31 March 2013

‘Police should look for the person who first uploaded actress MMS’

Mumbai: Experts feel that the city’s cyber police will find it difficult to track down the main accused who reportedly created the morphed MMS clip of actress Mona Singh and circulated it. Investigators should find out the person who first uploaded/circulated the MMS clip instead of trying to get the IP address of the computer used to upload the objectionable content, said cyber experts. 
    On Thursday night, Singh had lodged a complaint with the Versova police about the objectionable MMS clip that has gone viral

.........
But experts feel investigators should find out the person who first uploaded/circulated the MMS clip instead of trying to get the IP address 
    According to experts, the police should seek Singh’s help to trace the main source, the person and origin of the objectionable MMS clip 
    Victims of cyber crimes can approach the cyber crime cell at the police HQ, Crawford Market, or the cyber cell police station, BKC


22 March 2013

TeamSpy snooped on governments, big biz undetected for 10 years



Computer security researchers say they have uncovered a decade-long espionage campaign against governments, businesses and human-rights activists in Eastern Europe and beyond.

We're told the spying operation was partially pulled off by subverting TeamViewer - a legitimate tool for remotely controlling computers and holding meetings online. The snoopers installed the software on victims' Windows PCs and modified the code's behaviour with DLL hijacking to open a backdoor on the compromised machines. This successful tactic earned the campaign the nickname of TeamSpy and kept the hacking crew under the radar for years.
The researchers, who are based at the Laboratory of Cryptography and System Security (CrySyS Lab), said the spying team also used custom-built malware in days gone by.
......

"The campaigns are a mix of targeted attacks and conventional cyber-crime activities, for example, banking crime operations such as the Sheldor campaign."
CrySyS Lab reckoned the attacks are the work of a small and technically skilled team that has grown more sloppy over the years as complacency set in.

.....
TeamSpy's modus operandi is similar to the approach taken by the hackers behind the earlier Red October attack, although the two operations are not thought to be directly linked. The TeamSpy crew usually roped in victims using so-called waterhole attacks based on planting malicious code on websites frequently visited by people working at targeted organisations. That attack code was also injected into advertising networks that ran across the targeted regions.

A detailed technical analysis by Kaspersky Lab of TeamSpy can be found here [PDF]. ®

....


Click here to read more ....

SOUTH KOREA UNDER CYBER ATTACK



SEOUL – Three South Korean broadcasters and two banks were hit by a major cyber attack this afternoon, in an apparently successful attack that has rendered system-wide computer networks unusable since 1400KST (0100EST).
KBS, MBC and YTN were all hit by the attack, as were Shinhan and Nonghyup banks, South Korean news agency Yonhap reported. KBS staff member Luke Cleary tweeted a picture of his laptop screen, apparently showing a wiped operating system:

Although no evidence has thus-far been presented, a statement from the presidential office said they were investigating the possibility of North Korean involvement in the attack, and the military has upgraded its “info surveillance status” in response. Reuters, however, reported that a holding page from a hacking group know as the “Whois Team” appeared on an LG-owned website (see below video).
“The circumstantial evidence points towards North Korea, but that’s also the perfect cover for someone wanting to attack South Korea and cause mischief,” North Korea Tech blogger Martyn Williams told NK NEWS.
.......


Click here to read more ....


Other Links of same story :

http://english.yonhapnews.co.kr/

http://www.northkoreatech.org/

http://www.scmagazine.com

http://www.symantec.com

15 March 2013

UP police to set up crime cells in districts


In an effort to ensure speedy investigation of complicated criminal cases, the Uttar Pradesh police has decided to set up cells of its crime branch at the district-level on the lines of Delhi and Maharashtra.


"The government order (GO) for setting up of these cells has already been issued", ADG law and order, Arun Kumar told reporters here.

...
From now on, special operation groups (SOGs) have been scrapped in the districts while the special investigating teams have been merged with crime cells, the ADG said.

"Special weapon and tactics teams will also work under the crime cells", Kumar said, adding that he has discusses ways and means of better functioning of these cells with the district police chiefs.
...


Click here to read more ...... 

Britain and India to agree cyber crime joint taskforce


Britain and India are expected to agree to set up a joint task force to fight cyber crime, a move London hopes will help it safeguard the personal banking and mobile phone data of millions of Britons, much of which is stored on Indian servers.
....
It said India was set to have one of the biggest online populations by 2015 with an expected 300 million users - larger than the United States and up from the 137 million users already in India today.
......


Click here to read more ....

Cybercrime-as-a-Service – A Very Modern Business



By Vishak Raman on 7 March, 2013

Cybercrime business includes a complete range of deliverables, from attack tools and methods, consulting, services, advertising, and a myriad of programs that serve as the ‘product.’
Cybercrime business includes a complete range of deliverables, from attack tools and methods, consulting, services, advertising, and a myriad of programs that serve as the `product'. The more features or the more complex the service offered, the higher the price. A worrying new phrase has entered the lexicon of cybercrime - Crime-as-a-Service (CaaS). While the term is self-explanatory it more than adequately describes how cybercrime in the 21st Century has become commoditised. 
......
Just as with any other business, there are products and services available to be sold to customers. These include; Consulting services such as botnet setup ($350-$400); Infection/spreading services (~$100 per 1K installs); Botnets and Rentals - Distributed Denial of Service or DDoS ($535 for 5 hours per day for one week), email spam ($40 / 20K emails) and Web spam ($2/30 posts); Crimeware Upgrade Modules. SpyEye Modules as an example, range anywhere from $500 upwards to $10K. SpyEye is a prolific banking botnet that emerged in 2010 and can be upgraded to enable advanced features for money laundering.
.......


Click here to read more ....

Cyber crimes on the rise, but few pursue case to court

By, TNN | Mar 15, 2013, 01.16 AM IST

COIMBATORE: Though cyber crimes are on a steady rise in Coimbatore and the police cell dealing with it receives numerous complaints every week, a peculiar situation is emerging with petitioners refusing to proceed with the case after the person who sent the offensive data through email or mobile phone is identified and made to confess the crime.

"In most cases, the suspect is someone known to the petitioner and the petitioner is satisfied with an apology from the offender once we locate the criminal. Petitioners are preventing us from registering FIRs and ensuring a closure to the case by moving the court,'' says a senior police officer working with the Cyber Crime Cell.
....
The issues range from extra marital affairs to property disputes and clashes between family members,'' adds Ravichandran.
......
Though as many as 451 cases were reported in 2012, FIRs were registered in only 12 cases. In 2011, 1250 cases were reported but FIRs were filed only in 28 cases. In 2010, 508 cases were reported but FIRs were filed only in eight cases. In 2009, 93 cases were filed but FIRs were recorded in just three cases.
......

Click here to read more ......

Chinese hackers breach DRDO systems; steal cabinet committee on security files

Saikat Datta l @saikatd

New Delhi: A successful Chinese hacking attack has caused what is arguably the biggest security breach in India with systems of hundreds of key DRDO and other security officials being compromised and leading to the leak of sensitive files related to the cabinet committee on security (CCS), the highest decision-making body for security issues of the government of India. 
The other stolen files recovered so far belong to the governments of the United States, Russia, and South Korea.
....

As they continued to trace the breach, they discovered thousands of top secret CCS files, and other documents related to surface-to-air missile and radar programmes from DRDL, a DRDO laboratory based in Hyderabad, among many other establishments. 
Even the e-tickets of the scientists who had travelled to Delhi in February were found on the server. 
The intelligence officials also discovered documents of deals struck between DRDO and Bharat Dynamics Ltd, a defence PSU which manufactures strategic missiles and components. Some other recovered files were related to price negotiations with MBDA, a French missile manufacturing company.
But the shocking part was the extent of the hacking by the Chinese, believed to be officially sponsored. 
.......

Click here to read more ...... 

Doctors used silicone fingers to fool fingerprint scanner

The story broke when Globo TV managed to get its hands on a video that shows 29-year old doctor Thauane Nunes Ferreira first clocking in at work by pressing her own finger onto the device, then doing the same for two colleagues by using silicone fingers.

In the footage, she seems uncomfortable doing it, and collecting the slips of paper that proved that those persons checked in. After having been arrested, she admitted to doing it for a while now, but pointed out that she was coerced into doing it by Jorge Cury, the head of the emergency room

Click here to read more ......