A Closer Look at the Syrian Electronic Army

From Krebs on Security:

A hacking group calling itself the Syrian Electronic Army (SEA) has been getting an unusual amount of press lately, most recently after hijacking the Web sites of The New York Times and The Washington Post, among others. But surprisingly little light has been shed on the individuals behind these headline-grabbing attacks. Beginning today, I’ll be taking a closer look at this organization, starting with one of the group’s core architects.

Earlier this year I reported that — in apparent observation of international trade sanctions against Syria – Network Solutions LLC. and its parent firm Web.com had seized hundreds of domains belonging to various Syrian entities. Among the domains caught in that action were several sites belonging to the SEA . . .

Fed Malware Takes Down Tor Host

From Wired:

Security researchers tonight are poring over a piece of malicious software that takes advantage of a Firefox security vulnerability to identify some users of the privacy-protecting Tor anonymity network.

The malware showed up Sunday morning on multiple websites hosted by the anonymous hosting company Freedom Hosting. That would normally be considered a blatantly criminal “drive-by” hack attack, but nobody’s calling in the FBI this time. The FBI is the prime suspect.

“It just sends identifying information to some IP in Reston, Virginia,” says reverse-engineer Vlad Tsrklevich. “It’s pretty clear that it’s FBI or it’s some other law enforcement agency that’s U.S.-based.”

If Tsrklevich and other researchers are right, the code is likely the first sample captured in the wild of the FBI’s “computer and internet protocol address verifier,” or CIPAV, the law enforcement spyware first reported by WIRED in 2007.

Government Increasingly Using Hacking Tools

From the Wall Street Journal:

Law-enforcement officials in the U.S. are expanding the use of tools routinely used by computer hackers to gather information on suspects, bringing the criminal wiretap into the cyber age.

Federal agencies have largely kept quiet about these capabilities, but court documents and interviews with people involved in the programs provide new details about the hacking tools, including spyware delivered to computers and phones through email or Web links—techniques more commonly associated with attacks by criminals.

People familiar with the Federal Bureau of Investigation's programs say that the use of hacking tools under court orders has grown as agents seek to keep up with suspects who use new communications technology, including some types of online chat and encryption tools. The use of such communications, which can't be wiretapped like a phone, is called "going dark" among law enforcement . . .

The FBI develops some hacking tools internally and purchases others from the private sector. With such technology, the bureau can remotely activate the microphones in phones running Google Inc.'s GOOG +1.82% Android software to record conversations, one former U.S. official said. It can do the same to microphones in laptops without the user knowing, the person said. Google declined to comment. 

Instagram Hack Serves Up Fruit

Here's a funny little story from The Next Web:

An Instagram hack that posts pictures of fruit to users’ timelines has returned. We last saw the issue back in June.  Once again, the images – often of fruit but sometimes (as The Verge notes) of smoothies – are accompanied by text suggesting that the user is trying a new diet and encouraging others to follow a link that has been inserted into their bio.

How Easy Is It to Hack a Cell Phone? Pretty Easy

From CNN:

An increasingly popular technology for extending cell-phone coverage ranges had a major security hole that went undetected for years, through which an attacker could eavesdrop on everything a target did on their phone, according to new research released on Monday.

The research brings to light previously unknown vulnerabilities in some models of femtocells, devices that mobile network operators use to bring wireless service to low-coverage zones. The compact boxes, which are typically as small as a standard cable modem, can be deployed in hard-to-reach spots like the top of an apartment building or a home in the mountains. Femtocells are also referred to as "network extenders," and analysts project that as many as 50 million of them will be in use by 2014.

Your Credit Card Company and Bank are Threats to Your Information Security

Today, online hacktivist group Anonymous has launched Operation USA, which is targeting U.S. government and banking websites.  Ahead of the attack, the US Department of Homeland Security downplayed the planned operation.  According to reports: 

“OpUSA poses a limited threat of temporarily disrupting U.S. websites,” the homeland security bulletin states, saying the attackers will likely use commercial hacking tools in a variety of “nuisance-level” strikes, defacing websites or temporarily knocking them offline.

Once again, the Department of Homeland Security appears to have proven themselves to be both ignorant and inept.  Hackers are already claiming to have leaked detailed credit card information on 10,000 individuals to the website pastebin.  The leak contains names, addresses, home phone numbers, social security numbers, credit card numbers, mother's maiden name, the answers to the card holder's so-called "security question" and so on.  Make sure your information is not in the leak, and if it is, take appropriate action.  This hack succinctly demonstrates how woefully inadequate the security protocols are at some of the world's largest banks and credit card companies.  The question we should be asking is not, why would a hacktivist group engage in such malicious behavior.  Your working assumption should be that hackers are ALWAYS attempting to access your personal and financial information.  The real question is why are these corporations that we trust with our personal and financial information so insecure?  

Over 50 Million User Accounts Compromised at LivingSocial

From All Things D:

LivingSocial, the daily deals site owned in part by Amazon, has suffered a massive cyber attack on its computer systems, which an email from CEO Tim O’Shaughnessy — just sent to employees and obtained by AllThingsD.com — said resulted in “unauthorized access to some customer data from our servers.”

The hack includes customer names, emails, birthdates and encrypted passwords.  The breach has impacted 50 million customers of the Washington, D.C.-based company, who will now be required to reset their passwords.

Who Will Protect the People from State-Sponsored Hackers?

In his State of the Union Address last night, President Obama emphasized the importance of protecting the country's computer networks from hackers "who steal people's identities and infiltrate private email."  But who will protect the people from US government agencies which are reading their emails, conducting illegal searches of their papers and effects, and engaging in warrantless wiretapping?  From the President's State of the Union Address:

America must also face the rapidly growing threat from cyber-attacks. We know hackers steal people’s identities and infiltrate private e-mail. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.

That’s why, earlier today, I signed a new executive order that will strengthen our cyber defenses by increasing information sharing, and developing standards to protect our national security, our jobs, and our privacy. Now, Congress must act as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks.