samadhisoft.com

A Russian hacker who breached the security of RBS’ WorldPay service and stole $9m (£6m) has had his property sold to compensate the bank.

Viktor Pleshchuk’s two flats and two cars, a BMW and a Lada, were auctioned off in Saint Petersburg on Monday.

According to a Russian news portal RIA Novosti, the sale raised 10m roubles (£200,000).

It reported that the money had been transferred to RBS, something the bank was unable to confirm.

Mr Pleshchuk and seven other Eastern European hackers managed to get their hands on the personal data of thousands of RBS customers in 2008.

They used the information to create fake debit cards and withdraw huge amounts of cash from ATMs in as many as 280 cities around the world.

The money was taken from 2,100 bank cash machines within 12 hours in the US, Russia, Estonia, Italy, Hong Kong, Japan and Canada.

– More… ➡

Dutch security firm DigiNotar has filed for voluntary bankruptcy following a series of attacks by a hacker.

The attackers penetrated DigiNotar’s internal systems and then issued fake security certificates so they could impersonate web firms.

The certificates are believed to have been used to eavesdrop on the Google email accounts of about 300,000 people.

The hacker behind the attacks claims to have penetrated four other firms that issue security certificates.

No tears

DigiNotar’s parent company Vasco Data Security said the firm had been put into voluntary bankruptcy. A trustee for the business has been appointed who will oversee the winding up of DigiNotar.

The scale of the attack on DigiNotar began to be uncovered on 19 July when the firm said it first found evidence of an intrusion. It started to revoke certificates and an investigation was carried out to find out how much damage had been done.

An initial report found that hundreds of fake certificates had been issued and hackers had almost total access to DigiNotar’s network.

The security certificates it and many other firms issue act as a guarantee of identity so people can be sure they are connecting to the site they think they are.

The fake certificates DigiNotar revoked were for some of the biggest net firms including Google, Facebook, Twitter and Skype.

It is thought the fake certificates for Google were used in Iran to peep at the email accounts of about 300,000 people.

Soon after discovering the attack, DigiNotar stopped issuing certificates altogether. Once wound up, its business and assets will be folded into Vasco.

“We are working to quantify the damages caused by the hacker’s intrusion into DigiNotar’s system and will provide an estimate of the range of losses as soon as possible, ” said Vasco in a statement.

It added that its network and systems remained separate from DigiNotar and, as a result, “there is no risk for infection of Vasco’s strong authentication business”.

– More… ➡

Mitsubishi Heavy Industries, Japan’s biggest defense contractor, has revealed that it suffered a hacker attack in August that caused some of its networks to be infected by malware.

The firm – which is involved in a wide range of activities including space rockets, the production of jet fighters, shipbuilding, and running nuclear power plants – said that 45 network servers and 38 PCs became infected with malware at ten facilities across Japan.

The infected sites included its submarine manufacturing plant in Kobe and the Nagoya Guidance & Propulsion System Works, which makes engine parts for missiles.

The Japanese newspaper Yomiuri claimed that at least eight different pieces of malware, including some which stole data, were discovered at Mitsubishi sites.

A Mitsubishi spokesperson, however, was quoted as saying that “there is no possibility of any leakage of defense-related information at this point.”

The company first noticed the attack on August 11th, and expects to have the results of an investigation into the security breach by the end of September.

If Mitsubishi Heavy Industries was targeted by hackers, the obvious question to ask is who was behind the attack and what was the motive?

Earlier this year we saw a series of cyber attacks against US military contractors, including Lockheed Martin, L-3 Communications and Northrop Grumman, and US Deputy Defense Secretary William Lynn publicly claimed that a foreign intelligence agency was behind a hack attack that stole classified information about a top secret weapons system.

– more… ➡

Anonymous

Hacker group Anonymous has released a cache of data it claims to have stolen from US defence consultant Booz Allen Hamilton.

A file containing more than 90,000 e-mail addresses plus passwords, logins and other information was put on The Pirate Bay file-sharing site.

The group said it stole the information by targeting a poorly protected server on the defence firm’s network.

Booz Allen Hamilton declined to comment on the incident.

In text accompanying the download package, Anonymous said it was “surprised” at how easy it was to infiltrate the server given the consulting firm’s record of working on defence and homeland security.

The attack was carried out under the banner of the “Anti Sec” campaign that was originated by the short-lived LulzSec hacking group.

That hacker collective “disbanded” in late June following a spree of hack attacks on high profile targets. Many of its members are thought to have joined up with Anonymous.

As well as grabbing e-mails, passwords and a copy of a database, Anonymous said it had also got hold of lots of other material that it planned to use to attack other government agencies and federal contractors.

Booz Allen told Reuters it had no comment to make about the alleged attack, adding that company policy meant it could not discuss “specific threats or actions taken against our systems”.

Commenting on the attack, Chester Wisniewski from security firm Sophos, said the attack’s significance may lie in what happens to the addresses now they have been stolen.

“…there clearly is demand for information about individuals related to the US defence that can be used to compromise their accounts and computers,” he wrote.

