Internet Security News - SecurityProNews

Nigeria Announces Early Results Of Anti-Scammer Initiative

No one's sure how many there are to go, but according to a Nigerian official, there are about 800 scam email addresses and 18 criminals that can be considered "down." Mrs. Farida Waziri, the chairperson of a government agency, announced that some shutdowns and arrests occurred thanks to an initiative called Project Eagle Claw.

Nigeria Announces Early Results Of Anti-Scammer Initiative

Nigeria's Economic and Financial Crimes Commission is the force behind Project Eagle Claw, and with Microsoft's help, has just started ramping it up. Waziri explained in a statement, "We expect that Eagle Claw as conceived will be 100% operational within six months and at full capacity, it will take Nigeria out of the top 10 list of countries with the highest incidence of fraudulent e-mails."

She then gave some very interesting details, continuing, "[U]pon full deployment, the capacity to take down fraudulent e-mails will increase to 5,000 monthly. Further it is projected that advisory mails to be sent to victims and potential victims will be about 230,000 monthly."

Anything Nigeria can do to address the problem of scammers operating from within its borders will of course be good for the country's image. More than that, it might help honest Nigerians become part of the online world (since some entities have just taken to blocking troubled regions as a whole).

Then there will be the benefit to the rest of the world, with maybe millions of dollars not getting lost. For that reason, Project Eagle Claw is likely to gain a lot of fans.

MessageLabs Names Most- (And Least-) Spammed States

When considering where to live, it's wise to look up stats about an area's climate, the cost of living, and its proximity to other important stuff in your life. Symantec's MessageLabs recently supplied some information about your odds of getting spammed, too.

MessageLabs Names Most- (And Least-) Spammed States

Somewhat surprisingly, the states you might imagine as being the "most wired" - California, New York, Washington - weren't at the top of the list. Instead, the state in which spam represents the highest percentage of all emails received is Idaho, with 93.8 percent.

In an email to SecurityProNews, a Symantec/MessageLabs representative then listed the other top states (in order) as Kentucky, New Jersey, Alabama, Illinois, Indiana, Massachusetts, Pennsylvania, Arizona, and Maryland.

The U.S. territory of Puerto Rico wound up on the opposite end of the list, followed by Montana, Alaska, Kansas, South Dakota, Tennessee, Vermont, Rhode Island, Wisconsin, and Florida.

We're not quite sure what to make of these findings; the states don't appear to be ordered according to Internet penetration rates, GDP per capita, overall population, physical size, or anything else. Still, if you're looking to move, now you have a better idea of how to decrease the odds of getting bombarded with spam at your new home.

Enormous Malware Archive Creates Stir

A Dutch company known as the Frame4 Group has created what's almost the computing equivalent of a Center for Disease Control lab. The Malware Distribution Project is, according to its own site, the "world's biggest private malware archive."

Enormous Malware Archive Creates Stir

Don't jump to the conclusion that the project's run by a bunch of supervillains; the malware samples are supposed to be "offered for the purposes of analysis, testing and malware research."

Also, customers are screened, and a monthly access fee of about $1,235 should act to keep out some of the riffraff.

It actually seems possible that the Malware Distribution Project could be of great help to the security community. When you consider that medical researchers don't have to wander from house to house, asking people if they have cancer, every time they want to start a new experiment, certain practices start to seem a little outdated.

There is a potential for problems, though. One nightmare scenario relates to the Malware Distribution Project's figurative walls failing and everything getting out. Having all of that malware run amuck at once - particularly if security researchers' computers were the first things it'd come across - would be bad.

Then there's the possibility that some unpleasant person would gain access to the Malware Distribution Project's archive and just sort of go on a shopping spree. This way, some relatively stupid hacker might be able to get his (or her) hands on the most sophisticated viruses in existence.

As you might imagine, the Malware Distribution Project is definitely proving divisive.

Anyway, at last count, the repository contained a whopping 3,336,503 files.

UPDATE (10-13-09): Anthony Aykut, the Managing Director of Frame4 Security Services, got in touch with SecurityProNews this morning to pass along some information. In an email, he wrote, "[T]he malware is neither downloadable via the web site or accessible in any other way via the www; in fact, the (secure) servers where the malware is stored (or analyzed/processed) is not even connected to the outside world."

Aykut also stressed that nothing is sold to the public, and added, "Largely due to the security measure(s) mentioned above, and also based on to the fact that the storage media are protected by biometric devices, getting access to the MD:Pro archive is, well, pretty impossible."

Avsim Hacker (Maybe) Brought Before Cops

Perhaps people who like to spend their spare time in the cockpits of imaginary F-16s should be left alone. The man in charge of a flight simulator site that was attacked claims to have identified the hacker and forwarded information to the authorities.

Avsim Hacker (Maybe) Brought Before Cops

Avsim is one of the best-known flight sim communities in existence. It's been around for a long time, too. Unfortunately, a hacker managed to wipe about a decade's worth of modification info and forum posts from the site's servers back in May.

Now, though, Tom Allensworth, the publisher and CEO of Avsim, has told the BBC, "We . . . have incontrovertible evidence of the individual that performed the hack. We have protected the forensic evidence and provided that evidence to the London police. We are committed to bringing justice to bear on this case."

Allensworth is confident in the outcome, too, adding, "We fully expect that the criminal complaint . . . will result in the perpetrator spending some time behind bars - under UK law." (Since Avsim's located in the US, this means he's not pushing for extradition or anything of that sort.)

Neither London's Metropolitan Police Service nor the accused individual (who hasn't been publicly named) has made any comment yet.

Email Password Hackers Present Real Threat

The next time you have something really important to tell someone, consider whether a drive over to his or her house wouldn't be a nice way of spending a few minutes. One reporter has found that it's quite easy (and perhaps all too common) for people to buy email accounts' passwords from hackers.

Email Password Hackers Present Real Threat

Tom Jackman wrote in an article for the Washington Post, "[S]ervices as YourHackerz.com are still active and plentiful, with clever names like 'piratecrackers.com' and 'hackmail.net.' They boast of having little trouble hacking into such Web-based e-mail systems as AOL, Yahoo, Gmail, Facebook and Hotmail, and they advertise openly."

Jackman found that prices for passwords range from around $30 to $100, which means that even the average ten-year-old can probably afford these hackers' services.

Plus, unless someone important is involved or things get rather serious, law enforcement isn't terribly likely to look into (or at least resolve) the matter, because accessing a computer without authorization is just a misdemeanor in most areas and tracking down a perpetrator can be difficult.

And it doesn't help, of course, that all of these facts have now been publicized in a widely-read newspaper.

So if you've got some nasty business rivals or psycho exes, at least try to play it safe by changing your password often for as long as you're in the person's sights. Then there's always the option of putting a few more miles on the odometer, too.

Laptops, CDs Alarm Governors, Credit Unions

Today's lesson - that stuff in the physical world can pose a security threat - is a simple one. It seems to be an important one, too, as governors and credit unions are receiving unsolicited and suspicious laptops and CDs.

Laptops, CDs Alarm Governors, Credit Unions

The laptops may represent the more interesting development. Robert McMillan reports, "The U.S. Federal Bureau of Investigation is trying to figure out who is sending laptop computers to state governors across the U.S., including West Virginia Governor Joe Mahchin and Wyoming Governor Dave Freudenthal. . . . According to sources familiar with the investigation, other states have been targeted too . . ."

New HP laptops are apparently just showing up, unsought but ready for use, at government offices. That's fine if some Bill Gates-like figure has decided to give small gifts to our country's political leaders, of course. It's less fine if someone's trying to steal all of their passwords and whatever sort of public and private info they'd use the laptops to view.

As for the CDs, the problem appears to be smaller. Indeed, the discs probably just exposed some lapses in judgment. Malware infected CDs that were sent to credit unions were "part of an authorized pen[etration] test," according to Johannes Ulrich, who spoke with a Microsolved representative.

It doesn't look like any damage has been done, then. Just try to keep in mind the old warnings about knowing where stuff's been and gifts being too good to be true.

Conficker Remains On The Threat Radar

The Conficker worm didn't bring about a virtual apocalypse on April 1st, and for that, the security community was thankful. Yet at the same time, Conficker didn't commit hara-kiri or disappear, and it's continued to spread and pose a threat to this day.

Conficker Remains On The Threat Radar

Conficker was first discovered in November of 2008. It managed to infect computers running Windows at a stunning rate, worming (pun intended) its way onto perhaps as many as 15 million of them at one point.

