hacks Arizona Law Enforcement Agency

LulzSec has announced the publication of a trove of over 700 leaked documents from an Arizona law enforcement agency on the notorious Pirate Bay file sharing site.  Arizona’s Department of Public Safety confirmed that it had been hacked.  The LulzSec press release included with the dump sounds more “hacktivistic” than usual, exposing a political agenda, opposing Arizona’s SB1070, the state’s broad and controversial anti-illegal immigration measure.

Amongst countless mundane documents covering hours worked, officers’ personal information and other stuff of minimal interest are a few fascinating stories of law enforcement activities, such as an encounter with off-duty Marines patrolling the U.S.-Mexico border with assault weapons, and tirades about illegal Mexicans and drug dealers.

LulzSec, Anonymous, & The End of The Internet

So it seems that LulzSec, the notorious hacking group, is not so altruistic and politically bent as they first appeared.

They apparently like to play computer games, and can’t resist showing off to the world just how kewl their new found skillz are.

They are looking more and more to me as an opportunistic bunch of parasites that have gotten drunk on their own intoxicating brew of exploits and media hype.  What used to sound like the kind of claims and warnings issued by supposed “whitehat hackers” and self proclaimed whilstle blowers is now sounding more and more like “look at me, I am the coolest kid on the block!  I wear my hat backwards, and I can spit real far!”


First, check out the Sony incidents timeline at attrition.org.  Then peruse the recent headlines gathered regarding LulzSec.

Continue reading

Taking Back The Net

According to The Guardian, the hackers’ underground world has been so thoroughly infiltrated by law enforcement that it is now riddled with paranoia and mistrust.  It is estimated that one in four hackers are secretly informing on their peers, a Guardian investigation has established.  Online policing units have had such success in gaining online criminal cooperation through the threat of long prison sentences that they have managed to create an army of informants deep inside the hacking community.

Popular and illegal identity and credit card number exchange forums used by criminals as marketplaces have been run by FBI moles.  Undercover FBI agents pose as “carders”, hackers specialising in ID theft, and take over management of the forums using gathered intelligence, putting dozens of people behind bars.  Eric Corley, publisher of the hacker quarterly, 2600, estimates that 25% of hackers in the US may have been recruited by the federal authorities to be their eyes and ears.  “Owing to the harsh penalties involved and the relative inexperience with the law that many hackers have, they are rather susceptible to intimidation,” Corley told the Guardian.

Barrett Brown, who has acted as a spokesman for the otherwise secretive Anonymous, says it is fully aware of the FBI’s interest. “The FBI are always there. They are always watching, always in the chatrooms. You don’t know who is an informant and who isn’t, and to that extent you are vulnerable.”

Hackers, beware as the net grows tighter…

FBI – NATO – Affiliates Target of LulzSec

LulzSec has announced a new target for its particular brand of online harassment.  It has published details on users and associates of the non-profit organization known as Infragard.  Infragard is as a non-profit organization providing an interface between the private sector and the FBI.  LulzSec published 180 usernames, hashed passwords, plain text passwords, real names and email addresses.  One interesting point to note is that not all of the users’ passwords were cracked, because some users likely used passwords of reasonable complexity and length, making brute forcing attacks on the passwords far more difficult.  That should tell us all something about the basics of security.

In addition to stealing data from Infragard, LulzSec also defaced their website with a joke YouTube video and the text “LET IT FLOW YOU STUPID FBI BATTLESHIPS” in a window titled “NATO – National Agency of Tiny Origamis LOL”.  Let’s hope that this particular endeavour provides the traces and footprints that allow law enforcement to track and identify these online rascals.  I see no value or return in what they are doing.

Beware Email Frauds

The FBI is warning against common “News of The Moment” scams, where hot topics are abused to spread malware.  This sort of attack will often use cross site scripting (XSS), which allows an attacker to execute code on the target website within a user’s browser using crafted values in the target site’s URL, web forms, or in cases where sites allow users to place material directly in posted content.  These scams are not likely to go away anytime soon, and are increasing in their sophistication and cleverness.

Recently, social networking site users have fallen victim to “self” infecting XSS attacks where they actually perform the attack themselves by following directions to view the latest Osama bin Laden video.  Before users can view the video, they must complete a “5 second security check.”  Instructions to follow a few keyboard shortcuts allow users to cut and paste malicious code directly into their browser’s URL without any indications it is a viral scam.

They are also warning on scams misrepresenting the Financial Crimes Enforcement Network of The United States Department of the Treasury.  Perpetrators will commonly use the names of various government agencies or officials to legitimize their scams.  Most recently, there have been several complaints in which victims reported receiving an e-mail or phonecall claiming to be from the U.S. Department of the Treasury stating their lost funds, which were stolen and diverted to a foreign account registered in their name, have been recovered.  The e-mail advised them to cease all money transactions, especially overseas, and to respond to the e-mail so the lost funds could be returned.

The e-mail further stated the US government is making adequate arrangements to ensure outstanding beneficiaries receive their funds.  The e-mail is signed by James H. Freis, Deputy Director of the Financial Crimes Enforcement Network, and requires victims to provide personally identifiable information that could potentially result in identity theft.

The U.S. Department of the Treasury posted a scam alert on their website on April 13, 2011, stating they do not send unsolicited requests, do not seek personal or financial information from members of the public by e-mail, and recommend that recipients do not respond to these messages. The alert further provides links for victims to report solicitations claiming to be from the U.S. Treasury.