Continue reading »]]> By Xu Chi

2010-11-10

http://www.shanghaidaily.com/article/?id=454146&type=Metro

Shanghai – WATCH out! “Zombies” are attacking hundreds of thousands of mobile phones in the city.

The zombies are not the scary kind, but they do qualify as annoying as at least 300,000 local handset users are unwittingly sending spam messages with a virus to all contacts in their address books after their phones caught the Zombie virus, said NetQin Mobile Inc, a leading mobile phone security company.

The number accounted for 20 percent of the 1.5 million mobile phones across the country that have been infected by the virus so far, making Shanghai one of the hardest-hit areas, the Beijing-based company found.

A local lawyer, Liu Chunquan, said if the hackers who created the virus are caught they will be jailed for creating and spreading a virus and damaging computer systems.

According to the country’s criminal law, offenders can be jailed for more than five years if their crimes lead to severe consequences.

Anti-virus experts suggested that mobile phone users install anti-virus software and avoid clicking the links of spam messages, even those from friends or relatives.

Cell phones infected by the virus will be turned into another “zombie” phone, sending the phone user’s SIM card information to hackers, who then remotely control the phone to send links of the virus to others via spam text messages.

Users who receive the messages and click the links will also be infected while the infected phones keep sending spam messages. The virus has cost handset users a total of about 2 million yuan (US$300,000) per day.

“My friend complained that he constantly received ad messages from me, but I never sent him any,” said a local resident surnamed Zhang. “Then I realized that my phone was turned into a ‘zombie.’”

According to a NetQin official surnamed Dong, they have studied hundreds of thousands of complaints and emergency calls, the feedback of the security software installed on mobile phones, and the information they gathered from a massive database that users had joined voluntarily.

However, the number of victims may far exceed the figures given by the company as its statistics don’t cover all phone users.

The virus infected 1 million users during the first week of September, according to a previous report by the National Computer Network Emergency Response Technical Team Center.

“We noticed the virus in early August and our engineers started to fight back with anti-virus software,” said Dong. “It’s possible to stop it from spreading quickly.”

But she said they also needed government help to track down the hackers.

Also read -

http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=228200648&cid=RSSfeed_IWK_Security

Continue reading »]]> William Maclean, Security Correspondent

Reuters

Feb 22, 2010

http://www.reuters.com/article/idUKTRE61L37B20100222

LONDON (Reuters) – The best weapon against the online thieves, spies and vandals who threaten global business and security would be international regulation of cyberspace.

Luckily for them, such cooperation does not yet exist.

Better still, from a hacker’s perspective, such a goal is not a top priority for the international community, despite an outcry over hacking and censorship and disputes over cyberspace pitting China and Iran against U.S. firm Google.

Nations are thinking too parochially about their online security to collaborate on crafting global cyber regulation, an EastWest Institute security conference heard last week.

Policy statements from governments around the world are dominated by the need to heighten national cyber defenses. As a result, too many cyber criminals are getting a free ride.

“Nations are in denial,” a cyber law expert told Reuters, saying national legislation was of limited use in protecting users of a borderless communications tool.

“It may take a big shock of an event to wake people out of their complacency, something equal to a 9/11 in cyberspace,” he said referring to the 2001 coordinated attacks on U.S. cities.

With a quarter of humanity connected to the Internet, cyber crime poses a growing danger to the global economy.

TARGET THE PERPETRATOR

The FBI tallied $264 million in losses from Internet crime reported by individuals in the United States in 2008 compared to $18 million of losses from 2001: These were probably a fraction of the losses caused to companies and government departments.

The menace extends to many sectors including control systems for manufacturing, utilities and oil refining, since many are now tied to the Internet for convenience and productivity.

A priority for regulators is to find ways of tracking down criminals across borders and ensuring they are punished, a tough task when criminals can use proxy servers to remain anonymous.

“We cannot postpone the debate until we are in the midst of a catastrophic cyber attack,” former U.S. Homeland Security Secretary Michael Chertoff told the conference.

“We must formulate an international strategy and response to cyber attacks that parallels the traditional laws governing the land, sea, and air.”

