TweakTown NewsRefine News by Category:
A hacker was forced to back down after a millionaire cryptocurrency supporter offered a $20,000 bounty to identify the people responsible for hacking his Hotmail account. Roger Ver, dubbed "The Bitcoin Jesus," was compromised by someone using the hacker handle "Nitrous" and received a letter demanding 37 bitcoins, or Ver's Social Security number and other personal information would be released.
Instead, Ver offered $20,000 on Facebook, seeking information that the police could use to arrest Nitrous. Shortly after, the hacker offered a written apology to Ver via email, claiming he was "just a middleman" and demanded payment because he "was being told what to tell" Ver.
It's an ironic twist - as most hackers would quietly steal the personal information and later sell or trade it - though "Nitrous" wanted to get paid directly by the victim. Ver, a U.S. citizen currently living in Japan to better promote bitcoins, doesn't expect law enforcement to arrest the hacker, however.
At least two people responsible for targeting Ecuadoran President Rafael Correa have been arrested, with the president previously blaming "extreme right" opposition. Correa's email and Twitter accounts have been hacked, though it's unsure what the two suspects in custody allegedly breached.
It's unknown what kind of sentence the two accused hackers could face if convicted of hacking the president, though likely won't be an enjoyable experience.
"There are two people in custody who are being subjected to investigation having entered the president's accounts," said Galo Chiriboga, Ecuador's attorney general.
The Chinese government believes U.S. officials intentionally fabricated evidence and riled up other Asian governments in an effort to "stir up trouble" over an island land dispute. Earlier this month, the U.S. Department of Justice filed charges against five Chinese Army officers, accusing them of cyberespionage charges.
The current relationship between the United States and China continues to be turbulent, with both countries slinging cyber accusations at one another. The U.S. is investigating "retaliatory options" against Chinese cybercrime, though U.S. spies are now targeting Chinese politicians, businesses, and mobile users.
"In the field of Internet technology and infrastructure, the U.S. is blessed with an advantage, so fabricating some so-called 'evidence' is certainly no hardship," according to a post on the Chinese defense ministry.
America First Credit Union bank employees noticed suspicious activity on customer debit cards, with 20,000 members affected in the security breach. The breach was discovered after each affected card had up to three suspicious transactions on each card, which was an immediate red flag.
It appears customers had their debit card information stolen with a skimming device, though the compromised retailer wasn't named. However, one victim said the information likely was taken sometime between October 2013 and February 2014 - and victims won't likely know until credit card company Visa launches an investigation.
"There were multiple occurrences," noted Rex Rollo, America First executive VP and chief financial officer. "We were on the early end of this one."
As the situation grew more tense in the Ukraine and Russia over the annexing of Crimea, so did malicious activity between the two states in cyberspace.
According to a new report from security company FireEye, by looking at malware "callbacks" - where communications from compromised machines go back to the attacker's first stage server- increased dramatically over the period. Although the reasons cannot be known for sure, FireEye says it sees a "likely correlation" between the number of callbacks to Russia and Ukraine and the intensification of the crisis.
For 2013, Russia was seventh place in the amount of malware callbacks but in March 2014 it jumped to third place - at the same time its parliament authorized the use of force in Ukraine and Putin incorporated Crimea into the Russian Federation.
We have mentioned this week that a rash of hacking attacks against Apple devices like the iPhone, iPad, and Mac computers have been reported. Users of these devices are being hacked and their devices are being locked, as you would do if your device was lost or stolen. Apple has said that no breach of iCloud has occurred along with these attacks and suggested that people change their passwords and usernames.
The hacks up to this point have been in Australia. That has changed with hacks no spreading to users and devices in New Zealand. People who are victims of the hacks in NZ are getting a message with demands to pay the hacker to have their devices unlocked.
Iranian-backed hackers have continued a three-year cyberespionage campaign focused against U.S. officials, in an effort to steal data and learn more about political issues, according to iSight Partners. In addition to the United States, these Iranian cyberattackers also targeted the U.K., Syria, Iraq and Saudi Arabia, using social engineering to compromise users.
Security experts have noticed Iran focusing more on cyberattacks, especially trying to target infrastructure and military institutions. In this attack, hackers use social media and pose as U.S.-based media to trick users into providing personal data, according to the study.
"It is such a complex and broad-reaching, long-term espionage campaign for the Iranians," noted Tiffany Jones, iSight Senior VP, in a statement. "What they lack in technical sophistication, they make up in creativity and persistence."
U.S. Secretary of State John Kerry is no fan of former NSA contractor Edward Snowden, and had harsh words for the American currently holed up in Russia. In response to Snowden's recent interview with NBC News anchor Brian Williams, Kerry invited Snowden to return to the United States.
"Edward Snowden is a coward," Kerry told MSNBC. "He's a traitor. And he has betrayed his country. And if he wants to come home tomorrow to face the music, he can do so."
Kerry also said that Snowden's disclosures have hurt U.S. national security and allowed terror groups to change their behaviors. It's a rather bizarre strategy aimed at antagonizing Snowden, though it's unlikely he'd return to the United States, especially with the current administration still in office.
Former NSA contractor Edward Snowden says he was trained as a spy and worked for the NSA, Central Intelligence Agency (CIA), and Defense Intelligence Agency during his tenure as a government computer specialist. Snowden is currently stranded in Russia, despite his desire to try and fly to South America, before his passport was revoked.
Meanwhile, Snowden's name continues to appear regularly in the headlines, and he remains a polarizing figure. U.S. politicians still want Snowden to answer for his actions - and while he could be working for the Russian FSB - it's doubtful he'll return to the United States anytime soon.
"I was trained as a spy in sort of the traditional sense of the word - in that I lived and worked undercover, overseas, pretending to work in a job that I'm not - and even being assigned a name that was not mine," Snowden said in a recent interview. "Now, the government might deny these things. They might frame it in certain ways, and say, oh, well, you know, he's a low-level analyst."
The increasing number of connected devices accessing the Internet has revealed enterprise security holes that companies are struggling to solve, according to Internet security company BlueCat Networks. As shown by recent point-of-sale (POS) attacks targeting retailers, the number of security issues that security experts must deal with continues to increase at a rapid pace.
Sophisticated malware often circumvents traditional defense-in-depth, with many anti-virus software solutions unable to defend against malware attacks. As more devices continue to connect to the Internet, it will be even more important to improve network security.
"The explosion of network-connected devices is exposing businesses to new security threats and risks," said Andrew Wertkin, BlueCat CTO, in a statement. "Not only do our customers need to secure traditional devices such as a desktops, laptops, smartphones and tablets, but also non-traditional devices including VoIP, Point-of-Sale systems, security cameras and RFID. The Domain Name System is a critical component of any defense in-depth security strategy."