Archive for 2014

Google Unveils BoringSSL, Another Flavor of OpenSSL.

 
 
The open source encryption protocol, OpenSSL, which is used by several social networks, search engines, banks and other websites to enable secure connections while transmitting data, came to everybody's attention following the Heartbleed vulnerability, a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server’s memory, potentially revealing users data, that the server did not intend to reveal.
Now, the biggest Internet giant Google is launching a new fork of OpenSSL, which they dubbed as BoringSSL, developed by its own independent work with the code.
"We have used a number of patches on top of OpenSSL for many years," Adam Langley, a cryptography engineer and Google employee, wrote in a blog post introducing BoringSSL. "Some of them have been accepted into the main OpenSSL repository, but many of them don't mesh with OpenSSL's guarantee of API and ABI stability and many of them are a little too experimental."
So, from now on, the websites have three choices from three separate versions of OpenSSL to implement the secure socket layer and transport layer security protocols in order to enable secure connections while transmitting data.
Till now, Google makes use of its modified version of OpenSSL in its different products such as Chrome, Android, and various other things, that has been substantially rewritten and audited for potential security vulnerabilities.

But, now in an effort to integrate its code into a single and consistent library and to handle its massive amount of in-house patches, Google is releasing BoringSSL that can be easily distributed across many of its independent projects.
"But we’ll also be more able to import changes from LibreSSL and they are welcome to take changes from us," said Langley. "We have already relicensed some of our prior contributions to OpenSSL under an ISC license at their request and completely new code that we write will also be so licensed."
A few weeks after the terror of Heartbleed bug, the developers of OpenBSD operating system took initiative and announced LibreSSL under its new project Theo de Raadt. The OpenBSD project aims to provide a more trustworthy platform.
Along with its own fork of OpenSSL, Google will continue to contribute the OpenBSD foundation and the Core Infrastructure Initiative, which is at least $100,000 a year for at least three years in funding to OpenSSL developers so that they can improve OpenSSL’s badly written code base.
According to the blog post, BoringSSL is developed in such a way that strips out a number of Application Programing Interfaces (APIs) and Application Binary Interfaces (ABIs), and will change a much of its current code so that it's more readable and easier to maintain.
"There are no guarantees of API or ABI stability with this code: we are not aiming to replace OpenSSL as an open-source project," he wrote. "We will still be sending them bug fixes when we find them and we will be importing changes from upstream. Also, we will still be funding the Core Infrastructure Initiative and the OpenBSD Foundation."
This is really a good initiative taken by Google to build a strong community by putting up an enough of its initial efforts to get the ball rolling.
"We know you all want this tomorrow," the project's homepage states. "We are working as fast as we can but our primary focus is good software that we trust to run ourselves. We don't want to break your heart."
Wednesday, June 25, 2014
Posted by Unknown
0 Comments

BMC Vulnerability Exposes Admin Password of 32,000 Servers in Plaintext on the Internet.

 
 
A Flaw has been discovered in the motherboards manufactured by the server manufacturer Supermicro, has left more than 30,000 servers vulnerable to hackers that could allow them to remotely compromise the management interface of unpatched servers.
The vulnerability actually resides in the Baseboard Management Controller (BMC) in the WPCM450 line of chips incorporated into the motherboards. Security Researcher at CARInet Security Incident Response Team, discovered that Baseboard Management Controller (BMC) of Supermicro motherboards contain a binary file that stores remote login passwords in clear text and the file is available for download simply by connecting to the specific port, 49152.
Baseboard Management Controller (BMC) is the central part of the microcontroller that resides on server motherboard or in the chassis of a blade server or telecom platform. The BMC links to a main processor and other onboard elements via a simple serial bus.

