Tech News

A \"vast phishing attack\" that attempts to capture the credit card information of Apple customers was launched on Christmas day, according to a report from Mac security-software company Intego. In a posting on its Mac Security blog, Intego says that the attack is an attempt to fool Apple customers into clicking on a link under the guise of updating the billing information of their Apple accounts. If you click on the link in the message, you will be taken to a realistic-looking sign-in page; then, after entering your Apple ID and password, you\'ll be taken to a page asking you to update your account profile, notably entering your credit card information. Again, this page looks realistic, and many of the elements it contains are taken from Apple\'s own web pages. Intego reports that the messages are being sent with the subject \"Apple update your Billing Information\" from a spoofed e-mail address of \"appleid@id.apple.com,\" though of course future emails from the same source might vary somewhat. If you hover your mouse over the hyperlink in the (impressively forged) e-mail address, you\'ll see a floating box that reveals the real destination of that link: the telltale chain of four numbers that specifies a numeric IP address, rather than a link to somewhere within the apple.com domain. As Intego rightly points out, \"if it\'s not something.apple.com (it could be www.apple.com, store.apple.com, or something else), then it\'s bogus.\"

The international hacker movement \"Anonymous\" has published an internet video threatening Mexico\'s Zetas drug cartel with exposure of its allies in the local police and news media this week unless the gang frees a kidnapped member. The YouTube message, which claims to be from Anonymous \"Veracruz, Mexico and the world,\" says it is \"tired of the criminal group the Zetas, which is dedicated to kidnapping, stealing and extortion,\" and threatens to fight back with information instead of weapons. It said it knows of police officers, journalists, taxi drivers and others working with the Zetas. The video refers to an unidentified person kidnapped in the coastal city of Veracruz, and says: \"You have made a great mistake by taking one of us. Free him.\" The hacker group, which has claimed responsibility for attacks on corporate and government websites worldwide, supposedly will act on Friday if the kidnapped activist is not freed or is harmed, according to the message. \"We cannot defend ourselves with weapons, but we can with their cars, houses, bars,\" the message adds, apparently alluding to properties owned by cartel supporters. \"It\'s not difficult. We know who they are and where they are are.\" \"Information is free,\" it says. \"We do not forgive. We do not forget.\" An official with the Veracruz state attorney general\'s office, who could not be named because he was not authorised to speak on the record, said the office could not confirm video\'s authenticity or the case of the kidnapping.

Starting in a few months, millions of online ‘pirates’ will be monitored as part of an agreement between the MPAA, RIAA and all major U.S. Internet providers. Alleged infringers will be notified about their misbehavior, and repeat offenders will eventually be punished. Thus far the details on the operation have been very slim, but TorrentFreak has learned that unlike in France, the U.S. database of Internet pirates will be decentralized. In June the MPAA and RIAA announced a ‘ground-breaking’ deal with all the major Internet providers in the United States. In an attempt to deter online piracy, a third-party company will monitor BitTorrent and other public file-sharing networks and collect the IP-addresses of alleged infringers. The ISPs will then notify these offenders and tell them that their behavior is unacceptable. After six warnings the ISP may then take a variety of repressive measures, which include slowing down the offender’s connection. This new system is a formalized version of the existing takedown system that’s already in use by copyright holders. It was announced under the name ‘Copyright Alerts‘ and will be managed by the Center for Copyright Information, but little is known about how the data on alleged infringers is collected and stored. Previously we tried to get more background info, but to no avail. However, via a detour we got in touch with a spokesman for the Center for Copyright Information (CCI) who kindly provided us with some additional information. We wanted to know what will happen with the IP-addresses that are collected, for how long will they be stored, and will there be a central organization that’s responsible for this process like there is in France. The CCI spokesperson informed us that the data will be exclusively kept by the ISPs. “ISPs will hold this information, as they do today. Please also note that no personal information about subscribers will be shared with rights holders without the required legal process being completed,” he told us. There’s no agreement on how long the data will be stored, but a minimum of 12 months is required.

IDG News Service - \"I forward this file to you for review. Please open and view it.\" As a ploy to get a hapless EMC recruiter to open up a booby trapped Excel spreadsheet, it may not be the most sophisticated piece of work. But researchers at F-Secure believe that it was enough to break into one of the most respected computer security companies on the planet, and a first step in a complex attack that ultimately threatened the security of major U.S. defense contractors including Lockheed Martin, L-3, and Northrop Grumman. The e-mail was sent on March 3 and uploaded to VirusTotal a free service used to scan suspicious messages, on March 19, two days after RSA went public with the news that it had been hacked in one of the worst security breaches ever. Researchers at F-Secure, the company that discovered the message Monday, believe that it was very likely the message that led to the RSA compromise. If true, the finding sheds light on the kind of trickery, called social engineering by security pros, it takes to break into a major security company. F-Secure antimalware analyst Timo Hirvonen discovered the e-mail message buried in the millions of submissions stored in this crowd-sourced database of malicious or potentially malicious files. VirusTotal lets computer users upload a suspicious file, say an Excel spreadsheet that might be infected, and have it scanned by over 40 of the world\'s top antivirus companies. In return for the free scan, the AV vendors get to examine the files, making the service a great way of learning about malicious software after the fact. Hirvonen had been searching VirusTotal\'s database for the RSA attack file ever since RSA acknowledged that it had been compromised. The hackers had sent two different phishing e-mails to small groups of company employees over a two day period, but nobody outside of RSA and its parent company EMC knew the full contents of those messages. It wasn\'t even clear if they were included in VirusTotal\'s data. RSA has released some details about the attack, but Hirvonen\'s find is a first look at just what it took to get an EMC employee to open that dangerous attachment.

THE News of the World will be closed down in the wake of the phone hacking scandal, it was announced today. This Sunday\'s edition will be the last ever after private eyes hired by the paper were accused of hacking thousands of numbers including those of murder victims and relatives of dead war heroes. News International — which owns the 168-year-old tabloid — announced it would be axed, adding that the alleged practices were \"inhuman\" and had \"no place in our Company\".

Spanish police said today they arrested three members of the Anonymous hacking group who allegedly directed attacks on banks, government websites and companies including Sony. Spain said it was the first police operation in the country dedicated to tracking down Anonymous, a decentralized group of activists who have mounted distributed denial-of-service attacks (DDOS) against businesses and organizations. The arrests were made in Barcelona, Alicante and Valencia. Targets for Anonymous have included the Scientology website and companies that cut off relations with the whistleblower WikiLeaks website, such as Visa, MasterCard, PayPal, Amazon.com and PostFinance, a Swiss financial institution. The loose-knit group attracted followers who downloaded a tool called the Low Orbit Ion Cannon (LOIC), a simple DDOS tool to aid in the attacks. Some of the more technically adept Anonymous members used botnets, or networks of hacked computers, to carry out DDOS attacks. Spanish police said those arrested helped direct the attacks on the websites for the Sony PlayStation Store, the bank BBVA, the Italian utility company ENEL and websites belonging to the governments of Egypt, Algeria, Libya, Iran, Chile, Colombia and New Zealand. Their names were not released by police.