Hackers from the group Anonymous have broadcast a private conference call between the FBI and Scotland Yard exposing details of an international cybercrime investigation, the FBI has confirmed.

The FBI and Scotland Yard admitted that the security of the call had been breached.

Investigators can be heard discussing their joint inquiry into a cybercrime investigation going through the British courts, and linked to investigations in New York, Baltimore, Los Angeles and Ireland.

It is understood the breach occurred at the US end of the call. As the news broke, Anonymous began taunting the FBI, asking if it was curious about how the group could keep reading the bureau's internal communications.

Investigators can be heard on the broadcast talking about named individuals who have been charged in the UK with hacking into the website of the Serious Organised Crime Agency (Soca).

In one lengthy exchange, the British contingent can be heard discussing a 15-year-old hacker as a "wannabe" and a "pain in the bum". The 15-minute call has been broadcast on the internet, but the names of some of the individuals being sought have been bleeped out by the hackers. ...

The names of several News of the World journalists who ordered a private detective to hack into mobile phones belonging to six public figures will not be publicly disclosed after Scotland Yard intervened to prevent their publication.

The names were passed to Steve Coogan on Friday by Glenn Mulcaire, the private investigator who worked for the paper, in compliance with a high court order the actor obtained earlier this year.

The names are critical to the phone-hacking investigation because they could show how far the practice was widespread at the paper, which was closed down by Rupert Murdoch last month, despite consistent denials from its owner News Group Newspapers. Coogan is one of several celebrities suing the paper for breach of privacy.

The high court order instructed Mulcaire to reveal who at the paper asked him to illegally intercept messages left on mobile belonging to former model Elle Macpherson, publicist Max Clifford and four others.

Mulcaire, who was employed exclusively by the News of the World, was also told to reveal who at the paper ordered him to target Liberal Democrat MP Simon Hughes, PFA chief executive Gordon Taylor, his colleague Jo Armstrong and football agent Sky Andrew.

He was refused leave to appeal against the order earlier this month and handed over the names on Friday, the deadline set by the high court for making the information available.

Law firm Schillings was contacted by Mulcaire's solicitor Sarah Webb of Payne Hicks Beach on Friday and asked not to make the names public. Webb said: "The issues of confidentiality are of concern to the Metropolitan police and we asked Coogan's solicitors not to disclose the information until the Met could consider the matter." ...

Fresh evidence has emerged of other voice messages allegedly hacked from the phone of murdered schoolgirl Milly Dowler's by the News of the World.

A report suggested that the former Sunday tabloid newspaper had details of more voicemails left on her mobile phone than originally thought.

The Wall Street Journal said it had obtained earlier print editions of the newspaper from 2002, which made reference to more messages on the missing teenager's phone.

It states that it undertook a review of the News International-owned newspaper and found that early versions on one day contained detailed quotes from three voicemails.

In the final edition, the article only contained one passing reference to a single voicemail.

On 14 April 2002, the News of the World published a story in its final edition about a woman allegedly pretending to be Milly who had applied for a job with a recruitment agency. It suggested that the hoaxer had given the agency Milly's real mobile number, which it used to contact her when a vacancy arose, leaving a message on her voicemail six days after she went missing.

The newspaper later informed the police about the voicemail that it is alleged to have intercepted.

However, the Wall Street Journal has now said that it has obtained earlier editions of the newspaper from the same day, which include an article that makes reference to two further messages left on the phone. ...

A police detective has been arrested on suspicion of leaking details about Scotland Yard's phone-hacking investigation.

The man has not been charged but he has been suspended by the Metropolitan police.

The Met also on Friday arrested a 35-year-old man, who Sky News named as former News of the World reporter Dan Evans, on suspicion of phone hacking. He has been released on police bail.

Evans was suspended by the paper more than a year ago after being named in a civil case against the now defunct tabloid's publisher, News International subsidiary News Group Newspapers, brought by interior designer Kelly Hoppen.

Sue Akers, the force's deputy assistant commissioner, who is leading the investigation into phone hacking at the News of the World, said: "I made very clear when I took on this investigation the need for operational and information security. It is hugely disappointing that this may not have been adhered to."

Akers added: "The MPS [Met] takes the unauthorised disclosure of information extremely seriously and has acted swiftly in making these arrests." ...