Baseboard management controllers are part of the Intelligent Platform Management Interface (IPMI) protocol, which defines communication protocols and a server administrator can access the BMC by using an IPMI-compliant management application loaded on a computer or via a web interface via port 49152.
In order to compromise vulnerable servers, an attacker can perform Internet scanning on port 49152 to identify exploitable servers and can download remote login passwords which is stored in a binary file location “GET /PSBlock” of the motherboard in clear plain text.
When recently an Internet scan is performed on the Shodan, a specialized search engine for finding embedded systems, approximately 31,964 machines were found still vulnerable, a count that doesn't include the vulnerable systems installed on virtual environment used in shared hosting services.
"This means at the point of this writing, there are 31,964 systems that have their passwords available on the open market," wrote Zachary Wikholm, a senior security engineer with the CARInet Security Incident Response Team.
An analysis of the passwords available for download also indicates that thousands of the passwords are really easily guessable or the default ones.
"It gets a bit scarier when you review some of the password statistics. Out of those passwords, 3,296 are the default combination. Since I'm not comfortable providing too much password information, I will just say that there exists a subset of this data that either contains or just was 'password.'"
He also found that lot of systems are running older versions of the Linux kernel. According to Shodan search, approximately 23,380 of the total hosts are running the 2.4.31.x kernel, another 112,883 are running the 2.4.30.x kernel, and 710,046 systems are running the 2.4.19.x kernel.
The vulnerable 84 firmwares are listed here and server administrators are advised to apply available patches from vendors. In order to apply patches, you need to flash the device with new firmware update. For quick and temporary fix, administrators can disable all universal plug and play processes and their related children processes using secure shell connection to a vulnerable devices.
Posted by Unknown
0 Comments

The Cyber Attack On 'Code Spaces' Puts Hosting Service Out of Business

 
 
Code Spaces, a code-hosting and software collaboration platform used by different organizations for project management and development needs, was forced to shut down operations after an attacker compromised its internal system and deleted its customer’s data and backups as well.
This is really a nightmare for the code-hosting company based in Coventry, UK that claimed to offer "Rock Solid, Secure and Affordable Svn Hosting, Git Hosting and Project Management." Codespaces.com homepage shows a lengthy explanation on the attack and an apology from its customer.
Code Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility,” read the note. “As such at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us.
The devastating security breach began with a Distributed Denial of Service (DDoS) attack over a period of 12 hours on 17 June followed by an attempt to extort money from the company.

The attacker also had gained unauthorized access to the control panel for the company's Amazon Web Service account (AWS) Elastic Compute Cloud (EC2) console and left extortion demands for the company officials along with a Hotmail address they were supposed to use to contact the attackers.
"Reaching out to the [email] address started a chain of events that revolved around the person trying to extort a large fee in order to resolve the DDoS," the company said on its homepage.
Upon realization that somebody had access to our control panel, we started to investigate how access had been gained and what access that person had to the data in our systems,” Code Spaces said. “It became clear that so far no machine access had been achieved due to the intruder not having our private keys.
The company changed its EC2 passwords, but when the system admins attempted to regain control of the system, and once recovery attempts were noticed, the hackers started deleting all the company's data, backups, machine configurations and off-site backups from the panel, leaving the company’s website unable to operate.
We finally managed to get our panel access back, but not before he had removed all EBS snapshots, S3 buckets, all AMI’s, some EBS instances and several machine instances,” Code Spaces said. “In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted.
The code-hosting website said it is now working to recover whatever data may be left so that customers can regain access to their files and migrate the remaining data to other services. All Git repositories and some svn nodes are available for export, although their backups and snapshots have been completely deleted.
Most of Code Spaces' Apache Subversion repositories and all Elastic Block Store (EBS) hosted database files and all virtual machines have also been erased, along with their backups and snapshots.
"Backing up data is one thing, but it is meaningless without a recovery plan, not only that [but also] a recovery plan—and one that is well-practiced and proven to work time and time again," the cache stated. "Code Spaces has a full recovery plan that has been proven to work and is, in fact, practiced."
After Ransomware such as CryptoLocker and CryptoWall, DDoS attacks have now become new trend for cybercriminals to extort a large amount by targeting various big and reputed companies. 
Few days back, the popular RSS feed, Feedly and the note-taking and archiving site, Evernote also faced the same kind of attack and were briefly forced by the hackers to pay a ransom and luckily both the companies soon recovered from the attack. But, Code Spaces wasn’t so lucky. This is really a scarier incident in company’s life.
Posted by Unknown
0 Comments

DDoS Attack Hit Hong Kong Democracy Voting Website.

 
 
Hackers and cyber attacks are getting evil and worst nightmare for companies day-by-day. Just last week a group of hackers ruined the code-hosting and software collaboration platform, ‘Code Spaces’ by destroying their Amazon cloud server, complete data and its backup files too.

Recently, the largest ever and most severe Distributed Denial of Service (DDoS) attacks in the history of the Internet has been recorded that hit the online democracy poll promoting opinion on the upcoming Hong Kong elections.

PopVote, an online mock election operated by The University of Hong Kong’s Public Opinion Program, by Saturday recorded more than half a million votes in less than 30 hours in the unofficial referendum that provided permanent residents of Hong Kong to choose their preferred political representatives, that is suppose to be continued until June 29.

However, the Chief Executive is officially chosen by a 1,200-member Election Committee under the current political system and drawn largely from pro-Beijing and business camps.

On the first day of voting, China’s State Council denounced the voting as “illegal and invalid.” Hong Kong’s chief executive, Leung Chun-ying, said all the proposals on the ballot are not complied with Hong Kong’s Basic Law, the territory’s de facto constitution.

On Friday, Matthew Prince, the CEO and co-founder of San Francisco based CloudFlare, the web performance company maintaining the voting website, said that the DDoS attack on the Occupy Central’s voting platform was “one of the largest and most persistent” ever.

According to Prince, the cybercriminals appeared to be using a network of compromised computers around the world to effectively disable the service of the voting website with an overwhelming amount of traffic. In such cases of attacks, the computer users who are exploited are usually unaware that their systems have been compromised.

Prince also wrote on Twitter: “Battling 300Gbps+ attack right now,” on the first day that the vote began. Three hundred gigabits per second is an enormous amount of data to take down any huge servers.

Also a DDoS attack last year on Spamhaus, a non-profit organisation that aims to help email providers filter out spams and other unwanted contents, is largely considered to be the biggest DDoS attack in the history, which the Cloudflare said the attack “almost broke the Internet.”
Posted by Unknown
0 Comments

RFID Tracking and Remote Controlled 'Kill Switch' for Laptops.

 
Kill Switch - the ability to render devices non-operational to prevent theft - has become a hot topic nowadays. The ability to remotely destroy data of the device lost or stolen has been available for quite some time now, but Kill switch not only remotely destroy the devices’ data but also the device itself, making it useless for the thieves.
Just last week, Google and Microsoft signed an agreement with the New York Attorney General to add "kill switches" to the upcoming versions of Android and Windows Phone devices, as a part of the "Secure our Smartphones" initiative.
But now, the largest chip manufacturer, Intel will soon going to provide Kill Switches for your laptops as well. The company has been working on a project called Wireless Credential Exchange (WCE) with several partners in an effort to bring Kill switch to other mobile devices, including laptops.

The project uses RFID technology to provision, track and monitor devices such as laptops, hospital equipment and other devices, including a Kill Switch option for the lost or stolen devices.
You all might have heard about the RFID technology, which has been available for more than fifty years. RFID, stands for Radio-frequency identification, is the wireless non-contact use of Radio-Frequency electromagnetic fields to transfer signals, for the purposes of automatically identifying and tracking tags attached to objects.
The Wireless Credential Exchange (WCE) uses the Monza RFID chips developed by Impinj, industry-standard RFID readers created by Technology Solutions UK and a cloud-based data repository and dashboard created by Burnside Digital called IPTrak software.
The IPTrak software that ties all components together, allows Intel SoC to read and write data such as unique IDs, error logs, permissions, and device configuration to the Monza chip, even if the system is powered off.
Devices can be scanned using a RFID reader and data from the IPTrak software stored in a cloud-based database and accessed via IPTrak mobile device apps for Windows, iOS, or Android applications using Bluetooth technology.
For example, It has ability to disable a device prior to shipping and then only reactivating the device once it reaches its final destination. This would render a device useless if it were lost or stolen during shipment.
In addition to this, devices returned to a factory or repair center could be scanned, error logs read, and the device routed to the appropriate technicians without even opening the box.
Two years back, Intel added ‘Kill Switch’ to its Sandy Bridge processors naming them Anti-Theft 3.0, using which the processor can be disabled even if the computer has no Internet connection or isn't even turned on, over a 3G network, so that if computer is lost or stolen, it can be shut down remotely.
Posted by Unknown
0 Comments

DNS Flood DDos Attack with 90 million Requests per Second Hit Video Gamming Industry

 
 
Hackers are leveraging large number of compromised machines (a botnet network) to carry out massive DNS Flood DDoS attack against a large Video Gaming Industry website, peaking above 110 Gbps.
A US based security solutions provider Incapsula, is protecting a famous Video Gaming website from this high bandwidth DDoS attack from last 48 Hours and according to them, the attack is still continuing. Incapsula has not yet disclosed the name of the video gaming company.
“The attack is still going on - that over 48 hours by now, from what I see it ain't gonna stop anytime soon,” Incapsula spokesperson wrote in an e-mail to The Hacker News.
DDoS AT 90 MILLION PACKETS/SECOND
The researchers at the security firm noticed a surge of massive DNS Flood DDoS attack on one of its clients, peaking at approximately 90 Mpps (Million Packets Per Second), which is really a very very big number. Majority number of attacking IP addresses belong to China and India. “Good reason to think many are spoofed.” Incapsula told THN.
The hackers used a more evil DDoS practice, the DNS flood attack, which is completely different and more responsive from the previously most commonly used DNS amplification attack, both in their methods of execution and in the type of grief they aim to deliver.

On one side, where DNS amplification attack is an asymmetrical DDoS attack, in which an attacker set the source address to that of the targeted victim by using spoofed Internet Protocol (IP) of the target, which means the target receives the replies from all the DNS servers that are used, making it the recipient of much larger DNS responses.
DNS FLOOD WITHOUT AMPLIFICATION
On the other side, DNS floods attacks are symmetrical DDoS attacks that works by sending thousands of rapid valid DNS requests to the targeted server, thereby giving the server more traffic than it can handle resulting in slower and slower response times for legitimate requests.
DNS servers provide the roadmap to the Internet, and help clients find the servers they are looking for, but a DNS floods attempt to exhaust server-side assets (for e.g., memory or CPU) with the large number of UDP requests generated by the malicious scripts running on several compromised botnet machines. The packets sends per seconds are even larger in this case compare to DNS amplification attack.
Currently researchers at the DDoS protection service are mitigating with this attack with just one of their servers, that can process upto 170Gbps/100Mpps worth of traffic at an inline rate.
Until now, we have seen 50-60Gbps DNS Flood DDoS attack without amplification, but reaching above 110Gbps seems that hackers are making their comeback in really a very big way.
As we all have seen that DDoS trend is changing and to perform massive DDoS attacks, hacker are using every tantrum by leveraging the weakness of system applications to compromise them in order to boost the size of their botnet network.
Posted by Unknown
0 Comments

Cisco Open Sources Experimental Small Domain Block Cipher


In cryptography, Block ciphers such as AES or DES are a symmetric key cipher operating on fixed-length groups of bits, called blocks, and typically operate on large input data blocks i.e. 64 or more than 128, 256 bits. Block cipher encrypts Plain-text to Cipher-text by applying cryptographic key and algorithm to a block of data at once as a group rather than to one bit at a time, so that identical blocks of text do not get encrypted the same way. However, some applications need smaller blocks, and possibly non-binary blocks. So, to fulfil this need Cisco is providing a small block cipher, what it calls “FNR” (Flexible Naor and Reingold), but currently it is an experimental block cipher rather a production software. Sashank Dara, software engineer at the security technology group Cisco, says in a detailed explanation that FNR is a flexible length small domain block cipher for encrypting objects that works without the need for padding, as happens in the traditional block ciphers such as AES (Advanced Encryption Standard) and DES (Data Encryption Standard). “But one of the issues is the need for padding—so if you need to encrypt small amounts of data you may end with a huge difference in input vs. output size. As an example, using AES/128 on ECB mode to encrypt an IPv4 address results in an input size of 32 bits, but an output size of 128 bits. This may not be desired for some applications.” Sashank Dara said. FEATURES OF FNR Format-preserving encryption (FPE) - the length of plaintext and ciphertext remains same. FNR is flexible for large input domains that are greater than 32 bits and less than 128 bits. The encryption key length is not dependent on the input length and rather depends on underlying pseudo-random function (PRF). I have taken an example from Wikipedia to explain the importance of Format-preserving encryption (FPE): Suppose we want to encrypt a 16-digit credit card number 1234567812345670 using AES algorithm like ECB or CBC that will transform a credit card number into a large, fixed-length, binary value i.e. hexadecimal output value - 0x96a45cbcf9c2a9425cde9e274948cb67, which contains many bytes that are considered invalid when compared to a typical credit card number. If a credit card number is stored in a column of a database whose entries are char or varchar data, then the encrypted data cannot be stored in same column without changing the format of the column. If the encrypted data is Base64 encoded to ensure that it only contains valid characters, the size of the encrypted credit card number increases from 16 bytes to 24 bytes, changing the encrypted credit card number to lqRcvPnCqUJc3p4nSUjLZw==. In either case, applications that process the credit number may similarly be unable to handle an encrypted value without some modification.

