Tech information that you never knew… Now at your fingertips
Posts tagged hacking
Russian Spies used Wi-Fi and Steganography
Jun 22nd
Some of the details are beginning to emerge about the 10 Russian spies that were captured in the US. According to an article on The Register, the spies communicated with Ad-Hoc Wi-Fi networks and hid messages in pictures using Steganography.
FBI agents monitored 28 year old Russian spy Anna Chapman as she communicated with a Russian government official. Anna would go to a book store and using her laptop, created an Ad-Hoc Wi-Fi connection to a Russian contact who was outside the store:
Surveillance agents nearby used “a commercially available tool that can detect the presence of wireless networks” to witness the creation of the ad hoc networks. NetStumbler is probably the most popular example of such software. Law enforcement agents were able to detect a particular MAC address – MAC address A – at the time that Chapman was observed powering on her laptop computer,” the complaint says. Law enforcement agents were also able to determine that the electronic device associated with MAC address A created the ad hoc network.”
The spies also embedded secret messages in pictures and uploaded them to sites where Russian officials retrieved them, and decoded the messages.
A New Jersey search uncovered a network of websites, from which the alleged spies had downloaded images. “These images appear wholly unremarkable to the naked eye,” the complaint explains. “But these images (and others) have been analyzed using the steganography program. As a result of this analysis, some of the images have been revealed as containing readable text files.”
It is interesting to see the tactics used by modern spies. Of course Russia is denying any and all involvement. Kudos to the FBI for taking them down.
1.5 million Facebook accounts offered for sale – FAQ
Apr 27th
In their latest “Weekly Threat report”,VeriSign’s iDefense Intelligence Operations Team has profiled the underground market proposition of someone claiming to have 1.5 million compromised Facebook accounts available for sale.
The pricing method is based on the number of contacts per compromised account, presumably with the idea to allow easier spreading of related malicious content across Facebook.
Here’s an excerpt from the report, and a brief FAQ on the underground ad.
- “On Feb. 10, 2010, (cybercriminal) stated that he or she is selling 1.5 million compromised Facebook accounts, in bulk quantities, belonging to users in various countries. The price per 1,000 accounts varies based upon the number of friends and contacts that each account possesses. For a purchase of compromised accounts containing 10 contacts or fewer, a buyer must pay $25 per 1,000 accounts. A purchase of compromised accounts containing 10 or more contacts requires a buyer to pay $45 per 1,000 accounts. Accounts containing zero contacts are also available for bulk purchasing from (cybercriminal), at the cost of $15 per 1,000 accounts. The prices of these accounts are presumably in USD or the equivalent amount in some form of electronic currency.”
Sometimes, there’s no honor among cybercriminals (Phishers increasingly scamming other phishers), just like there isn’t among “real life” thieves.
From the distribution of backdoored web interfaces to web malware exploitation kits, to the actual “binding” of additional malware to the original release, sophisticated or at least cybercriminals with experience, have realized that there are thousands of potential cybercriminals that could unknowingly start working for them. The process of “cybercriminals attempting to scam novice cybercriminals” demonstrates just how vibrant the ecosystem has become these days.
With a huge percentage of the underground marketplace driven by reputation, this is exactly what this particular seller of Facebook data is missing. Moreover, with quality assurance now an inseparable part of the cybercrime ecosystem, the seller is not just skipping the time frame in between which the accounts were compromised, he is also not mentioning have many of them are actually verified as working.
These, and several other factors make me skeptical on the quality of this underground proposition.
If we consider that the cybercriminal’s claims to be true, how did he manage to obtain 1.5 million Facebook accounts?
The ad is clearly stating that they are accounts with contacts, meaning they’re compromised, and other which have zero contacts, meaning they’ve been automatically generated by outsourcing the CAPTCHA-solving process to international teams specializing in the process.
More >Hacker held for duping job aspirants
Apr 6th
Mohit Sharma
Apr 03, 2010
http://www.indianexpress.com/news/hacker-held-for-duping-job-aspirants/599464/
The Delhi Police arrested a professional hacker on Friday who led a gang which allegedly duped hundreds of youths by promising them jobs as technicians and airline crew.
Police identified the accused as Amritesh and said they are raiding several places in Delhi to nab his associates.
Amritesh, the police said, had hacked a popular job website — he would find out probable victims and stay in touch with them until they paid money for the promised job.
Police sources said at least 25 students who were cheated by the gang approached the Safdarjung Enclave police on Friday, alleging they have been duped of lakhs of rupees.
Abhinav, a student, said, “Amritesh promised me a job with a popular airline for Rs 80,000. He even gave me joining letters printed on the airlines’ letterheads and affidavits. He also arranged meetings with a person who claimed to be the HR head of the airline. He said I could join work in January.”
More >
