Botnets are mostly linked with spam e-mail campaigns, denial of service attacks and data theft. But global networks of compromised hosts can be used for a variety of ends – not all of them malicious. That was the idea behind “Internet Census 2012,” a stealth project by an unnamed and unknown researcher/hacker to map the entire IPV4 Internet address space using a massive network of compromised devices. The results, published in the form of a research paper, underscore the problem of unsecured embedded devices, including set top boxes, home routers and critical infrastructure, with the hacker able to locate and compromise these systems, creating a botnet of more than 420,000 nodes. According to a copy of the report, the project grew out of an experiment to locate unprotected devices online using nmap, the open source scanning tool. By compromising each vulnerable host and then enlisting it to scan for other […]
Technologies
ISP Telenor: Execs Laptops Emptied in Cyber Spy Operation
The Norwegian telecommunications firm Telenor told authorities in that country that a sophisticated cyber spying operation compromised the computers of leading executives and “emptied” them of sensitive information, including e-mail messages, computer files and passwords, according to a report Sunday by Aftenposten. Several executives of Telenor were the subjects of “extensive, organized industrial espionage,” the report said, quoting Telenor Norway’s director, Rune Dyrlie. The company has reported the incident to Nasjonal sikkerhetsmyndighet – or NSM – Norway’s national security authority as well as Nor-CERT, Norway’s Computer Emergency Readiness Team and the cyber defense unit Cyberforsvaret. “We take it very seriously by several bosses in Telenor stolen sensitive information. It is quite clear that those behind, got downloaded stolen information. There is no doubt that we have lost data,” Dyrlie told Aftenposten. Dyrlie said that the company missed the initial infection, which used “new, customized software.” The first indication of a compromise came after automated monitoring software operated […]
Many Watering Holes, Targets In Hacks That Netted Facebook, Twitter and Apple
The attacks that compromised computer systems at Facebook, Twitter, Apple Corp. and Microsoft were part of a wide-ranging operation that relied on many “watering hole” web sites that attracted employees from prominent firms across the U.S., The Security Ledger has learned. The assailants responsible for the cyber attacks used at least two mobile application development sites as watering holes in addition to the one web site that has been disclosed: iPhoneDevSDK.com. Still other watering hole web sites used in the attack weren’t specific to mobile application developers – or even to software development. Still, they served almost identical attacks to employees of a wide range of target firms, across industries, including prominent auto manufacturers, U.S. government agencies and even a leading candy maker, according to sources with knowledge of the operation. More than a month after the attacks came to light, many details remain under tight wraps. Contacted by The Security […]
Android Ecosystem: Still Fragmented, Insecure
The latest data from Google on use of its Android mobile operating systems highlights the challenge facing the company, with just over 16% of Android users running Versions 4.1 or 4.2 – the latest versions of the OS, dubbed “Jelly Bean” more than six months after its release. In fact, fully 44% of Android users are still running the “Gingerbread” release – Versions 2.3.3 through 2.3.7, a two year-old version of the operating system that has known security vulnerabilities. This according to data released by Google on the Android developer blog. The operating system data was culled from Android devices that accessed Google Play, the company’s mobile application marketplace, during a 14 day period that ended on March 4. The diversity of the Android ecosystem is a byproduct of Google’s go-to-market strategy for the mobile OS. Unlike Apple, which controls both the hardware and software for its iPhones and iPads […]
EverNote Latest Site Hacked In Coordinated Attack
The online personal and business productivity service Evernote.com said on Saturday that it is the victim of a hack that exposed encrypted user password information, forcing password resets across a broad swath of the service’s 50 million registered users. The Redwood City, California-based firm revealed in a blog post that its internal security team discovered “suspicious activity on the Evernote network” that “appears to have been a coordinated attempt to access secure areas of the Evernote Service.” The company said it sent password reset messages to its users as a “precaution” but didn’t believe that stored information in users’ accounts or payment information had been exposed. The hack is just the latest of a prominent online firm. In recent weeks, Twitter, Facebook, Apple and Microsoft have all reported compromises of their internal networks. Those intrusions were linked to attacks aimed at developers and relied on exploits of previously unknown “zero day” […]
