Yahoo Spreading Malware?

Some advertisements on Yahoo Inc’s European websites last week spread malicious software, Yahoo said on Sunday, potentially infecting the computers of thousands of users.

Last Friday, Fox-IT, a Delft, Netherlands-based computer security firm, wrote in a blog that attackers had inserted malicious ads served by ads.yahoo.com.

In a recently released statement, a Yahoo spokesman, said: “On Friday, January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines, specifically they spread malware.” Yahoo said it promptly removed the bad ads, and that users of Mac computers and mobile devices were not affected.

Malware is software used to disrupt a computer’s operations, gather sensitive information, or gain access to private computer systems.

Fox-IT estimated that on Friday, the malware was being delivered to approximately 300,000 users per hour, leading to about 27,000 infections per hour. The countries with the most affected users were Romania, Britain, and France.

“It is unclear which specific group is behind this attack, but the attackers are clearly financially motivated and seem to offer services to other actors,” Fox-IT wrote in the January 3 blog post.

Source

NSA Developing System To Crack Encryption

The U.S. National Security Agency is working to develop a computer that could ultimately break most encryption programs, whether they are used to protect other nations’ spying programs or consumers’ bank accounts, according to a report by the Washington Post.

The report, which the newspaper said was based on documents leaked by former NSA contractor Edward Snowden, comes amid continuing controversy over the spy agency’s program to collect the phone records Internet communications of private citizens.

In its report, The Washington Post said that the NSA is trying to develop a so-called “quantum computer” that could be used to break encryption codes used to cloak sensitive information.

Such a computer, which would be able to perform several calculations at once instead of in a single stream, could take years to develop, the newspaper said. In addition to being able to break through the cloaks meant to protect private data, such a computer would have implications for such fields as medicine, the newspaper reported.

The research is part of a $79.7 million research program called “Penetrating Hard Targets,” the newspaper said. Other, non-governmental researchers are also trying to develop quantum computers, and it is not clear whether the NSA program lags the private efforts or is ahead of them.

Snowden, living in Russia with temporary asylum, last year leaked documents he collected while working for the NSA. The United States has charged him with espionage, and more charges could follow.

His disclosures have sparked a debate over how much leeway to give the U.S. government in gathering information to protect Americans from terrorism, and have prompted numerous lawsuits.

Last week, a federal judge ruled that the NSA’s collection of phone call records is lawful, while another judge earlier in December questioned the program’s constitutionality. The issue is now more likely to move before the U.S. Supreme Court.

On Thursday, the editorial board of the New York Times said that the U.S. government should grant Snowden clemency or a plea bargain, given the public value of revelations over the National Security Agency’s vast spying programs.

Source

Phishing Attacks Increasing

Security researchers at Kaspersky Lab have reported significant growth in phishing attacks over the last year.

In a study entitled “The Evolution of Phishing Attacks”, Kaspersky said it found 37.3 million out of its 50 million customers running its security products that were at risk of being phished from 2012 to the present, an 87 percent increase over the same period between 2011 and 2012.

“The nature of phishing attacks is such that the simplest types can be launched without any major infrastructure investments or in-depth technological research,” Kaspersky said in the report.

“This situation has led to its own form of ‘commercialization’ of these types of attacks, and phishing is now being almost industrialized, both by cybercriminals with professional technological skills and IT dilettantes.”

The security firm explained that overall, the effectiveness of phishing, combined with its profitability for criminals and how simple the process is to undertake has led to a steadily rising number of these types of incidents.

Kaspersky noted that most of the victims in 2012-2013 were located in just ten countries, that is, Russia, the US, India, Germany, Vietnam, the UK, France, Italy, China and Ukraine. These 10 countries were home to 64 percent of all phishing attack victims during this time.

In addition to a rise in the number of users attacked, the number of servers involved in phishing attacks also increased, Kaspersky said, without giving any exact numbers. Though the firm did reveal that internet giants like Yahoo, Google, Facebook and Amazon are the top targets of malicious users.

“Online game services, online payment systems, and the websites of banks and other credit and financial organizations are also common targets,” the firm added, warning users to stay vigilant when entering personal data.

Source

Hackers Attempt To Access AT&T Mobile

AT&T Inc, the No. 2 U.S. wireless carrier, said it is investigating an “organized and systemic attempt” to access mobile customers’ information but that it did not believe any accounts were breached.

The company, which had 100 million subscribers at the end of the third quarter, said it is advising less than 1 percent of its wireless customers that there was an attempt to obtain information about their accounts.

It said that the parties involved appeared to have used “auto script” technology to see if AT&T telephone numbers were linked to online AT&T accounts.

Spokesman Mark Siegel said AT&T’s “investigation is ongoing to determine the source or intent of the attempt to gather this information.”

.

Source…

‘Ransomware’ Malware Threats Increasing

A particularly nasty type of attack named”ransomware” is on the rise, with antivirus vendor Symantec seeing at least three new variants appearing in recent months. Such attacks often use viruses to not only steal a person’s sensitive or financial information, but also to disable hard drives and demand money to restore them.

“Threats that use extortion can be some of the most aggressive and, in some cases, offensive viruses encountered,” said Symantec security researcher Gavin O Gorman in a blog post.

Unfortunately for computer owners, attackers continue increase the sophistication levels of their ransomware. For example, GPCoder.G, which first appeared in November 2010, is a small (only 11 kilobytes ) piece of malware which, if executed, searches a hard drive for files with specific extensions, relating to everything from videos and Microsoft Office files to images and music. It then encrypts the first half of all files found, using a symmetric RSA encryption algorithm and a random key. The random, private key is then encrypted using a public key. “Without the private key from this key pair, it is not possible to obtain the symmetric key in order to decrypt the files,” said O Gorman.

To get the private key, the ransomware victim must forward the encrypted symmetric key to attackers, who decrypt and return it. Unfortunately, aside from restoring the encrypted files from a backup, “there is no way to bypass this technique,” he said.   Read More….