The Anonymous hacking group came to prominence thanks to the actions it took in defence of the Wikileaks whistle-blowing website. Among other things, Anonymous helped to co-ordinate attacks on companies, including Mastercard and Amazon, which it felt did not do enough to help Wikileaks.

The latest attack follows recent raids by police forces in Spain, Turkey and Italy that resulted in the arrest of suspected members of Anonymous.

– To the original… ➡

Trading in seven stocks listed on the Hong Kong stock exchange was suspended on Wednesday after a hacking attack.

The attack was aimed at a website run by the exchange used to tell traders about company announcements.

The site was shut and trading in seven firms due to make announcements via the website was suspended for half a day.

Shares in HSBC, Cathay Pacific, China Power International and the Hong Kong exchange itself were among those suspended.

“Our current assessment (is) that this is a result of a malicious attack by outside hacking,” said Charles Li, head of Hong Kong Exchanges & Clearing (HKEC), in a statement. HKEC runs the Hang Seng exchange.

Mr Li said the company was looking into the motive for the attack and what hackers sought to gain from it. The incident has been referred to the police as well as the Securities and Futures Commission.

The attack on the site made it temporarily unavailable. It is not yet clear whether the attack overwhelmed the site with data, making it unreachable, or whether hackers gained unauthorised access to it.

HKEC was investigating the attack and said if the site remained unstable on Thursday, announcements would be made via the Hang Seng’s bulletin board. Additionally, the suspension of the seven shares would be lifted.

Price sensitive information due to be announced included HSBC announcing the sale of its US credit card arm and Cathy Pacific unveiling half year results. The suspended stocks are among the biggest on the Hang Seng index.

None of the other systems operated by Hong Kong Exchanges was hit in the attack and its securities and derivatives markets ran as normal.

The Hong Kong exchange is one of many stock markets that have been hit by hackers. The Zimbabwe stock exchange was attacked in early August and in February, the US Nasdaq revealed that cyber criminals had planted malicious code on its “Directors Desk” web application.

– To the original… ➡

A group of computer hackers has tampered with the website of the Sun, owned by News International.

A group of computer hackers has tampered with the website of the Sun, owned by News International.

At first, readers were redirected to a hoax story which said Rupert Murdoch had been found dead in his garden.

A group of hackers called Lulz Security, which has previously targeted companies including Sony, said on Twitter it was behind the attack.

Visitors to the Sun website were then redirected to the group’s Twitter page, before News International took it down.

News International said it was “aware” of what was happening but made no further comment.

Readers trying to access thesun.co.uk were taken to new-times.co.uk and a story entitled “Media mogul’s body discovered”.

It suggested that Mr Murdoch had been found after he had “ingested a large quantity of palladium”.

Disbanding

After that site stopped working, the Sun’s address was re-directing to LulzSec’s Twitter account, which claimed to be displaying “hacked internal Sun staff data” in one entry.

In another, the group said: “Arrest us. We dare you. We are the unstoppable hacking generation…”

– More… ➡

IT security firm McAfee claims to have uncovered one of the largest ever series of cyber attacks.

It lists 72 different organisations that were targeted over five years, including the International Olympic Committee, the UN and security firms.

McAfee will not say who it thinks is responsible, but there is speculation that China may be behind the attacks.

Beijing has always denied any state involvement in cyber-attacks, calling such accusations “groundless”.

Speaking to BBC News, McAfee’s chief European technology officer, Raj Samani, said the attacks were still going on.

“This is a whole different level to the Night Dragon attacks that occurred earlier this year. Those were attacks on a specific sector. This one is very, very broad.”

Dubbed Operation Shady RAT – after the remote access tool that security experts and hackers use to remotely access computer networks – the five-year investigation examined information from a number of different organisations which thought they may have been hit.

“From the logs we were able to see where the traffic flow was coming from,” said Mr Samani.

“In some cases, we were permitted to delve a bit deeper and see what, if anything, had been taken, and in many cases we found evidence that intellectual property (IP) had been stolen.

“The United Nations, the Indian government, the International Olympic Committee, the steel industry, defence firms, even computer security companies were hit,” he added.

– More… ➡

Thousands of people who entered competitions on The Sun website have been warned that their personal information may have been stolen.

The paper’s publisher, News Group, said the data was taken when the site was hacked on 19 July.

Some of the details, including applications for the Miss Scotland contest, have been posted online.

The company said it had reported the matter to the police and the Information Commissioner.

News International, News Group’s parent company, issued a statement that said: “We take customer data extremely seriously and are working with the relevant authorities to resolve this matter.

“We are directly contacting any customer affected by this.”

Miss Scotland

The stolen information is believed to include names, addresses, dates of birth, email addresses and phone numbers.

No financial or password data was compromised, the company said.

A sampling of the stolen details was posted on the document sharing site Pastebin.

The file contained the names and mobile numbers of 14 applicants to the 2010 Miss Scotland contest.

It also included lengthy biographies written by the women, outlining why they should be selected.

One entrant, who did not want to be named, told BBC News: “I’m not happy at all. I’m kind of worried – because that’s everything about me.

“[This data] should have been locked up, this was last year’s, so they didn’t need to keep my details.”

– More… ➡