Glenn Mulcaire, the private investigator at the centre of the News of the World phone-hacking scandal, has been ordered by a court to reveal who instructed him to access the voicemails of model Elle Macpherson and five other public figures, including Simon Hughes, the Liberal Democrat deputy leader.

Mulcaire is due to reveal these details by the end of next week in a move that will throw further light on the scale of phone hacking at the now defunct News International tabloid.

The Guardian has learned that Mulcaire has lost an attempt to appeal against a court order obliging him to identify who instructed him to hack the phones, something he has resisted since February.

Mulcaire, who was jailed in 2007 after pleading guilty to hacking the phones of members of the royal household for the NoW, has been forced into making the disclosure after legal action by Steve Coogan. In February, the actor's lawyers argued in court that if it were proved that the paper had instructed Mulcaire to hack into the phones of the six public figures, it would show that phone hacking was taking place on an industrial scale.

Mulcaire must now name names in relation to Macpherson, Hughes and four others: Max Clifford; the football agent Sky Andrew; Jo Armstrong, a legal adviser to the Professional Footballers Association; and Gordon Taylor, the former head of the PFA. At his trial in 2006 Mulcaire also admitted hacking the phones of five of the six names in Coogan's court order. ...

Rupert Murdoch, James Murdoch and their former editor Andy Coulson all face embarrassing new allegations of dishonesty and cover-up after the publication of an explosive letter written by the News of the World's disgraced royal correspondent, Clive Goodman.

In the letter, which was written four years ago but published only on Tuesday, Goodman claims that phone hacking was "widely discussed" at editorial meetings at the paper until Coulson himself banned further references to it; that Coulson offered to let him keep his job if he agreed not to implicate the paper in hacking when he came to court; and that his own hacking was carried out with "the full knowledge and support" of other senior journalists, whom he named.

The claims are acutely troubling for the prime minister, David Cameron, who hired Coulson as his media adviser on the basis that he knew nothing about phone hacking. And they confront Rupert and James Murdoch with the humiliating prospect of being recalled to parliament to justify the evidence which they gave last month on the aftermath of Goodman's allegations. In a separate letter, one of the Murdochs' own law firms claim that parts of that evidence were variously "hard to credit", "self-serving" and "inaccurate and misleading".

Goodman's claims also raise serious questions about Rupert Murdoch's close friend and adviser, Les Hinton, who was sent a copy of the letter but failed to pass it to police and who then led a cast of senior Murdoch personnel in telling parliament that they believed Coulson knew nothing about the interception of the voicemail of public figures and that Goodman was the only journalist involved.

The letters from Goodman and from the London law firm Harbottle & Lewis are among a cache of paperwork published by the Commons culture, media and sport select committee. One committee member, the Labour MP Tom Watson, said Goodman's letter was "absolutely devastating". He said: "Clive Goodman's letter is the most significant piece of evidence that has been revealed so far. It completely removes News International's defence. This is one of the largest cover-ups I have seen in my lifetime."

Goodman's letter is dated 2 March 2007, soon after he was released from a four-month prison sentence. It is addressed to News International's director of human resources, Daniel Cloke, and registers his appeal against the decision of Hinton, the company's then chairman, to sack him for gross misconduct after he admitted intercepting the voicemail of three members of the royal household. Goodman lists five grounds for his appeal.

He argues that the decision is perverse because he acted "with the full knowledge and support" of named senior journalists and that payments for the private investigator who assisted him, Glenn Mulcaire, were arranged by another senior journalist. The names of the journalists have been redacted from the published letter at the request of Scotland Yard, who are investigating the affair. ...

The Liberal Democrat MP, Simon Hughes, is to sue News International over phone hacking at the News of the World, he confirmed on Thursday.

Hughes told the Evening Standard: "It is important now that all those who were clearly the subject of criminal activity help to get to the bottom of what happened during this dark period in British journalism."

Hughes's decision to take legal action against Rupert Murdoch's Sunday tabloid, which was closed last month, is significant because the private investigator employed by the paper has already been convicted of targeting his mobile phone.

Glenn Mulcaire pleaded guilty to hacking into Hughes's messages, along with those left on mobiles belonging to seven other people, in 2006.

That means Mulcaire will be unable to resist complying with any court order Hughes obtains that requires the former investigator to say who asked him to intercept Hughes's messages.

