TweakTown
Tech content trusted by users in North America and around the world
6,203 Reviews & Articles | 40,050 News Posts
TRENDING NOW: Samsung wants the US government to block GeForce GPU shipments

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 87

Skype malware turns victim's machine into Bitcoin miner

A new malware has been discovered by Kaspersky labs. The new malware spreads through Skype and turns the victim's computer into a Bitcoin miner. The victim's machine is then fully loaded to mine Bitcoins which is how the malware author makes money from the software.

 

TweakTown image news/2/9/29560_1_skype_malware_turns_victim_s_machine_into_bitcoin_miner.png

 

The malware currently has a low detection rate. Kaspersky now identifies the malware as Trojan.Win32.Jorik.IRCbot.xkt. The malware is downloaded from a server in India. Once on the victim's machine, it pulls down more files from Hotfile, one of which is a Bitcoin mining application.

 

Bitcoin mining, explained more in-depth by Bitcoin, is a processor intensive task. The victim's CPU will be fully loaded mining Bitcoins, which are then given to the author of the malware. These Bitcoins are then used to turn a profit.

 

To stay safe, be sure to update your anti-virus software often and don't click any random links received via Skype.

Patch Tuesday is coming and Microsoft has two releases you need to know about

Microsoft will release two critical patches this coming Tuesday April the 9th. The pair of patches are both for Windows and one for Internet Explorer.

 

TweakTown image news/2/9/29553_1_patch_tuesday_is_coming_and_microsoft_has_two_releases_you_need_to_know_about.jpg

 

One of the patches is a critical update to Windows 8, Vista, 7, XP and RT. The other patch is deemed "important" and is for Vista, 7 and XP. There is also patches for Windows Server 2012, 2008, and Server Core. An update of Microsoft's Windows Malicious Software Removal tool is also expected.

 

Keep an eye out for the updates next Tuesday.

Indiegogo suffers DDOS over YourAnonymousNews campaign

Crowd funding website Indiegogo was hit by a DDOS attack by an unknown source after YourAnonNews posted up a fundraising campaign. YourAnonNews (YAN) is attempting to raise funds to develop and host a new website that is similar to a newswire for Anonymous news. Apparently someone didn't like the idea.

 

TweakTown image news/2/9/29546_1_indiegogo_suffers_ddos_over_youranonymousnews_campaign.png

 

Over the past two years Your Anon News (YAN) has been many things to many people and has continuously evolved under the guidance of numerous contributors. Since our humble beginnings as a new account we have always resisted being held to the constraints placed upon mainstream media outlets, but were limited to the tools available to us via Twitter and Tumblr. Those of us contributing to YAN have always desired to expand our capabilities and to report, not just aggregate, the news.

 

It's not clear where the DDOS attack originated from and Indiegogo hasn't been exactly forthcoming about the attack. Slava Rubin, founder of Indiegogo, apologized for the outage and offered an extension to any campaigns ending this week: "Any campaigns scheduled to conclude this week will have the option of extending until Sunday by contacting our 24-7 Customer Happiness team."

 

You can check out the YAN Indiegogo campaign on the Indiegogo site.

Scribd was hacked this week, says 'less than 1%' of accounts affected

Scribd has announced that it suffered a minor hack earlier this week. The hack seems to have targeted just user login information, meaning only e-mails and passwords were at risk. Scribd adds that they believe less than 1 percent of users were affected by the attack and that they have contacted every account asking them to reset their password.

 

TweakTown image news/2/9/29541_1_scribd_was_hacked_this_week_says_less_than_1_of_accounts_affected.png

 

Because of the way Scribd securely stores passwords, we believe that the passwords of less than 1% of our users were potentially compromised by this attack...We have now emailed every user whose password was potentially compromised with details of the situation and instructions for resetting their password...Our investigation indicates that no content, payment and sales-related data, or other information were accessed or compromised. We believe the information accessed was limited to general user information, which includes usernames, emails, and encrypted passwords.

 

If you didn't receive an e-mail, you're probably not affected. If you're still concerned, Scribd has set up a website to allow you to check if your account was one of the affected accounts.

Anonymous begin "Operation Free Korea," hacks North Korea and steals 15,000 passwords

If you haven't been keeping up with the current affairs of the world, North Korea are testing the waters of war at the moment - all while South Korea and their very tight and even more capable ally, the United States, play their war games with B2 Stealth Bombers, among other expensive military toys.

 

TweakTown image news/2/9/29494_09_anonymous_begin_operation_free_korea_hacks_north_korea_and_steals_15_000_passwords.jpg

 

All while this is happening, Anonymous are jumping into the ring where the hacking collective are said to have started an initiative called "Operation Free Korea" and they're demanding that North Korean leader Kim Jong-un resign and install free democracy in the country.

