Posts tagged hack
Originally posted from one of my other blogs, George’s Wonder Blog on August, 5, 2008 – and little has really changed in that Facebook is not for the faint of heart. You need to be careful.
MySpace, Facebook, and Twitter attacked by social engineering – fake flash downloads
I’ve recently read about ‘Web worm’ attacks aimed at Facebook and MySpace; and just today I read about social engineering attacks (ploys, tricks) against Twitter. ZDNet’s Ryan Naraine posted Adobe: Beware of fake Flash downloads just today, and Adobe’s David Lenoe posted Verifying Installers on Adobe’s Product Security Incident Response Team blog yesterday. Here’s the skinny from Adobe’s blog, color & formatting added by myself for emphasis:
If you search the terms “top social media networks” your likely to get lots of lists of the top 10 social networks, and Facebook is almost always going to be in the first five. Even so, Facebook is not without its list of detractors and dissatisfied customers waiting for Facebook to “get it right”. They change things around on a pretty regular basis, even a Dec. 6, 2010 ABC News video is touts “Facebook Facelift: Rolling Out Another Makeover”. Online tech sites like ZDNet have guides on locking down your Facebook account!
Well, to be honest I can’t hack your Wi-Fi, but a Minnesota man was jailed for 18 years for hacking his neighbor’s Wi-Fi and “impersonating” him online. The ARS Technica article WiFi-hacking neighbor from hell gets 18 years in prison reports that the 46 year old computer technician downloaded WiFi hacking software and cracked his neighbor’s WEP encrypted password.
This blogspot post about WEP vs WPA vs WPA2 shows at the top how long it takes to break a password using BRUTE FORCE [WIKIPEDIA: brute force password attack] against WEP, WPA and WAP2 encryption. The long and short of the article is that if you have a choice between the 3, you should choose WPA2 for the best security.
Gmail has beefed up account security a little recently, possibly in part due to the recent China hacking and phishing attacks and intrusions. Now, detecting suspicious account activity has gotten a little simpler.
You may remember Gmail’s 2008 Remote Sign Out and Info post where they announced the then new remote sign out and info feature which allowed you to see from what IP, and at what time your past several logins occurred in your Gmail account. You can access the Activity on This Account info window when logged into Gmail by scrolling to the bottom and clicking the Details link you can see in the screenshot below.
Now, if Gmail notices logins from different locations and figures you aren’t likely to have accessed your account from those locations, you will see a notice when you login next.
For example, you aren’t likely to be able to access your account from Canada and Mexico within 15 minutes of one another.
Now, if it looks like something unusual is going on with your account, we’ll also alert you by posting a warning message saying, “Warning: We believe your account was last accessed from…” along with the geographic region that we can best associate with the access.
- Google’s Pavni Diwanji, Engineering Director
The Activity on This Account info window has been changed to reflect new information now available to you as a result of this latest security change. Here’s what it looks like now.
Now you can more easily detect if your account has been accessed without your permission or knowledge more easily. If you think your account has been compromised you should change your password, and it won’t hurt to check your Google Account settings to make sure that your secondary email address has not been changed – or in the case you don’t have one making sure that one has not been added. I’d guess that in the future it will only get easier to determine if someone has been tampering with your Gmail account.
Today, 3/22/2010, Google stopped censoring Chinese search results as a result of continued hacking/phishing attacks and intrusions against Google and other companies as also noted in their earlier post from January, 2010 – A New Approach to China.
The search engine & web applications giant has redirected visits at Google.cn (Google China) to Google.hk (Google Hong Kong). Google has tried it the Chinese government’s way, now they are taking their new approach. Google says:
So earlier today we stopped censoring our search services—Google Search, Google News, and Google Images—on Google.cn. Users visiting Google.cn are now being redirected to Google.com.hk, where we are offering uncensored search in simplified Chinese, specifically designed for users in mainland China and delivered via our servers in Hong Kong.
- A new approach to China: an update (Google Blog)
Concerning the increased traffic at Google Hong Kong, Google says:
Due to the increased load on our Hong Kong servers and the complicated nature of these changes, users may see some slowdown in service or find some products temporarily inaccessible as we switch everything over.