But since Conficker was scheduled to activate on April 1st of this year, even experts weren't quite sure whether to expect some sort of catastrophic attack or just the Internet's biggest April Fools' Day prank.

Now, although experts are still uncertain of Conficker's purpose, it remains quite large.

In fact, John Markoff writes, "With more than 5 million of these zombies now under its control--government, business and home computers in more than 200 countries--this shadowy computer has power that dwarfs that of the world's largest data centers."

Researchers are still attempting to address the matter, however. Innovative antivirus software has made older versions of Conficker less threatening, and a volunteer group that counts Microsoft, Symantec, and a number of other companies and universities as members still meets every so often.

The FBI's trying to determine who's responsible for Conficker, too, which adds a whole different dimension.

Hopefully the program's authors have decided to abandon the program. If something else is going on, the good guys have at least made some progress and gained a better understanding of the computer worm, which should lessen any negative effects.

Report Warns Of Oil Rig Hacking

If North Korean scientists, nerdy members of the Earth Liberation Front, or some other forces decide to disrupt the oil supply, they might need little more than a computer to pull off the stunt. A Norwegian research group has indicated that offshore oil rigs are becoming increasingly vulnerable to hacking.

Report Warns Of Oil Rig Hacking

According to SINTEF, the trouble lies in the oil companies' (understandable) desire to save money and protect people by automating the rigs. Greg Grant explained, "[V]ital operations -- everything from data transmission to drilling to sophisticated navigation systems that maintain the platform's position over the wellhead -- are controlled via wireless links to onshore facilities."

And those links, of course, aren't as easily secured as dials and levers that human beings need to have their hands on.

This could lead to some real problems. SINTEF scientist Martin Gilje Jaatun told Grant that viruses have already caused oil production losses and personnel injuries. It's not hard to imagine that oil rigs might be completely hijacked at some point in time.

Hopefully the existence of SINTEF's analysis will cause oil companies (who certainly don't want these problems to occur, either) to take another look at their platform security, though.

McAfee Highlights Danger Of Celebrity-Related Searches

People who insist on following the lives of celebrities (and particularly, attractive female ones) should be careful. McAfee's compiled a list of the most dangerous celebs to search for, and the report, which includes a lot of familiar names, also outlines some scary threats.

McAfee Highlights Danger Of Celebrity-Related Searches

So how bad is it? Jessica Biel somehow wound up ranking as the riskiest celebrity, and McAfee said in a statement, "When 'Jessica Biel screensavers' was searched, almost half of the sites were identified as containing malicious downloads with spyware, adware and potential viruses."

Similar stats weren't given for the second most dangerous celebrity (Beyonce), but if you hop down to number three, the statement continued, "More than 40% of the Google search results for 'Jennifer Aniston screensavers' contained nasty viruses, including one called the 'FunLove virus.'"

Then, filling out the top 15, other celebs to be extra careful around include Tom Brady, Jessica Simpson, Gisele Bundchen, Miley Cyrus, Megan Fox, Angelina Jolie, Ashley Tisdale, Brad Pitt, Reese Witherspoon, Britney Spears, Rihanna, Lindsay Lohan, and Kim Kardashian.

Celebrity watchers will probably do best to pick a few sites that are safe, reliable sources of info and then just stick with them.

Three Of Four Charges Dismissed In Terry Childs Case

Terry Childs, the San Francisco network administrator who kept some rather important passwords to himself last summer, is now facing a considerably shorter list of accusations. A judge has dismissed three of the four charges that were brought against him.

Three Of Four Charges Dismissed In Terry Childs Case

A San Francisco Examiner article explains, "According to Childs' attorney Richard Shikman, the three counts for which [Judge] McCarthy found insufficient evidence relate to accusations he had improperly connected three modems to the network, 'essentially an anti-hacking statute,' he said."

Then, "A fourth count that was allowed to stand was for Childs' alleged refusal to hand over the passwords to the system to network administrators."

Childs has pled not guilty to the last charge, which carries a maximum sentence of five years.

Sentiment in the IT and security communities seems to be turning in Childs' favor, considering that he's had to remain in custody ever since the initial incident. The fact that his bail was set at $5 million seems a little extreme, too.

Others, though, still find it silly (or worse) that Childs wouldn't release the city's passwords to anyone other than the mayor.

We'll be sure to report additional info whenever the wheel of justice creaks forward again.