In other cases currently going through the civil courts, Mulcaire's legal team has successfully appealed against such orders by arguing that he would be incriminating himself if he were to comply with them by admitting his guilt.

Mulcaire will not be able to mount the same argument when Hughes takes legal action, against News International subsidiary News Group Newspapers, because he pleaded guilty to hacking his phone five years ago.

That could lead to more News of the World journalists being named. Three of the original eight victims named in the 2006 legal action have already sued the paper's owner. ...

... But damn it feels good to watch Murdoch get his comeuppance. I didn’t think he would live long enough. And it’s great to see both Murdoch and British politicians realise that no-one is too powerful to face justice. Can Joseph Ratzinger be next, please?

Every day adds more lulz. But the highlight for me was when the Murdoch-tainted Sky News tried to cover the hacking of Murdoch’s Sun website by the gentlemen from Lulz Security.
The sky is failing!

Clueless Sky Papers Pundit 1: Europe’s imploding and he’s still banging on about this.

Clueless Sky News Anchor: I hate to continue about hacking though, but the latest victim to be hacked apparently is the Sun newspaper. Its website has been targeted by Anonymous, which you might remember had links with WikiLeaks, umm…
The Sky is failing

Clueless Sky News Anchor: That was before and…

Clueless Sky News Anchor: That’s what happens when you log in to it now. The Luiz Boat, it says. So you… I don’t know if it’s still like that.

Clueless Sky Papers Pundit 1: Who’s the Louise Boat?

Clueless Sky News Anchor: That’s what it’s like now if you click on now. It’s been tampered with.

Clueless Sky Papers Pundit 2: Some ‘hacking thing‘…

Clueless Sky Papers Pundit 1: Who is Louise Boat?

Clueless Sky News Anchor: I don’t know who Luiz Boat is, but the group is called Anonymous and they hacked into various credit card companies.

Clueless Sky Papers Pundit 2: I mean it’s wrong. You shouldn’t go wrecking websites like that. It’s not funny; it’s not clever. He says! Wait till I’m done tomorrow for saying that. You know, and I hope the Sun get control of it back and get their own stuff up.

With Sky News’s fingers so resolutely far from the pulse of the news, what the hell are we watching? This is at best televised reading aloud, and at worst an ignorance competition. It’s an amazing day when one can say that Fox News understands teh Internets better than someone!...



Ta much, dear BrightKnight

Senior MPs want to question further one of News International's technology suppliers, after the firm responsible for overseeing its day-to-day emails revealed that hundreds of thousands of them had been deleted on a total of nine occasions from the newspaper publisher's server since May last year.

Lawyers acting for HCL, the firm contracted to oversee News International's email system, told the home affairs select committee that it was aware of "nothing which appeared abnormal, untoward or inconsistent with its contractual role" – but went onto to advise MPs to direct further questions to News International.

The law firm, Stuart Benson, acting for HCL, said: "It is entirely for News International, the police and your committee as to whether there was any other agenda or subtext when issues of deletion arose and that is a matter on which my client cannot comment and something you will no doubt wish to explore direct with News International."

Keith Vaz, chair of the committee, said he was most surprised by the deletions and added that the MPs would be seeking further details from HCL, the firm contracted to oversee the News International's 'live emails', typically those less than 15 days old. ...

Leading lawyers feel client information may have been intercepted after their names were found in Glenn Mulcaire's file

Owen Bowcott
Monday 25 July 2011

Now it's the turn of lawyers and the legal process to be sucked into the phone-hacking vortex. The Law Society has even suggested justice itself is under threat, implying messages could have been intercepted with the intention of influencing court cases.

Several prominent solicitors fear their mobile phones have been hacked. Some have been formally informed of the risk by police after detectives discovered their numbers among a private investigator's notes.

Graham Shear, of Berwin Leighton Paisner who has represented celebrities such as Robbie Williams and Jude Law, is one of those who has lodged a claim against the News of the World for damages over breach of privacy.

"In January this year I was contacted by senior officers in Operation Weeting [the Metropolitan police inquiry into phone hacking]," Shear said. "They told me that, contrary to what had been said previously, a number of my clients were referred to in documents from [Glenn] Mulcaire's file. My name was among them."