- A new approach to China: an update (Google Blog)
Spammers are nothing if not smart copycats. Why write your own copy (text message) and come up with your own ideas for formatting emails when you can take ideas directly from valid emails? That exactly what I see happening more and more lately. Take this email for example:
This message contains images. If you don’t see images, click here to view
In case of no image, press here
Subscribe | Unsubscribe | Change of Address
This message was sent from Naedaee to email@example.com.
You have been sent The Uzqvaq because you have opted in to receive it.
Note: It may take our system up to two business days to process your unsubscribe request and during that time you may receive one or two more newsletters. Thank you for reading.
If you get an email like this and your spam filter doesn’t catch it (Gmail has GREAT spam filters! Plus you can use Gmail on your T-Mobile G1) you might need to look at it carefully. In this case I noticed the email was from me (odd, eh? mailing myself a newsletter!) Then I hovered over the links in the email and saw the website addresses ended with .cn (China). Red flags went up and I wouldn’ve sent that sucker to spam folder, except it was already there. Look at your emails before hitting that “If you don’t see images, click here to view” link and you might save yourself a lot of trouble. Normally I will freely visit .com, .net, .org, .us, .com.uk, and some others that I recognize. Whenever I see a weird one I’ll google it. For example if the domains were something orother.az I google .az domains and see what comes up. In this case its Azerbaijan which I still lump together with Russia, so any unexcepted email from there I’d mark as spam.
MORE, PLUS A LITTLE RANTING AND CONSPIRACY THEORIES
Now, I certainly did not opt in to receive any free newsletters from a Chinese website. No wonder I read about stuff like the recent mysterious virus that struck the FBI & U.S. Marshals Service and now NASA is pretty much constantly getting hacked! Emails like the one above are sent out and employees, regular Joes and Janes in our governments work force are freaking out and clicking the unsubscribe or feedback links to get themselves removed from the list or complain about being on the list they certainly did not subscribe to. But instead there is a chance that the web page they are taken to (which they probably do not even realize is a Chinese website) has a virus embedded into it or other goodies to identify or attempt to infect the computer of the person clicking the link. I can imagine the programming on a page like this:
Is the visitor from the US or a US-loving country?
- If the American or American-loving visitor is NOT at a secure location China would like to hack, try to damage the visitor’s computer.
- If the American or American-loving visitor IS at a secure location China would like to hack, then try to load software onto that computer.
- If the visitor is not from a US-loving country then display a harmless webpage.
Now I realize I am generalizing big time, because not all Chinese websites are bad. But certainly those that send spam are bad to some extent. Plus after reading those two articles above I can’t resist a little conspiracy theory. NASA is getting hacked on a regular basis and the FBI and US Marshals Service have been infected to some extent by a virus.
Its scary that in April 2005 NASA was hacked and still no one is really sure exactly who did the hacking. If they do know, they are not saying. The usual suspects include Russia and China but no formal accusations have been made.
Apparently NASA’s computers are a weak link in the DoD information chain. According to BusinessWeek online:
America’s military and scientific institutions—along with the defense industry that serves them—are being robbed of secret information on satellites, rocket engines, launch systems, and even the Space Shuttle. The thieves operate via the Internet from Asia and Europe, penetrating U.S. computer networks. Some of the intruders are suspected of having ties to the governments of China and Russia, interviews and documents show. Of all the arms of the U.S. government, few are more vulnerable than NASA, the civilian space agency, which also works closely with the Pentagon and American intelligence services.
For about 10 years now NASA has been aware of these intrusions and have not been able to stop them, and its costing actual dollars in terms of hardware, not just data and research. Another quote from this BusinessWeek online article says:
In 1998 a U.S.-German satellite known as ROSAT, used for peering into deep space, was rendered useless after it turned suddenly toward the sun. NASA investigators later determined that the accident was linked to a cyber-intrusion at the Goddard Space Flight Center in the Maryland suburbs of Washington. The interloper sent information to computers in Moscow, NASA documents show. U.S. investigators fear the data ended up in the hands of a Russian spy agency.
So in other words there was a hack incident where a satellite was turned toward our Sun and for all intents and purposes turned into a pile of orbiting junk. You would think in the 10+ years NASA would have secured funding for new software, hardware and manpower to protects its (and our) interests. Undoubtedly something has been done, but as this article seems to indicate, NASA is still a target being successfully penetrated by foreign interests.