Archive for March 7, 2017

WikiLeaks Does Massive Data Dump On CIA Hacking Tools And Ops

Posted in Commentary with tags , on March 7, 2017 by itnerd

WikiLeaks today released documents that shed light on the CIA’s hacking tools and internal operations. What’s key about this is that absolutely no platform is safe from the CIA as documented by BetaNews:

WikiLeaks has unleashed a treasure trove of data to the internet, exposing information about the CIA’s arsenal of hacking tools. Code-named Vault 7, the first data is due to be released in serialized form, starting off with “Year Zero” as part one. A cache of over 8,500 documents and files has been made available via BitTorrent in an encrypted archive. The plan had been to release the password at 9:00am ET today, but when a scheduled online press conference and stream came “under attack” prior to this, the password was released early. Included in the “extraordinary” release are details of the zero day weapons used by the CIA to exploit iPhones, Android phones, Windows, and even Samsung TVs to listen in on people. Routers, Linux, macOS — nothing is safe. WikiLeaks explains how the “CIA’s hacking division” — or the Center for Cyber Intelligence (CCI) as it is officially known — has produced thousands of weaponized pieces of malware, Trojans, viruses and other tools. It’s a leak that’s essentially Snowden 2.0.

I take two things out of this data dump. First, nothing is secure. Absolutely nothing. That should scare you. Second, some of these tools that are now in the public domain, really bad people are going to get their hands on them. That should scare you even more.

It should be interesting to see how this is explained by the US Government.

Advertisements

Massive Outage Hits Microsoft email, Xbox & Skype

Posted in Commentary with tags on March 7, 2017 by itnerd

If you’re trying to play a game on your Xbox, make a call with Skype or check your e-mail with Outlook.com, you’re likely had issues this morning because there is a massive outage for all of the above at this moment. Details from The Verge:

Microsoft Accounts have recovered from an hour-long outage that prevented users from signing into their accounts this morning. Large numbers of Xbox, Skype, and Outlook users complained they were unable to access their accounts, with the login prompt noting that an account doesn’t exist. The Verge tested a number of accounts, and we confirmed there were widespread issues worldwide for at least an hour.

Things seems to be working fine now, and Microsoft has acknowledged that this did happen. But the timing isn’t great after the great Amazon #fail from last week.

Spammers Have Internal Database Leak Onto The Web

Posted in Commentary with tags , on March 7, 2017 by itnerd

In an #EpicFail moment, notorious spammers River City Media (RCM) has exposed 1.37 billion email addresses after failing to password-protect a remote backup. This was discovered by Chris Vickery who is a security researcher at MacKeeper:

A cooperative team of investigators from the MacKeeper Security Research Center, CSOOnline, and Spamhaus came together in January after I stumbled upon a suspicious, yet publicly exposed, collection of files. Someone had forgotten to put a password on this repository and, as a result, one of the biggest spam empires is now falling.

Additional coverage can be seen over at CSOOnline.

The leaky files, it turns out, represent the backbone operations of a group calling themselves River City Media (RCM). Led by known spammers Alvin Slocombe and Matt Ferris, RCM masquerades as a legitimate marketing firm while, per their own documentation, being responsible for up to a billion daily email sends.

Think about that for a second. How can a group of about a dozen people be responsible for one billion emails sent in one day? The answer is a lot of automation, years of research, and fair bit of illegal hacking techniques. 

I say illegal hacking due to the presence of scripts and logs enumerating the groups’ many missions to probe and exploit vulnerable mail servers.

The game that these spammers were playing goes something like this. RCM gathered its mammoth database from people requesting credit checks, entering prize giveaways and sweepstakes and applying for education opportunities, along with techniques like co-registration in which a person’s info is shared with unnamed affiliates after clicking “submit” or “I agree” on a website. Thus, there’s a very good chance that your e-mail address is likely in this leak.

The good news is that RCM’s spamming days are over. Spamhaus has blacklisted their entire operation. The bad news is that this database has a ton of personally identifiable info. Who knows what hands that is going to end up in.