• Tag Archives Computer Hackers
  • FBI Bust Computer Hackers Spying and Stealing your information while online

    Computer hacker forums lit up last week as Federal Bureau of Investigation agents and police in 17 countries began knocking on doors, seizing computers and making arrests.

    On the popular websites where cyber criminals buy and sell software kits and help each other solve problems, hackers issued warnings about police visits to their homes.

    The hackers quickly guessed that a major crackdown was underway on users of the malicious software known as Blackshades.

    The FBI and prosecutors in the Manhattan U.S. attorney’s office announced the results of that probe on Monday: More than 90 arrests worldwide.

    The malware sells for as little as $40. It can be used to hijack computers remotely and turn on computer webcams, access hard drives and capture keystrokes to steal passwords — without victims ever knowing it.

    Related: Beware, your computer may be watching you

    Criminals have used Blackshades to commit everything from extortion to bank fraud, the FBI said.

    Last week, watching it all play out were about two dozen FBI cybercrime investigators holed up in the New York FBI’s special operations center, high above lower Manhattan.

    Rows of computer screens flickered with updates from police in Germany, Denmark, Canada, the Netherlands and elsewhere. Investigators followed along in real time as hundreds of search warrants were executed and suspects were interviewed.

    The sweep, capping a two-year operation, is one of the largest global cybercrime crackdowns ever. It was coordinated so suspects didn’t have time to destroy evidence. Among those arrested, in Moldova, was a Swedish hacker who was a co-creator of Blackshades.

    “The charges unsealed today should put cyber criminals around the world on notice,” said Leo Taddeo, chief of the FBI’s cybercrime investigations in New York. “If you think you can hide behind your computer screen — think again. ”

    hackersOfficials say Blackshades was used to illegally access the computers of 700,000 victims around the world, as shown in this FBI heatmap.

    700,000 victims around the world: Inside the FBI special operations center, six large computer monitors displayed key parts of the probe. Agents kept an eye on one screen showing a popular website where Blackshades was sold. The site was taken down by the FBI.

    Another monitor showed a heatmap of the world displaying the locations of the 700,000 estimated victims, whose computers have been hijacked by criminals using the Blackshades software. Splotches of green on the map indicated concentrations of infected computers in highly populated parts of the U.S., Europe, Asia and Australia.

    The FBI said that in just a few years Blackshades has become one of the world’s most popular remote-administration tools, or RATs, used for cybercrime.

    Taddeo said the unprecedented coordination with so many police agencies came about because of concern about the fast growth of cybercrime businesses.

    “These cyber criminals have paid employees, they have feedback from customers — other cyber criminals — to continually update and improve their product,” Taddeo said recently. While he spoke, agents took calls from counterparts working the case in more than 40 U.S. cities.

    Blackshades had grown rapidly because it was marketed as off-the-shelf, easy to use software, much like legitimate consumer tax-preparation software.

    “It’s very sophisticated software in that it is not very easy to detect,” Taddeo said. “It can be installed by somebody with very little skills.”

     

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

     


  • Hackers behind TARGET data breach are looking for crackers to decrypt Credit card PINs

    I think you haven’t forgotten the massive data breach occurred at TARGET, the third-largest U.S. Retailer during last Christmas Holidays. People shop during Black Friday sales in which over 40 million Credit & Debit cards were stolen, used to pay for purchases at its 1500 stores nationwide in the U.S.

    TARGET officially confirmed that the encrypted PINs (personal identification numbers) of payment cards were stolen in the breach, since the stolen pin data were in encrypted form so they were confident that the information was “Safe and Secure”, because PIN cannot be decrypted without the right key.

    The Breach was caused by a malware attack, that allowed the criminals to manipulate Point of Sale (PoS) systems without raising red flags and the card numbers compromised in the breach are now flooding underground forums for sale.

    Possibly a group of Eastern European cyber criminals who specializes in attacks on merchants and Point-of-Sale terminals either attached a physical device to the PoS system to collect card data or they infected the PoS system with malware which sniffed the card data as it passes through a PoS system.

    However, the hackers have all 40 Million payment card details, but the PINs are encrypted with Triple-DES (Data Encryption Standard), which is a highly secure encryption standard used broadly throughout the U.S.

    Recently, The Cyber Intelligence firm IntelCrawler noticed that a group of individuals are discussing in underground hacking forums, attempting to decrypt a 50GB dump of Triple DES (3DES) encrypted PIN numbers believed that it belongs to TARGET breach. They asked for a ‘pro hacker’ to decrypt the information at a fee of $10 per line.

    IntelCrawler also claims that cracking the Triple-DES may be a slow process, but not impossible and vulnerable to brute-force attack using cracking tools i.e. John the Ripper.

    Security researcher, Robert Graham writes a blog post, suggested that hackers can get PINs without decrypting them, because two identical PINs decrypt to the same value.

    For example, let’s say that the hacker shopped at Target before stealing the database. The hacker’s own debit card information will be in the system. Let’s say the hacker’s PIN was 8473. Let’s say that these encrypts to 98hasdHOUa. The hacker now knows that everyone with the encrypted PIN of “98hasdHOUa” has the same pin number as him/her, or “8473”. Since there is only 10,000 combination of PIN numbers, the hacker has now cracked 1000 PIN numbers out of 10 million debit cards stolen. He recommended that TARGET should at least salt the encryption, to make it more difficult for crackers.

    ONLINE COMPUTER REPAIR SERVICES AND NEWS AT

    www.ccrepairservices.com