If messages had been intercepted, he said, it would have been a breach of confidential relationship with clients.

The media lawyer Mark Stephens expressed similar anxieties. "I asked [Scotland Yard] if I'd been hacked - they came back to me in 90 minutes and said yes," he told Channel 4 News. "It confirmed my worst suspicions, that I was in Mulcaire's notebook. There is nothing I can do about it, but the important thing is to ascertain which client [was the target] so I can advise them. My concern is for them, not myself." ...

A leading tabloid journalist has joined those suing the News of the World for allegedly hacking into voicemails, reviving claims that the Rupert Murdoch-owned paper has been spying on its rivals to steal their stories.

According to the high court registry, Fleet Street veteran Dennis Rice has issued proceedings against the NoW and its private investigator, Glenn Mulcaire. Rice, who is now freelance, was the investigations editor at the Mail on Sunday (MoS) when Mulcaire was at the peak of his activity between 2005 and 2006.

A source familiar with Mulcaire's activities claims that, acting on orders from an NoW editorial executive, he intercepted voicemail messages from Rice and half a dozen other journalists at the MoS. They say that among other targets, the paper was keen to steal stories that Rice was filing from Germany, where England were playing in the World Cup in the summer of 2006, generating tabloid interest in the players' wives and girlfriends.

The same source said that by hacking into voicemails, Mulcaire obtained a password which would have allowed him to access the MoS internal computer system, potentially disclosing all of its email traffic and every story awaiting publication.

Some journalists who have worked for the NoW claim they were also attempting to penetrate the security of the Sun, the Daily Mail, the Daily Mirror, the Sunday Mirror and the People.

If proved, the claim could break the alliance of silence which has seen most Fleet Street papers refuse to investigate the scandal. Rice's legal action is only the latest in a number of indications that the claim may be correct. ...

... Grant...described the closeness of successive governments to the Murdoch press as "repulsive" and claimed his films, such as Love Actually, did not rely on publicity in the tabloid press for their success.

"Only one actress spoke to a newspaper in publicising that film. The tabloid press is completely unnecessary in my industry," said Grant.

He added that a film's success was 97% down to a good film, 2% to publicity material such as a trailer and 1% publicity in the press. "Almost no one will talk to the tabloid press," he said.

"People who have a bit of success in life will do anything in the world to avoid talking to a tabloid newspaper."

Warming to his theme, Grant said: "So little do we need the tabloid press that if I won a big libel case against a tabloid I wouldn't [want money], I would want an assurance that they would never mention my name again.

"We don't need them. The sooner they go out of business the better. They rely almost entirely on stealing people's privacy. Those journalists might go back to proper journalism in six or 12 months. They might actually be grateful ... they might feel better about themselves."

He added: "Basically they have all gone down the easy route, especially in the digital age. They just steal someone's privacy and sell it for money." ...

Computer hackers have stolen the names and email addresses of millions of people in one of the largest internet security breaches in US history.

The names and email addresses of customers of Barclaycard US, Capital One and other large firms were taken in an attack on the marketing email provider Epsilon last week. British customers of Barclays Bank, which owns Barclaycard US, were not affected. A spokesman for Barclaycard US confirmed to the Guardian that it would continue to work with Epsilon despite the breach.

Other information, such as passwords or credit card details, are not thought to have been exposed. However, some banks have warned customers to expect fraudulent emails attempting to solicit further login details.

The UK Information Commissioner's Office (ICO), which investigates data breaches of this kind, said it was making inquiries into whether any Britons were among those affected.

Epsilon, which provides marketing services via email to about 2,500 companies, put a warning on its website on Friday stating that its systems had been "exposed by an unauthorised entry" into its email system. Epsilon said it would not be comment further on the breach when contacted by the Guardian. It is not yet known who perpetrated the attack, which US law enforcement agencies have begun investigating.

"The information that was obtained was limited to email addresses and/or customer names only," Epsilon said in its statement. "A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway." ...




I'm a Detroiter, so I assume it's an inside job.

David Cameron yesterday marked a break with the era of Andy Coulson by appointing a senior BBC TV news editor with no links to the Murdoch empire as the new No 10 communications director.

Craig Oliver, who made his name revamping the News at Ten and who ran the BBC's general election coverage last year, will be paid £140,000 a year and will act as a political special adviser.

The recruitment of a senior BBC figure shows that Cameron and George Osborne, who met Oliver over the weekend, recognise that they need to place some distance between Downing Street and Rupert Murdoch's News Corporation.

Coulson announced his resignation on 21 January after concluding that the swirl of allegations about illegal phone hacking from his time as News of the World editor had made his job impossible. Coulson has always denied knowledge of any wrongdoing.

Downing Street said that No 10's relations with News Corp had nothing to with the decision to hire a BBC executive. One source said: "Craig was simply the best candidate."

Fears of offending the Murdoch empire were highlighted yesterday when Tom Baldwin, Oliver's Labour counterpart, asked members of the shadow cabinet to show restraint on phone hacking and not to attack one newspaper group "out of spite".

In an email sent on his behalf, which was leaked to the New Statesman, Baldwin also called on shadow ministers not to link allegations of phone hacking with questions about News Corp's bid to take control of BSkyB.

The email said: "On phone hacking … this is not just an issue about News International. Almost every media organisation in the country may end up becoming embroiled in these allegations … We must guard against anything which appears to be attacking a particular newspaper group out of spite."

Further evidence that hacking was used regularly by the News of the World emerged yesterday when new details of the case brought by Nicola Philips, the publicist who is suing the newspaper, were published. Philips alleges the tabloid obtained a story about an affair between actor Ralph Fiennes and a Romanian singer by hacking into her mobile phone. ...

The five people arrested in the UK in connection with a spate of online attacks in support of WikiLeaks were today released on police bail, while in the US the FBI has issued search warrants as part of its investigation into online group Anonymous.

The FBI yesterday issued more than 40 search warrants across the US as part of its Anonymous probe, where the distributed denial of services (DDoS) attacks the group carried out on the websites of companies including MasterCard and Visa are punishable by up to 10 years in prison.

Last night Anonymous issued a statement branding the UK arrests "a serious declaration of war" against the group of internet "hacktivists".

Yesterday's arrests are the first in the Metropolitan police's central e-crime unit investigation in the UK. ...

Handmade cosmetics group Lush has admitted its website was hacked repeatedly by fraudsters over the past three months, putting thousands of customers at risk of having their card details stolen. But the company only informed customers last night.

Lush has taken down its website and replaced it with a statement: "We would like all customers that placed online orders with us between 4 Oct 2010 and 20 Jan 2011 to contact their banks for advice as their card details may have been compromised."

The beauty company warned: "24 hour security monitoring has shown us that we are still being targeted and there are continuing attempts to re-enter".

Customers will be unable to make purchases until a new site is launched "in a few days" accepting only PayPal payments, but orders are still being taken via its mail order telephone service, which the cosmetics group said had been unaffected by the "crisis". Customers who paid by card in Lush stores are also unaffected. ...

Hackers Celebrate Kim Jong-Un's Birthday With Video
by Louisa Lim
January 8, 2011

A website and Twitter account believed to be North Korea's state-sanctioned channels of communication have been hacked to show derogatory content on the birthday of North Korea's heir apparent.

A string of messages appeared on North Korea's Twitter account, calling North Koreans to rise up against leader Kim Jong-Il and his son, whom it referred to as the "sworn enemy."

Earlier, a two-minute animation had appeared on the communist state's YouTube account. It depicts the heir-apparent Kim Jong-Un teasing his father to buy him expensive birthday presents, then driving an expensive sports car into starving North Koreans. ...

Gawker was made aware two years ago of flaws in its password encryption system, and promised users it would "improve" it - but did not, which made it easier for its system to be hacked earlier this year.

The flaw meant that only the first eight characters of any password were used and encrypted; any more were ignored. That put a limit on the security that the encryption could offer.

In December, the Gawker Media database of 1.3m usernames and passwords was released online by the hacking group Gnosis, who had attacked the site in revenge for its taunting of the 4Chan message board.

The hackers were able to decode at least 188,000 of the passwords, including that of the sites' chief executive and founder Nick Denton, because of the weakness.

Some of the passwords were subsequently used for a spam attack on Twitter, and users were advised to change their passwords on other sites as protection.

Bryan Campbell, a Gawker user, alerted the company to the weakness on its GetSatisfaction feedback site in November 2008.