SMALL-BLOCK ENCRYPTION SECURITY? Small domain block ciphers are useful tool in designing privacy of sensitive data fields of smaller length, but smaller blocks leads to important security issues and building a secure small block cipher is known to be a tricky task. According to Cisco, FNR is an experimental small domain block cipher for encrypting objects like IPv4, Port numbers, MAC Addresses, IPv6 address and any random short strings and numbers, while preserving their input length. “Like all deterministic encryption methods, this does not provide semantic security, but determinism is needed in situations where anonymizing telemetry and log data (especially in cloud based network monitoring scenarios) is necessary,” Cisco warned.
Thursday, June 12, 2014
Posted by Unknown
0 Comments

Here’s How A Hacker successfully made a tool to hack New Facebook Accounts in just 15 Minutes

Home / Facebook / Here’s How A Hacker successfully made a tool to hack New Facebook Accounts in just 15 Minutes

Here’s How A Hacker successfully made a tool to hack New Facebook Accounts in just 15 Minutes

Facebook hacker
Source: hak-it
Many Hackers able to find bugs inside Facebook that could allow them to hack a Facebook account, and again in the hacking world, one of the Indian hacker able to make a facebook hacking tool that was able tohack any newly created Facebook accounts.
Hacker named “Abhibandu” demonstrated on his personal blog ‘How i hacked your unverified Facebook accounts.’

What is the process?

For a new account you have to signup over there and Facebook sends a verification code on to your email account and Abhibandu made a handsome code to easily crack that code in just 15 minutes.
Abhibandu’s Python Script that could hack a newly created Facebook accounts:
#!/usr/bin/env python
def add_zeros(end,tot):
zeros=”
while (len(zeros)<(len(tot)-len(end))):
zeros=zeros+’0′
return zeros+end
verification_code=5
code=”
path=raw_input(” where do you want to store your dictionary file. eg. D:\derp\foo.txt “)
loop_range=verification_code-len(code)
nines=”
for i in range(0,loop_range):
nines=nines+’9′
nine=int(nines)
fob=open(path,’w’)
for i in range(0,nine+1):
j=str(i)
if len(j)<len(nines):
j=add_zeros(j,nines)
number=code+j+’\n’
fob.write(number)
fob.close()
print ‘Generated and Saved!’
This attack could takeover on those Facebook accounts that doesn’t verified their accounts, so the next question is—how can we find an account which is unverified?
Abhibandu was able to do so either by guessing with an email address until Facebook asked to confirm the account, or by searching for emails on Facebook to see if they were verified. Either way, it wasn’t too hard for Abhibandu.
At Last, Abhibandu reported the hack to Facebook and within eight hours, he got a response from the fb security team. In the meantime this loop hole has been fixed by Facebook and Abhibandu received a nice bounty payout for notifying Facebook.
Tuesday, June 3, 2014
Posted by Unknown
0 Comments

Cracking 16 Character Strong passwords



The Password serves to protect your financial transactions, your social networking sites, and a host of other nominally secure websites online. People often say, "don't use dictionary words as passwords. They are horribly unsecure", but what if hackers also managed to crack any 16 character password ?

Criminals or trespassers who want to crack into your digital figurative backyard will always find a way. A team of hackers has managed to crack more than 14,800 supposedly random passwords from a list of 16,449 converted into hashes using the MD5 cryptographic hashfunction.

The problem is the relatively weak method of encrypting passwords called hashing. Hashing takes each user's plain text password and runs it through a one-way mathematical function. This creates a unique string of numbers and letters called the hash.

The article reports that, using a commodity computer with a single AMD Radeon 7970 graphics card, it took him 20 hours to crack 14,734 of the hashes, a 90-percent success rate using Brute force method. Brute-force attacks is when a computer tries every possible combination of characters.
In December it was unveiled by Jeremi Gosney, the founder and CEO of Stricture Consulting Group, that   a 25-computer cluster can cracks passwords by making 350 billion guesses per second. It can try every possible word in less than six hours to get plain text passwords from lists of hashed passwords.

Using passwords that contained only numbers, 12 digits long, hackers managed to bruteforce such 312 passwords in 3 minutes.  Anyway password doesn't have to be a word at all. A whole phrase or sentence, a passphrase, offers more security. A correctly chosen passphrase is easy for you to remember but difficult for anyone else to guess.

Also the strongest password in the world isn't secure if you use it for every one of your secure sites. If one site is compromised and hackers are able to crack your password and you've reused it they could then gain access to your details on other websites.

The general public has no control over which hashing process websites use and therefore are at the mercy of an algorithm which they may know nothing about. If you are concerned about security, long passwords are the best defense.
Monday, June 2, 2014
Posted by Unknown
0 Comments

Short Password Reset code vulnerability to brute-force many websites

Yesterday we received a vulnerability report in web applications from some unknown Indian Hacker, who explained that how Hackers are hijacking Mobile recharge and Free SMS service related websites. 