 

Anonymous have also demanded that North Korea abandon their nuclear ambitions, and for the NK government to give universal and uncensored Internet access to their citizens. The hacking collective have claimed they've hacked into the North Korean intranet, mail servers and Web servers, threatening to wage war if their demands aren't met. The group has written:

 

We got all over 15k membership records of Uriminzokkiri.com and many more. First we gonna wipe your data, then we gonna wipe your badass dictatorship 'government.'

The world's largest DDoS attack took place between two Dutch companies, saw 300Gbps peak speeds during attack

The New York Times is reporting that a fight between Dutch anti-spam group Spamhaus and Dutch hosting company Cyberbunker has escalated quite quickly, not just in attacks, but in the pure bandwidth used.

 

TweakTown image news/2/9/29380_10_the_world_s_largest_ddos_attack_took_place_between_two_dutch_companies_saw_300gbps_peak_speeds_during_attack.jpg

 

The fight saw the world's largest recorded distributed denial-of-service (DDoS) attack, which saw peak speeds of 300Gbps this week. How did this all start you ask? Well, it started when Spamhaus added Cyberbunker to their blacklist, which is designed to help email providers block spammers.

 

It wasn't long after this that the anti-spam group was hit by a mammoth DDoS attack that was described by Akamai Networks chief architect, Patrick Gilmore, as "the largest publicly announced DDoS attack in the history of the Internet."

Tibetan Activist targeted by Hackers using a trojan on their Android devices

Activist in Tibet might want to reconsider spreading the word about their next rally through their Android based smartphones. Researchers at Kaspersky Labs have just discovered a new Trojan virus that is designed to target Tibetan and Uyghur Activist.

 

TweakTown image news/2/9/29346_1_tibetan_activist_targeted_by_hackers_using_a_trojan_on_their_android_devices.jpg

 

The malware is specifically designed for Android Phones and is injected into the device when the unsuspecting user opens an email that references the recent World Uyghur Conference. Kaspersky says that this is the first documented attack that targets Android smartphones but it will most certainly not be the last.

 

In an interview with Mashable, Kurt Baumgartner, a senior security researcher at Kaspersky, said:

This is the first time a precisely targeted attack is implementing an Android-based Trojan... this is the first instance that it was used in a targeted attack that's publicly documented.

Continue reading 'Tibetan Activist targeted by Hackers using a trojan on their Android devices' (full post)

Apple updates malware definitions to protect from Yontoo adware

Apple appears to be taking security more seriously. Just a mere 24 hours after Yontoo adware was discovered to be affecting Mac OS X systems, Apple has pushed out an update to its malware definitions to protect from the malware. The Yontoo adware was found to be injecting ads into sites visited in Chrome, Safari, and Firefox.

 

TweakTown image news/2/9/29283_1_apple_updates_malware_definitions_to_protect_from_yontoo_adware.png

 

Apple hasn't always been so quick to respond to new threats. For a long time, Apple actually advertised that Mac OS X was basically invulnerable to viruses. Variants of Yontoo are bound to show up and it will be interesting to see if Apple is able to keep them at bay. As always, we'll keep our eye on the latest security threats and alert users when major problems arise.

Apple bug allows Apple ID password reset with just e-mail and date of birth

If you haven't enabled two-factor authentication quite yet, you might want to get on it. Yes, right now. A new vulnerability has been found that will allow a malicious user to reset a user's password by knowing just their e-mail address and date of birth. It's not clear if this bug resulted from Apple's new two-step authentication or if it has always been there.

 

TweakTown image news/2/9/29281_1_apple_makes_a_big_oops_when_enabling_two_step_authentication_allows_password_reset_with_just_e_mail_and_date_of_birth.png

 

A guide to doing the hack has been posted online, though we will not be linking to it for some very obvious security reasons. A malicious user has to simply paste in a modified URL and answer the date of birth security question to reset the password. The exploit makes use of Apple's iForgot tool.

Cyber attack on South Korea wiped master boot records of affected PCs

Nearly 48 hours ago, South Korea saw a cyber attack that took down multiple banks and TV stations. It's now being reported that the cyber attack wiped the HDDs of the affected PCs, according to McAfee's analysis on the attack.

 

TweakTown image news/2/9/29269_08_cyber_attack_on_south_korea_wiped_hdds.jpg

 

The PCs were infected by malware, wiping the master boot record (MBR) of the affected PCs. The MBR on a HDD contains crucial information on how the file systems on a HDD are organized, messing with this can take down a system easily. The malware used overwrote the data in the MBR with some weird characters: "PRINCPES, PR!NCPES, HASTATI." The attack also overwrote some random parts of the file system with the same weird characters.

 

The systems affected were then given a forced reboot command, but because the MBR and file system were attacked and thus corrupted, the restart was unable to complete.

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases