Archive for April 2011

Hacker Steals PlayStation users’ personal info

A hacker has obtained the personal information of PlayStation Network account holders and subscribers of the Qriocity streaming service, Sony said in a message to customers Tuesday.

Sony’s investigations over the past week determined that an “unauthorized person” had obtained users’ names, home addresses, e-mail addresses, birth dates and passwords, according to a statement being sent to all account holders.

The attack also has crippled Sony’s PlayStation Network, which has some 70 million subscribers and has been down since April 20. The network lets customers download video games from the Web and play against each other online.

“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility,” said Sony Computer Entertainment and Sony Network Entertainment, which manage the two services, in a joint statement.

The hacker could have taken credit card numbers, card expiration dates, billing addresses, answers to security questions and purchase history, but not credit-card security codes, they said.

Sony is encouraging customers “to protect against possible identity theft or other financial loss” by reviewing credit-card statements. The company also suggested that some customers may want to place a “fraud alert” with credit bureaus.

Sony did not say how many accounts had been compromised. A spokeswoman declined to comment Tuesday.

From CNN Tech: http://www.cnn.com/2011/TECH/gaming.gadgets/04/26/playstation.network.hack/index.html

Your iPhone Is (Secretly) Tracking Everywhere You’ve Been!

It turns out that all our iPhones are keeping a record of everywhere you’ve been since June. This data is stored on your phone (or iPad) and computer, easily available to anyone who gets their hands on it.

The enormous privacy startle, apparently enabled by this summer’s iOS 4 release, was discovered by two security researchers, one of whom claims he was an Apple employee for five years. They’re equally puzzled and disturbed by the location collection: “By passively logging your location without your permission, Apple have made it possible for anyone from a jealous spouse to a private investigator to get a detailed picture of your movements,” they explain. All it would take to crack the information out of your iOS device is an easy jailbreak. On your computer, the information can be opened as easily as JPEG using the mapping software that the security experts have made for download—Try it yourself: http://petewarden.github.com/iPhoneTracker/#1

From Gizmodo: http://gizmodo.com/#!5793925/your-iphone-is-secretly-tracking-everywhere-youve-been

U.S. shuts down massive cyber theft ring

WASHINGTON/BOSTON (Reuters) – U.S. authorities claimed one of their biggest victories against cyber crime as they shut down a ring they said used malicious software to take control of more than 2 million PCs around the world, and may have led to theft of more than $100 million.

A computer virus, dubbed Coreflood, infected more than 2 million PCs, enslaving them into a “botnet” that grabbed banking credentials and other sensitive data its masters used to steal funds via fraudulent banking and wire transactions, the U.S. Department of Justice said on Wednesday.

The government shuttered that botnet, which had operated for a decade, by seizing hard drives used to run it after a federal court in Connecticut gave the go-ahead.

“This was big money stolen on a large scale by foreign criminals. The FBI wanted to stop it and they did an incredibly good job at it,” said Alan Paller, director of research at the SAN Institute, a nonprofit group that helps fight cyber crime.

The vast majority of the infected machines were in the United States, but the criminal gang was likely overseas.

“We’re pretty sure a Russian crime group was behind it,” said Paller.

From TalkingPonitsMemo: http://www.talkingpointsmemo.com/news/2011/04/us_shuts_down_massive_cyber_theft_ring.php?ref=fpc

post 19

post 18

‘LizaMoon’ Mass SQL Injection Attack Escalates Out of Control – one million sites compromised!

Millions of unique URLs have been infected with a rampant SQL injection attack Websense has dubbed “LizaMoon.” The SQL injection attack redirects users to a fake AV site.

A mass SQL injection attack that initially compromised 28,000 websites has spiraled out of control. At the last count, more than a million sites have been compromised, with no end in sight.

Security firm Websense has been tracking the “LizaMoon” attack since it started March 29. The company’s malware researchers dubbed the attack LizaMoon after the first domain that victims were redirected to. At the redirected site, users saw a warning dialog that they had been infected with malware and a link to download a fake antivirus.

The users are shown a number of threats supposedly on their computer, but the fake AV, Windows Stability Center, won’t remove them until the user pays up, in a “very traditional rogue AV scam,” wrote Patrik Runald, the Websense researcher who has been following the attack over the past few days.

The list of redirect URLs has ballooned in the days since, as Websense updated its list March 31 with 20 additional sites, making this one of the biggest mass-injection attacks ever.

More than 500,000 URLs have been injected with LizaMoon, according to Runald. If all the domains used in the attack are considered, eWEEK found about 2.9 million results on Google Search that have been compromised.

From eWeek: http://www.eweek.com/c/a/Security/LizaMoon-Mass-SQL-Injection-Attack-Escalates-Out-of-Control-378108/