He detailed the loophole in password reset process, that could allow attackers to brute force many high profile websites that are actually not protected by the image CAPTCHA verification system, during the password reset process.
The hacker used a Firefox Browser equipped with the Fireforce add-on, a very simple a Firefox extension designed to perform brute-force attacks on GET and POST forms.


The technique proposed by him targets the unsecure password reset process used by many websites, where the web application used to send a code to the user’s mobile or email for authenticity verification.

Around 40% websites adopts password reset code composed of numbers and of some fixed length, typically having a length less than 5 digits.

This information could advantage attackers in the password cracking process, the first thing to do is to request a password reset code and then try to attack the password reset code page with Fireforce add-on.

After a successfully hack it is possible to reset the password of the victim, the brute force attack is in reality not so complicated under the above conditions, an attacker has to test only some 1000-100000 passwords based on code length.

There is also another procedure that could improve the cracking process and make it faster. Typically a password reset code never starts with 0, this condition could be used by the attacker to refine the search. 

The attacker could edit the Fireforce script so that it starts the attack from 1***** testing at the end of cracking process the combinations having following format 0*****.

To edit the Fireforce script download the fireforce.xpi file as shown in the following picture:

Then open the Fireforce.xpi file using Winrar or any similar application searching for a file named “fireforce_generatePassword.js”, just modifying the string
“case "0-9" : char = "0123456789" to “case "0-9" :char = "1234567890";
It is possible to decide the sequence of tries for the brute force attack. Save the file to fireforce.xpi archive and Open the file with Firefox and install it.

At this point the attacker could hit any webpage he want that is not protected. Generally free Sms sites are vulnerable to this kind of attack because they send a string of numbers as their verification code to the user’s mobile.
Posted by Unknown
0 Comments

Fraudsters Physically Deploy Malicious Software to Hack ATMs

Criminals will not let any way to cheat an ATM machine out of its cash, as it’s one of the easiest way for them to get the hands on cash. ATM skimmers have now discovered a new and high-tech approach to target cash machines directly by inserting a physical notorious device into it instead.

According to the Chinese press, two Ukrainian men arrested in Macau for reportedly planting the malicious software program in the seven Macau bank ATMs. This could came out as the quickest method to hack the cash machines.

HACKING ATM MACHINES
The two accused were arrested this week by the authorities in Macau, a Chinese territory approximately west of Hong Kong, but the two are from Ukraine and had successfully stolen almost $100,000 by corrupting more than seven ATMs with a computer virus.

According to the authorities, the men allegedly used a green object device (as shown in the image) to carry out the money fraud. They first connected the device to a laptop and then inserted it in the card slot on the ATMs. The device used by the criminals resembles a circuit strip wider as credit card but much longer than it. After inserting the device physically into the ATMs card slot, the criminals successfully installed the malware that has ability to fetch customer’s credit card information, including PINs.

Sources at the bank said once the device is inserted in the cash slot, it caused the malicious program running on the ATM machines to crash leaving the cash machine black. The machine would then restart, as soon as the device is removed. Now whosoever used the compromised ATM machine, became victim of the card fraud, as the hidden virus program started recording the cash card number, PINs and other information entered by customers.

CONVERTING COLLECTED INFORMATION INTO CASH
The suspects then returned to the ATMs after few days to gather the card information by using the same kind of green strips and then another special chip to destroy the evidence of the crime program. It is believed that the prisoner has accumulated at least 63 stolen card information.

The skimmers then used this cash card information to clone the cash cards. They primarily used to “write” the stolen data obtained from the magnetic stripe on the back of a card onto a new blank card to develop a cloned cash card and once a card has been cloned it is recognized by machines as the original card.

MALICIOUS USB ATTACK
Using physical device on Banks ATMs is not something new that the criminals have adopted. At the beginning of the year, a team of researchers at the Chaos Computing Congress in Hamburg, Germany has presented that how skimmers have been targeting cash machines directly using infected USB sticks.

BLUETOOTH ENABLED CREDIT CARD SKIMMERS
Also, in January this year, we reported about the Credit Card fraud in which the criminals stole users' banking information using Bluetooth enabled Credit Card Skimmers planted on the gas stations throughout the Southern United States. The skimming devices were internally installed in the gas station in such a way that it was undetectable to the people who paid at the pumps.

CLONING CHIP-N-PIN PAYMENT CARDS
After the largest data breach at the U.S. retailer Target, the payment card companies have become more serious in providing their users a secure credit and debit card. They also have launched Chip-n-PIN payment cards. But, Are they safe? Are they able to protect the financial information from payment card frauds?