"I have discovered a serious flaw in your logon process," Campbell wrote. "When logging in, I have a alpha numeric password, EVEN when I drop the numerical part of it, it still authenticates me, with just the alpha part. Big worry."

Another user pointed out the problem too.

Gawker's technical team responded: "Thanks for letting us know about this. We realized we have an 8-character limit on passwords. We will be improving this in the future."

But the "improvement" did not transpire: the recent hack into Gawker's system demonstrated that it only used 8-character passwords, and that anything more than that was simply dropped - precisely as Campbell had warned. Campbell says was unaffected by the hack because he had stopped using the site after discovering the flaw. ...

Hackers had access to the gossip site Gawker's content management system (CMS) and password files for around six months, rather than the few days suggested by the company, the Guardian has learnt from sources connected to the break-in.

That contradicts the indications given by Gawker in public statements, such as an email sent out on 17 December by Thomas Plunkett, Gawker's chief technology officer, in which he suggested that the hackers only had access "briefly" to the site: "Gawker Media servers and some company email accounts were compromised by hackers at some time during the last few weeks; the compromise was made public to us (and everyone else) this past weekend," Plunkett wrote in an internal memo which was reposted on the Poynter.org website.

The hacking of Gawker and its associated sites led to the usernames, email addresses and passwords of 1.3 million registered users of the sites being made available – among them, those for Gawker staff including its chief Nick Denton. The hackers discovered Denton had used the same password for Gawker and for other sites such as Campfire, used by his company to coordinate its work. That allowed them to access those sites and find sensitive details including chats between members of the company.

Sources close to the hacking group Gnosis, which carried out the attack, have told the Guardian that they obtained access to Gawker's server by using a "local file inclusion" (LFI) weakness. Gawker has not previously said whether the access was via a weakness in the Gawker site, via a staff member's password, or some other means.

"The Gawker site LFI [flaw] was found about six months ago," a source close to, but not a member of, Gnosis told the Guardian. "The Campfire access came after the administrator database for the CMS was cracked."

The Guardian asked Plunkett to respond to the claims. He declined to comment and said that the company would offer further clarification later. ...

Enter your username or email address to
see if you were affected by the Gawker hack

WikiLeaks: hacktivists threaten UK government

Russia and China support Assange, the UN expresses concern, while Glenn Beck blasts ‘revolutionaries’
By Jonathan Harwood
LAST UPDATED 5:18 PM, DECEMBER 10, 2010

... PUTIN RECOMMENDS ASSANGE FOR NOBEL PEACE PRIZE
Never one to miss an opportunity to score political points, Russian prime minister Vladimir Putin has called for Assange to be awarded the Nobel Peace Prize. "Public and non-governmental organisations should think of how to help him," said Putin. "Maybe, nominate him as a Nobel Prize laureate." China, which has its own issues relating to the Nobel Peace Prize, has also backed Assange for the award.

UN HUMAN RIGHTS BOSS EXPRESSES CONCERN
Navi Pillay, the UN High Commissioner for Human Rights, appears to share the concerns of China and Russia over the case. She told a press conference in Geneva: "I am concerned about reports of pressure exerted on private companies including banks, credit card companies and internet service providers to close down credit lines for donations to Wikileaks, as well as to stop hosting the website."

MORE AUSTRALIANS BACKS ASSANGE
Rallies have been held in support of Assange in his homeland, Australia. Thousands gathered at protests in Brisbane, Sydney and Canberra where the WikiLeaks founder was hailed as a national hero and the Australian government was blasted for declaring him an outlaw. Attorney-general Robert McClelland distanced himself from Prime Minister Julia Gillard comment that the release of diplomatic cables was "irresponsible" and "illegal". He said investigations into whether Assange had broken Australian law could take up to a year.

GLENN BECK BLASTS 'REVOLUTIONARIES
The Anonymous campaign Operation Payback has even registered on Glenn Beck's radar. The right wing American commentator has somehow equated the actions of the computer hackers with those of the student demonstrators who attacked Prince Charles's car in London on Thursday night. In a wide-ranging rant, he told viewers of Fox News that Assange and his supporters, including everyone from George Soros to the Anonymous 'hacktivists', were "revolutionaries" hell-bent on causing "chaos".

