Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Hacking group Anonymous attacks U.S. federal websites

Add to del.icio.us     Digg this story Digg this    Get a great Linux dedicated server for less than $4 a day!

Share on Twitter

Jan. 20, 2012

The hacking group Anonymous has successfully hacked into some U.S. federal websites. Most of the sites shut down by the hackers were up and running early this morning, including the Department of Justice, the FBI and some entertainment sites.

This is referred to as one of the U.S. federal government's largest anti-piracy crackdowns. The group Hacktivist Collective Anonymous admitted that it was responsible for taking down the sites yesterday after the arrests of the leaders of the site Megaupload.com, and the subsequent shut down of the popular hub for illegal media downloads.

Hours after the announcement of the arrests, some of Megaupload's site visitors turned the table on the feds, knocking the U.S. Department of Justice and the FBI websites offline.

Both sites appeared to be back up this morning, however. A law enforcement official said that the FBI was investigating. Anonymous said ten websites in all were targeted and early Friday the sites for music publishing and licensing group, BMI and record company Universal Music were still down, however.

When the sites were visited, they said "This site is under maintenance. Please expect it to be back shortly." The hacker group announced its attentions on Thursday.

"We, Anonymous, are launching our largest attack ever on government and music industry sites. Lulz," the group said in a statement posted late Thursday on an associated Twitter account. "The FBI didn't think they would get away with this did they? They should have expected us."

The hacking group also posted personal information on former Connecticut Senetor Chris Dodd, chairman of the Motion Picture Association of America, one of the targeted sites.

A Justice Department spokesperson, who did not want to be identified, said its Web server was "experiencing a significant increase in activity, resulting in a degradation in service."

"The department is working to ensure the site is available while we investigate the origins of this activity, which is being treated as a malicious act until we can fully identify the root cause of this disruption," the spokesperson said.

The website errors came soon after various Twitter accounts associated with the collective took aim at the U.S. government. Anonymous' favorite weapon for these attacks is what's called a "distributed denial of service" (DDoS) attack, which directs a flood of traffic to a website and temporarily crashes it by overwhelming its servers.

It doesn't actually involve any hacking or security breaches. "One thing is certain: EXPECT US! Megaupload" read one tweet from AnonOps that went out midafternoon. One hour later, the same account tweeted a victory message "Tango down! universalmusic.com & justice.gov are... Megaupload"

Speaking of the Web attacks, an Anonymous representative said 5,635 people used a networking tool called a "low orbit ion cannon." A LOIC is a software tool that aims a massive flood of traffic at a targeted site.

The news come as lawmakers have turned their attention to anti-piracy legislation. Protests erupted both online and offline this week against two newly proposed bills under consideration in Congress-- the House's Stop Online Piracy Act (SOPA) and the Senate's Protect IP Act (PIPA).

The new bills are aimed at cracking down on copyright infringement by restricting access to sites that host or facilitate the trading of pirated content. But the legislation has created a divide between tech giants, who say the language is too broad, and large media companies, who say they are losing millions of dollars each year to rampant online piracy.

On Twitter, YourAnonNews said that yesterday's attacks meant an involuntary blackout for sites of SOPA supporters. Universal Music's website went down Thursday afternoon. The music company had been locked in a legal battle with Megaupload over a YouTube video that featured many of Universal Music's signed artists promoting Megaupload's site.

The websites of the Recording Industry Association of America and Motion Picture Association of America were out of action Thursday afternoon, but they appeared to be back up later in the evening.

"The fact that a couple of sites might have been taken down is really subordinate to the significant news today that the Justice Department brought down one of the world's most notorious file-sharing hubs," he said.

The Anonymous attack came soon after the Justice Department announced the indictment of seven individuals connected to Megaupload for allegedly operating an "international organized criminal enterprise responsible for massive global online piracy of copyrighted material."

In other internet security news

One more time for the past several months, a new variation of Trojan virus is targeting Facebook users again by taking over their computers and asking them for cash.

Over the past three to four years, Facebook has increasingly been the ultimate target of all kinds of nasty viruses and malware with the placement of links on its site that take you to websites infected with all kinds of malware program that will infect a visitor's computer.

Those links are placed by scammers and hackersthat have nothing best to do with their time. And now the social site has recruited Websense to scan its vast social network for links to malicious sites.

The 'Carberp Facebook Virus', like its predecessors 'ZeuS' and 'SpyEye', infects user's computers by tricking them into opening PDF files and Excel documents loaded with tons of malicious code and viruses, or it simply attacks computers in drive-by downloads.

The hidden malware is designed to steal account information, and harvest credentials for email and social-networking sites. Not only that, but a new configuration of the 'Carberp Trojan' also targets Facebook users to ultimately steal eCash vouchers.

Previous malware attacks on Facebook have been designed purely to slurp login info, so this latest skirmish, spotted by transaction security firm Trusteer, can be considered a lot worse. Facebook users need to address this security concern quickly to avoid further issues.

The Carberp variant replaces any Facebook page the user navigates with a fake page notifying the victim that their Facebook account is temporarily locked. Effectively holding Facebook users hostage, the page then asks the mark for their first name, last name, email, date of birth, password and a $25 voucher number to verify their identity and unlock the account.

Trusteer warns that the cash voucher attack is in some ways worse than credit card fraud, because with eCash it is the account-holder, not the financial institution, who assumes the liability for fraudulent transactions.

Trusteer said it does not have any concrete data on how many people might have been hit by this particular attack. But it warns social networking users, particularly those with eCash accounts, to be wary of this particular scam and any potential follow-up frauds along the same lines, which might easily trap the unwary Facebook user.

Amit Klein, CTO at Trusteer says "This Facebook fraud technique is quite effective. Keep in mind that the user gets an authentic-looking message in the context of a genuine, deliberate log-in page to Facebook. We do know that this is exactly where users are most susceptible to divulging personal information and following additional instructions, as their trust in the content is maximal."

The use of anti-debugging and rootkit techniques make the Carberp Facebook Trojan difficult to detect, warns security consultancy Context Information Security. Context said "Carberp is also part of a botnet that can take full control over many infected hosts, while its complicated infection mechanisms and extensive functionality make it a prime candidate for more targeted attacks."

Context also adds that Carberp, which creates a backdoor on infected computers, can be easily controlled from a central administrator control panel, allowing botnet herders to more easily mine stolen data and ask for more cash from Facebook users.

Trusteer said it had reported the attack to Facebook, and shared malware samples prior to going live with its blog, a day after Facebook boasted it had been free of the Koobface worm for more than nine months.

"I don't think that this incident contradicts their "virus free" statement, since Carberp only infects the victim PCs without any modification of the victim's profile in Facebook or any other alteration of the Facebook site," Trusteer's CTO said.

Trusteer also published a blog post on Wednesday featuring screenshots of more details of the Carberp eCash scam in action in a blog post.

Over the past three to four years, Facebook has increasingly been the ultimate target of all kinds of nasty viruses and malware with the placement of links on its site that take you to websites infected with all kinds of malware program that will infect a visitor's computer.

Those links are placed by scammers and hackersthat have nothing best to do with their time. And now the social site has recruited Websense to scan its vast social network for links to malicious sites.

Scammers are using Facebook as a means to drive traffic towards malware and exploit portals or internet scam sites. In response, Facebook has contracted with Websense for security technology that will soon analyse what's going on.

Cloud technology will assign a security classification to sites, presenting users with a warning if the location is considered dangerous.

A warning page will explain why a site might be considered malicious. Users can still proceed, but at their own risks. The approach is similar to Google Safe Browsing warning technology, which is integrated into Firefox and Chrome.

Previously, individual users had the option to add additional security filtering apps, such as Bitdefender Safego, to their profiles as a means to scan for potential spam and/or malicious links.

In other internet security news

Online shoe and clothing retailer Zappos.com is asking its 24 million customers to reset their passwords after a series of cyberattacks. "We were recently the victim of a cyber attack by a criminal organization who gained access to our internal network and accounting system through some of our servers," said a posting on the company's website, which was also sent out as a prioritized email message from company CEO Tony Hsieh to Zappos customers yesterday.

Hsieh said that the company has reset customers' passwords and would be sending an email with further instructions to all its users. It also posted password reset instructions on its website.

Zappos added that the cyber attackers gained access to customers' names, email addresses, billing and shipping addresses, phone numbers and the last four digits of credit card numbers and their encrypted passwords.

However, full credit card numbers and other payment information were stored on a separate server which was not hacked, the company said.

Because it expects an avalanche of email response messages and phone calls from concerned users related to the hacking attempt, Zappos said it was temporarily turning off its phones and would answer all inquiries by email only.

"If just 5 percent of our total customer base calls us, that would be over 1 million phone calls, most of which would not even make it into our phone system in the first place," the company's email to employees said.

"We've spent almost thirteen years building our reputation, brand, and trust with our customers. It's painful to see us take so many steps back due to a single hacking incident," Hsieh's email said.

The email message also went out to customers of Zappos discount website, 6pm.com. While large, the hacking attack wasn't the largest of the past year. In April, Sony's PlayStation Network, with 70 million customers, was hacked, with an unauthorized person obtaining users' names, home addresses, email addresses, birth dates and passwords, according to Sony.

Add to del.icio.us     Digg this story Digg this    Get a great Linux dedicated server for less than $4 a day!

Share on Twitter

Source: The Federal Bureau of Investigation.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

You can link to the Internet Security web site as much as you like.

















Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer






Click here to order your new fully dedicated Plesk server with the Linux operating system.


Get your Linux or Windows dedicated server today.


Click here to order your new fully dedicated Plesk server with the Linux operating system.