Simply No! We have reported in our previous articles about two critical vulnerabilities the security researchers found in the Chip-n-PIN smart card payment system that makes EVM vulnerable to “pre-play” attack and the vulnerability could be exploited by the cybercriminals to clone the credit and debit cards in such a manner that even bank procedures won’t differentiate between the legitimate and fraud transactions.


Posted by Unknown
0 Comments

Google Adsense kicking publishers when they are near payout ?

First of All we would like to introduce Google Adsense Program, What it is and How it works?

About Google Adsense:

Google AdSense is a program run by Google that allows publishers in the Google Network of content sites to serve automatic text, image, video, or interactive media advertisements, that are targeted to site content and audience.


How it Works
These advertisements are administered, sorted, and maintained by Google, and they can generate revenue on either a per-click or per-impression basis. Google beta-tested a cost-per-action service, but discontinuedit in October 2008 in favor of a DoubleClick offering (also owned by Google).

Founded:

Adsense founded in June, 18, 2003.  In Q1 2011, Google earned US $2.43 billion ($9.71 billion annualized), or 28% of total revenue, through Google AdSense.

HERE ARE THE FACTS, WHY YOU SHOULD DISTRUST GOOGLE ON ADSENSE BAN?

From here it is really interesting, so read carefully:

April 29th,2014:

The date, when a former Google employee revealed some internal leaks and tactics used in Google Adsenseto give profit the company itself, and you will be shocked after hearing the method they using.
I took part in what I (and many others) would consider theft of money from the publishers by Google, and from direct orders of management. There were many AdSense employees involved, and it spanned many years, and I hear it still is happening today except on a much wider scale, The Former Google Employee writes on pastebin statement.
Really, it is too horrible for us to trust upon any of the Google’s Policies, because they are breaking them by their own hands, on further reading the statement i met with some more dark truths , and i (Praveen Kashyap) really not even blinked my eyes upon reading the statement, because it was revealing the thing that i have never seen before in such a Big and Popular Internet Giant.
Here are some points to tell you in small words, what is inside the documents posted by Former Google Employee to pastebin:
  • Google breaks its own policies for their own profit.
  • Google breaking the Laws and Policies from 2009.
  • Google’s First BIG BAN batch happened in March of 2009.
  • Employees were told to Ban Accounts, which are near to payout (as-usual this is because Google wants to earn more from Publishers,— “This way the advertiser too couldn’t claim that Google did not delivered their ads and ask for money back. So in a sense, we had thousands upon thousands of publishers deliver ads we knew they were never going to get paid for, writes Former Google Employee.”)
  • If any publisher had accumulated earnings exceeding $5000 and was near a payout or in the process of a payout>>Disable the account and reverse the earnings back.
  • From 2009 to 2012 there were many more big batches of bans.
  • The biggest of all the banning sessions occurred in April of 2012.(Fast and Furious)
  • Several publishers launched legal actions against Google, which were setteled>>To get rid of this Adsense changed its policies on based of (Lets Flip a Coin.  Head: Account Banned!  | Tail: Account Banned! …)
  • For every Disable account Google provides a chance to Reinstate through filling an appeal form, but in 2012 Google wanted to earn more, so they deleted lots of appeals mail without opening.
  • New Policy Launched in 2012 which was officially called AdSense Quality Control Color Codes (commonly called AQ3C by employees). What it basically was a categorization of publisher accounts. Those publisher’s that could do the most damage by having their account banned were placed in a VIP group that was to be left alone. The rest of the publishers would be placed into other groupings accordingly,”shelter the possible problem makers, and fu*k the rest.”
  • Open your Enemy’s website click on the adsense for whole day (Click-Bombing,) to make the accountBAN<<This techinque is being used by Malicious person, and innocent publishers loosing their adsense account through this>>Google knows it, but nothing was done to rectify the issue and probably never will be.(We could be a victim of this, we described at the Last of the report, what google did with us.)
  • At Last the Former also writes, what is the BIG FEAR of Google, which is unity of those Adsense Publishers>> BANNED from Adsense and launch a class-action lawsuit.
April 30th,2014
The next day of the Adsense Leak, Now again, a statement on pastebin came out from the Adsense Leaker, in which he answered many of the questions, which were being asked through the Internet Media and in your mind too, below are some points that reflects>> Adsense Leak is real (We added questions by our own, to make you clear what employee wants to say:)
Q. Why you want to remain Anonymous?
A.  I want to make myself perfectly clear, my employment documents (such as the NDA’s and non-competes) have very strict wording when it comes to releasing internal information in regards to processes and privy information. Google is not just some little company with little means of repercussion. They have gone after other internal leakers and were successful in damaging and ruining their lives on multiple levels. I do not want to be the next one.
Q. What is your next Target?
A.  I had planned and carefully thought out every word and every way I had said it. Everything was planned. The timing. The wording. Everything. It is not by accident, nor are there any accidental omissions.
Q. What is the Proof of the Leak?
A.  I have communications. I have documents, I have files, I have lists, and I have names. I have all of it. Like I said from the beginning, I have carefully waited and carefully planned everything out. I do everything with reason and purpose. I have to be exceptionally careful in every way.
Q. When the proofs are going to be public? 
If several months go by and no class action lawsuit manifests against Google, then I will have to selectively release a few key pieces of evidence to the public at large.
Through the above reports, it is now clear, that The Former Google Employee has the required documents to prove Adsense Dark Truths, and now the employee only waiting for the Justice, if nothing happen to Google, as it said above, The documents will be released in the Public.
MAJOR VICTIMS OF ADSENSE FRAUD:
We are also affected with the Adsense Fraud, but before 2 more cases left, which we know in the meantime, and we also aware that thousands or more are left, because they are not able to express their feelings, but don’t worry>> If you are affected Adsense Publisher and Google disabled your adsense account just before some days of Payment, JOIN US NOW (SEE BOTTOM OF THE REPORT.)
1. ADWORDS CASE but similar to ADSENSE:
Last month, the Competition Commission of India (CCI) had initiated a probe against Google to investigate claim made by Delhi-based Vishal Gupta who owns remote technology support service firms.
In this lawsuit payment of $310,000 was made to Google by Gupta for its AdWords programme. In opposition to the lawsuit, Google claimed Gupta’s ads violated its user safety policy and hence blocked his AdWords account. He also alleged that AdWords policies were not transparent and unclear. {Full Report}
2. ADSENSE disabled account before some days of PAYOUT:
A US-based company”Free Range Content” has filed a lawsuit against Google accusing the tech giant of engaging in fraud by canceling AdSense accounts just before they were due to pay out.
AdSense is a major advertiser partner network for Google that accounts for about a quarter of Google’s annual revenue.
According to CNET, the case was filed by Hagens Berman Sobol Shapiro on behalf of Free Range Content, the California-based owner of Repost.us
Google’s actions constitute breach of contract, breach of the implied covenant of good faith and fair dealing, unjust enrichment, and violation of the California Unfair Competition Law, the report added.
The filing with the US District Court for the Northern District of California states that the lawsuit is trying to get class action status so that it can represent all US-based AdSense users whose accounts were disabled or terminated, the report added.
3. Our (Hackers News Bulletin) Adsense account banned just before four days of the preocessing date
The reason given by the Adsense is Invalid Activity, but as we are an adsense publisher for more than one year and aware of all the policies of Adsense, we never clicked on our own ads, and never said anyone to click on those, this could be a ‘CLICK BOMBING’ made by some Malicious users.
We also submitted our appeal through Filling a Form, in which they wanted some information by us, that could prove this is not made by you or if made by you, so HOW?
We replied their every question, but we think,, they are using a scrap and doing copy-paste with the Adsense users, as Google Former Employee writes>> Most of the appeal form being deleted without opening.
We got a reply:
reply
As above in the email, Google says “Our specialists have confirmed that we are unable to reinstate you Adsense account,” that’s okay, but who will answer those questions in our mind:
  1. If the earning made by us, so why WE are unable to see, the Money we earned will reach to the advertiser?
  2. They understand that we want more information, but they didn’t give us, why?
AND Finally, we lost our 50 Days Earning, which was approximate $2500+, we also needed an explanation or some reports from Google to prove any Invalid Activity, but they didn’t reply us back.
We know for Google and for some people $2500 is a small amount, but if you just think over it>> Google Ban 50 Accounts daily with $2500>>  50 x 2500= $125000. Now what,  is this a small amount? that is being made by Google through Disabling Innocent Publishers’ account.
Like The US-based company”Free Range Content” has filed a lawsuit against Google accusing the tech giant of engaging in fraud by cancelling AdSense accounts just before they were due to pay out, we are also going to do that, it’s a hard decision and we really have to take that>>to stay remain this Cyber News Portal LIVE.
Posted by Unknown
0 Comments
Ahmad Zuko. Powered by Blogger.

Translate

- Copyright © Technology for World -Metrominimalist- Powered by Blogger - Designed by Johanes Djogan -