Friday, 31 January 2014

Yahoo Mail hacked; Change your account password immediately

Hack Reports
31 January 2014

A really bad year for the world's second-largest email service provider, Yahoo Mail! The company announced today, 'we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts', user names and passwords of its email customers have been stolen and are used to access multiple accounts.

Yahoo did not say how many accounts have been affected, and neither they are sure about the source of the leaked users' credentials. It appears to have come from a third party database being compromised, and not an infiltration of Yahoo's own servers.

"We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails."

For now, Yahoo is taking proactive actions to protect their affected users, "We are resetting passwords on impacted accounts and we are using second sign-in verification to allow users to re-secure their accounts. Impacted users will be prompted (if not, already) to change their password and may receive an email notification or an SMS text if they have added a mobile number to their account."

People frequently use the same passwords on multiple accounts, so possibly hackers are brute-forcing Yahoo accounts with the user credentials stolen from other data breaches.

Yahoo users can prevent account hijacks by using a strong and unique password. You can use 'Random strong password generator' feature of DuckDuckGo search engine to get a unique & strong password.

Users are also recommended to enable two-factor authentication, which requires a code texted to the legitimate user's mobile phone whenever a login attempt is made from a new computer.

Yahoo! was hacked in July 2012, with attackers stealing 450,000 email addresses and passwords from a Yahoo! contributor network.


Tuesday, 28 January 2014

FBI hits 'hackers-for-hire' websites

BBC News
January 27, 2014

The FBI has arrested five people in connection with what it says are several hacking-for-hire websites.

Two men have been charged with running and three others with being customers of websites that allegedly offered to obtain access to email accounts.

The swoop against the sites was co-ordinated with police forces in Romania, India and China.

Six other alleged administrators of such sites were arrested as part of the overseas element of the operation.

Mark Anthony Townsend and Joshua Alan Tabor, both of Arkansas, have been charged with operating the website that, according the FBI, charged people to find passwords for about 6,000 email accounts.

If the two are found guilty they face up to five years in jail for computer fraud offences.

The other three people have been charged with paying, between them, more than $23,000 (£14,000) to similar hacker-for-hire websites outside the US to find passwords for a wide variety of email accounts.

Paying a hacker to act on your behalf is a "misdemeanour offense" and if found guilty each defendant could go to a federal jail for 12 months.

In a statement, the FBI said it expected all five defendants to plead guilty.

Four people in Romania, one person in India and one in China were also arrested in connection with websites that allegedly offered to obtain a password for any email account for between $100 (£60) and $500 (£300).

BBC © 2014

FBI hits 'hackers-for-hire' websites

Wednesday, 22 January 2014

Millions of German passwords stolen

BBC News
January 21, 2014 7:13 PM

The passwords and other details of 16 million email users in Germany have been stolen, the country's security agency has revealed.

The Federal Office for Security said criminals had infected computers with software which allowed them to gather email addresses and account passwords.

The agency has not commented on what progress it has made in tracking down the hackers.

It has set up a website for people to check whether they have been victims.

The agency learnt that the online criminals had managed to infect millions of computers with a program that would enrol them on to a network from where data could be stolen.

It believes most of those targeted are in Germany as many of the email addresses end in .de which is the identifier for German web addresses.

The scale of the attack is the equivalent of almost a fifth of the German population being at risk.

The BBC's correspondent in Germany, Steve Evans, said that so many people were anxious to check if they were victims of this hack that they overwhelmed the official security website causing it to crash.

BBC © 2014

Millions of German passwords stolen

Huge data theft hits South Korea

BBC News

Huge data theft hits South Korea
January 20, 2014

Credit card details from almost half of all South Koreans have been stolen and sold to marketing firms.

The data was stolen by a computer contractor working for a company called the Korea Credit Bureau that produces credit scores.

The names, social security numbers and credit card details of 20 million South Koreans were copied by the IT worker.

The scale of the theft became apparent after the contractor at the centre of the breach was arrested.

Unprotected data

Managers at the marketing firms which allegedly bought the data were also arrested.

Early reports suggest that the contractor got hold of the giant trove of data thanks to the access Korea Credit Bureau enjoys to databases run by three big South Korean credit card firms. The contractor stole the data by copying it to a USB stick.

Regulators are now looking into security measures at the three firms - KB Kookmin Card, Lotte Card, and NH Nonghyup Card - to ensure data stays safe. A task force has been set up to investigate the impact of the theft.

The three bosses of the credit card firms involved made a public apology for the breach.

In a statement the Financial Services Commission, Korea's national financial regulator, said: "The credit card firms will cover any financial losses caused to their customers due to the latest accident."

Another official at the FSC said the data was easy to steal because it was unencrypted and the credit card firms did not know it had been copied until investigators told them about the theft.

This theft of consumer data is just the latest to hit South Korea. In 2012, two hackers were arrested for getting hold of the details of 8.7 million subscribers to KT Mobile. Also, in 2011, details of more than 35 million accounts of South Korean social network Cyworld were exposed in an attack.

BBC © 2014

Huge data theft hits South Korea

Sunday, 12 January 2014

Yahoo malware creates Bitcoin botnet

BBC News
January 9, 2014

Adverts on Yahoo's homepage were infected with malware designed to mine the Bitcoin virtual currency, according to security experts.

Yahoo confirmed that for a four-day period in January, malware was served in ads on its homepage.

Experts estimate that as many as two million European users could have been hit.

Security firm Light Cyber said the malware was intended to create a huge network of Bitcoin mining machines.

"The malware writers put a lot of effort into making it as efficient as possible to utilise the computing power in the best way," Light Cyber's founder Giora Engel told the BBC.

Lucrative market

Bitcoin mining malware is designed to steal computing power to make it easier for criminals to accumulate the virtual currency with little effort on their part.

"Generating bitcoins is basically guessing numbers," said Amichai Shulman, chief technology office of security firm Imperva.

"The first one to guess the right number gets 25 bitcoins and if you have a large volume of computers guessing in a co-ordinated way then you have a more efficient way of making money," he added.

Other than a computer running slower, victims will be unaware that their machine is being used in what could become known as a "bitnet".

It is a variation on the traditional botnet, networks of malware-infected computers used to churn out spam or bombard websites with requests in order to knock them offline.

Some experts estimate that such networks could be generating as much as $100,000 (£60,000) each day.

Since bitcoins have risen in value - at its peak one bitcoin was worth $1,000 - making it a lucrative market for online criminals.

"Bitcoin mining malware is the new frontier as criminal gangs look for new ways to make money," said Mr Engel.

Easy target

Yahoo acknowledged the attack in a statement earlier this week.

"From December 31 to January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines - specifically, they spread malware," the statement read.

It went on to say that users in America, Asia and Latin America weren't affected but did not specify how many European users were victims.

Fox IT, the Dutch cybersecurity firm which revealed the malware attack, estimates that there were around 27,000 infections every hour the malware was live on the site.

Over the period of the attack that could mean as many as two million machines were infected.

Such attacks may be hard to avoid, said Mr Shulman.

"For an ad platform it is virtually impossible to guarantee 100% malware free ads."

"There are many independent stakeholders involved in the process of web advertising, so from time to time any ad platform is bound to deliver malware."

BBC © 2014

Yahoo malware creates Bitcoin botnet