TweakTown NewsRefine News by Category:
Just a couple days after Palo Alto Networks spilled the beans on the WireLurker malware targeting Apple iOS and Mac OS devices, Apple has blocked infected apps so they will be unable to run on devices. The company didn't provide specifics into how the malware is being blocked, but did recommend users run anti-malware security software - and only download apps from the official Apple App Store.
The company confirmed it is "aware of malicious software available from a download site aimed at users in China, and we've blocked the identified apps to prevent them from launching."
WireLurker is the first known malware that spread to a large number of users that didn't jailbreak their devices - and shows cybercriminals are just as anxious to compromise Apple products as Google Android and Microsoft Windows.
The FBI has shut down Silk Road 2.0, operated by 26-year-old programmer Blake Benthall from San Francisco, running the site under the name "Defcon." The website was operated via Tor and sold $8 million worth of marijuana and narcotics per month, supplying 150,000 active users, according to reports.
"As alleged, Blake Benthall attempted to resurrect Silk Road, a secret website that law enforcement seized last year, by running Silk Road 2.0, a nearly identical criminal enterprise," said Preet Bharara, Manhattan U.S. Attorney. "Let's be clear - this Silk Road, in whatever form, is the road to prison. Those looking to follow in the footsteps of alleged cybercriminals should understand that we will return as many times as necessary to shut down noxious online criminal bazaars. We don't get tired."
Trying to launch Silk Road 2.0, regardless of initial success, was likely going to end up in the crosshairs of federal authorities. If someone wants to try to launch a successor, they will need to find new techniques to stay anonymous - at the cost of running a smaller, more secretive operation - that would likely eat into profits.
Several companies have approached AVG Technologies to discuss a potential buyout, according to anonymous sources. At least one technology company is in the mix, but it appears private-equity firms are at the front of the pack, but names of interested suitors were not made available. If a deal is finalized, it could happen within the next few months, but it's also possible AVG Technologies will sit out and wait for a better deal.
AVG reportedly has at least 187 million active users, including PC users, along with Apple iOS, Google Android, and Microsoft Windows Phone mobile users.
The need for enhanced cybersecurity software has given the sector a major boost - and with companies and consumers becoming more aware of cyberattacks - there is money to be made for companies looking to sell.
The Pirate Bay co-founder Peter Sunde is serving an eight-month prison sentence in Sweden after being captured earlier this year. It's no surprise to hear each person involved in the creation - and early operation of the popular website - have faced copyright offenses and assorted legal troubles over the years.
Sunde is vegan, so trying to eat food in prison has been a constant struggle, including suffering from iron and vitamin deficiencies. "I'm down 16kg so far... but it's slowed down," Sunde recently said. "There isn't much left. I don't know how I'll feel in three years, looking back at all this."
Sunde will likely be released later this month from prison, but he's unsure what lies ahead - The Pirate Bay continues to be a major hub for Internet users - though he will likely have to find a legitimate profession to avoid further legal trouble.
The WireLurker malware targets Apple iOS devices and Mac OS, and has been out in the wild for the past six months, according to Palo Alto Networks. The malware spreads by installing malicious third-party applications to iOS devices that are connected to a Mac OS-powered machine by USB connection. The malware is isolated in China at the moment, originating from the Maiyadi App Store - many of the apps aren't Apple approved.
The malware was found in 467 apps through the Maiyadi App Store - almost all of the Mac OS apps - with more than 356,000 downloads.
"You are unlikely to be hit with this malware unless you are using a third-party OS X app store and changed default OS X Security & Privacy settings to 'allow apps downloaded from: Anywhere," said Marc Maiffret, security firm BeyondTrust's CTO.
A new study found that four out of every five Internet-connected homes in the United States could be attacked through their wireless router, according to Avast Software. Cybercriminals have easy access to unsecured routers - despite many ISPs now forcing subscribers to choose a password and implement security - with criminals able to access personal information, financial information, usernames, passwords, photos, and Internet browsing history.
Unfortunately, at least half of all wireless routers use default or common usernames/passwords, such as admin/admin, admin/password, or admin/ . Furthermore, 25 percent of consumers will use their name, address, phone number, street name, or some other form of easy password.
"Today's router security situation is very reminiscent of PCs in the 1990s, with lax attitudes towards security combined with new vulnerabilities being discovered every day creating an easily exploitable environment," said Vince Steckler, Avast CEO. "The main difference is people have much more personal information stored on their devices today than they did back then. Consumers need strong yet simple-to-use tools that can prevent attacks before they happen."
Researchers from Google and the University of California, Berkeley discovered almost one quarter of smartphone owners believe they don't have anything on their phones worth protecting - and some others simply cannot be bothered to lock/unlock their smartphones.
However, 70 percent of survey respondents said they locked their smartphones shortly after purchase, but more alarming, some phone owners are oblivious to how much personal data their phones contain.
"While many of the interview participants who did not lock their devices had fewer applications installed, and therefore potentially less sensitive information, every participant's smartphone still had access to email, which did not require additional authentication," according to researchers. "Thus, it is possible that these email accounts might be a fruitful target for an attacker."
Pirate Bay co-founder Fredrik Neij was arrested by Thai immigration police after being caught trying to enter the country from Laos. Neij faces a jail sentence in Sweden for copyright violations after being convicted in 2009 - and while he did a good job of hiding up to this point - the Swedish embassy wanted authorities to be on the lookout for him.
Neij reportedly had $153,000 in a local bank account at his disposal, but the cash alone wasn't enough to keep him off the radar of a law firm reportedly hired by US movie companies. The Swedish embassy will take custody of Neij from Thai immigration police in Bangkok, and then he will be extradited back to Sweden.
Fellow Pirate Bay co-founder Gottfrid Warg was sentenced to 42 months in prison after being convicted of hacking charges in Denmark.
A showdown between the Obama Administration and Chinese president Xi Jinping is looming when the two political leaders meet to discuss cybersecurity concerns. China has continually denied it sponsors hacker groups to conduct cyberespionage against US and European governments and private companies - but it seems unlikely significant progress will be made between the two countries.
"We've been very clear about how strongly we object to any cyber-enabled theft of trade secrets and other sensitive information from our companies, whoever may be doing it," said John Kerry, US Secretary of State, when speaking at the Johns Hopkins School of Advanced International Studies. "And we are convinced that is in China's interest to help put an end to this practice."
The United States has lost credibility when criticizing other countries regarding cyberattacks, after former NSA contractor Edward Snowden revealed widespread surveillance activities.
Convicted hacker Cameron Lacroix, 26, will serve four years in federal prison for his cybercrimes, and recently apologized to Paris Hilton for stealing her nude photographs when he was a teenager.
The incident took place in 2005, when Lacroix was 15, as he hacked Hilton's Sidekick, stole photos and published her phonebook and messages.
"Paris, I'm sorry I put your information online," Lacroix recently said. "I should never have done it. I wouldn't want it done to me. It all started because I wanted a T-Mobile phone. Once I got in there, I realized, 'Hey, I have access to everybody's stuff! Sure enough, it was under her name. I went into it and was shocked at what I saw."