Security experts say the ability to conduct disastrous mass cyber attacks is the preserve of some governments, well beyond the capacity of militant guerrilla groups like al Qaeda.

But it cannot be assumed that international organized criminal networks, long practiced at mass online fraud and theft, are not developing an interest in gaining this ability.

“Cyber crime is a very sophisticated crime with very sophisticated players and it takes a multinational effort to make sure we can enforce the law,” Dell Services President Peter Altabef told Reuters.

“Once you have identified who is at fault you really want to make sure, as a deterrent, that you can go to those jurisdictions and enforce the laws on the books.”

James Stikeleather, Dell Services Chief Technology Officer, told Reuters that tracking own criminals across borders could pose legal issues for drafters of multilateral regulation.

Giving an example, he said the more companies added the technology needed to give investigators the ability to attribute a crime, the more users’ privacy and anonymity would be reduced.

“PLAYING WITH FIRE”

“Probably the sticking point among the governments will be ‘where is the appropriate level of attribution versus anonymity or privacy for what people are doing (online)’.”

Datuk Mohammed Noor Amin, chairman of the U.N.-affiliated International Multilateral Partnership Against Cyber Threats, said failure to regulate could perpetuate cyber “failed states.”

He cited impoverished countries where customers can purchase unregistered SIM cards with mobile Internet capability, giving them the ability to commit online crime such as identify theft against people in rich nations without fear of being traced.

He said it was in the interest of rich nations to help poorer countries develop the capacity to crack down on this kind of abuse, because their own citizens were being targeted.

“Governments tend to look at their self-interest. But it’s actually in their own interest to collaborate,” he said.

Altabef said the growing rate and scale of international cyber attacks threatened to undermine the trust between nations, businesses and individuals that was necessary for economies and societies to act on the basis of the common good.

Complacency was also a problem, delegates said. “Nations take for granted the Internet is going to be ‘on’ for the rest of our lives. It may not necessarily be so,”.

“Imagine the Internet being down for two to four weeks,” he said. This would “rain disaster” on online businesses as well as transport, industry and governmental surveillance systems.

“People have realize the Internet is an integral part of every country, politically, socially and business-wise.”

“Not to focus on cybersecurity is playing with fire.”

Continue reading »]]> COPYCAT : China Hacks Inspire Copycats

Jaikumar Vijayan,

Computerworld

Jan 24, 2010

http://www.pcworld.com/article/187534/china_hacks_inspire_copycats.html?

Malicious hackers have begun using the recent cyberattacks against Google and more than 30 other companies as lures for launching even more targeted attacks, security firm F-Secure said in a blog post today.

The company reported spoofed e-mails purporting to contain details on the alleged Chinese attacks that contain a PDF attachment. When opened, it installs and runs the Acrobat.exe backdoor on the user’s machine.

A screen shot posted on F-Secure’s Web site showed an e-mail designed to look like it came from George Washington University. The e-mail, with the subject header ‘Chinese cyberattack,’ offered the target a review of an article on the recent attacks that the purported author had just written for the Far Eastern Economic Review.

When the attached PDF is opened in Acrobat Reader, it exploits a known vulnerability in the doc.media.newPlayer function of the reader to install a back door on the user’s system, F-Secure said. The flaw was patched by Adobe last week.

F-Secure reported seeing targeted attacks using similarly poisoned PDF files being directed at U.S. military contractors earlier this week. In that case, the e-mails were designed to appear as if they were from the U.S. Air Force and purported to contain information on an actual Department of Defense event scheduled for later this year.

F-Secure also said it has learned of a similar e-mail targeting the “intelligence sector,” but offered no further details.

Attacks that attempt to take advantage of popular news events or stories to fool users into clicking on malicious attachments or browsing to malicious sites have become common in recent years. What’s different now is that such attacks are being directed at specific individuals and are increasingly tailored to appear as if they are from a trusted source. Many of the so-called Advanced Persistent Threats (APT) faced by large companies such as Google rely heavily on social-engineering tricks to get targeted individuals to open infected e-mails or download malicious files.