TAIWANESE ANIMATORS EXPLAIN THE STORY SO FAR
The WikiLeaks story has grown so big that even the Taiwanese news animation group NMA has been moved to produce a primer on the whole affair. In it Assange is pushed out of an aeroplane by PayPal and Amazon, hunted by Sarah Palin armed with a rifle and eventually arrested by British police.

Operation Payback attacks firms that have blacklisted WikiLeaks in fight for internet freedom
By Eliot Sefton
LAST UPDATED 1:54 PM, DECEMBER 9, 2010

Members of internet protest group Anonymous have declared a "war for data" and vowed to continue their attacks on businesses they believe are trying to undermine WikiLeaks.

The group, which has no official leaders or membership structure, has launched 'botnet' attacks on companies including Visa, MasterCard and PayPal this week after they withdrew services to the controversial website, whose founder Julian Assange is now under arrest in England.

Speaking to Radio 4's Today programme, one Anonymous member, who calls himself Coldblood, said: "I see this is becoming a war, but not your conventional war, a war for data. We are trying to keep the internet open for everyone."

The botnet attacks, in which computers act together to bombard and overwhelm the site they are targeting, have been undertaken under the name Operation Payback. Thousands of so-called 'hacktivists' are believed to have signed up to take part in the operation.

In an online 'manifesto' Anonymous described itself as "an Online Living Consciousness". ...

David Cameron defends Andy Coulson – but says no one is 'unsackable'
PM praises director of communications after fresh allegations by Channel 4 film over phone hacking at News of the World
Nicholas Watt
Tuesday 5 October 2010

David Cameron said last night that nobody on his team is unsackable, as he faced questions about his communications director, Andy Coulson.

In a Channel 4 News interview, the prime minister defended Coulson, who is facing allegations that he knew about illegal phone hacking during his time as editor of the News of the World.

Asked by Channel 4 News presenter Jon Snow whether Coulson was unsackable, Cameron said: "No one is unsackable. But … we haven't had one single complaint about how he has done his job, or indeed about how the Downing Street press office has done its job. That is quite a contrast from the years of [Labour's director of communications] Alastair Campbell and [special adviser] Damian McBride and all the rest of them."

Cameron faced renewed questions about the phone hacking scandal after new allegations that Coulson personally listened to the intercepted voicemail messages of public figures. The allegations were aired on the Channel 4 Dispatches programme on Monday night.

Former Labour minister Tom Watson, MP for West Bromwich East, said the new allegations made against Coulson were "new, far-reaching and warrant investigation". He wrote to Cameron calling for a statement to parliament, after an unnamed former News International executive was quoted.

Coulson resigned as editor of the News of the World after Clive Goodman, the paper's former royal editor, and Glenn Mulcaire, a private investigator paid by the newspaper, were jailed for illegal phone hacking.

Coulson, who resigned on the basis that he took "ultimate" responsibility for their actions, has consistently denied any knowledge of the phone hacking. ...

Phone-hacking scandal: Andy Coulson 'listened to intercepted messages'
Anonymous source tells Channel Four David Cameron's media adviser would ask for recordings to be played for him at News of the World
Nick Davies
Sunday 3 October 2010

The prime minister's media adviser, Andy Coulson, personally listened to the intercepted voicemail messages of public figures when he edited the News of the World, a senior journalist who worked alongside him has said.

Coulson has always denied knowing about any illegal activity by the journalists who worked for him, but an unidentified former executive from the paper told Channel Four Dispatches that Coulson not only knew his reporters were using intercepted voicemail but was also personally involved.

"Sometimes, they would say: 'We've got a recording' and Andy would say: 'OK, bring it into my office and play it to me' or 'Bring me, email me a transcript of it'," the journalist said.

The claim, due to be broadcast tomorrow night, goes beyond earlier statements by Coulson's former colleagues.

Sean Hoare, a showbusiness reporter, told the New York Times Coulson had "actively encouraged" him to intercept voicemail.

Paul McMullan, who handled investigations, told the Guardian illegal activity was so widespread in the newsroom that Coulson must have known about it. Coulson has denied all the claims.

Channel Four's anonymous witness, whose words are spoken by an actor in the programme, says: "Andy was a very good editor.

"He was very conscientious and he wouldn't let stories pass unless he was sure they were correct ... so, if the evidence that a reporter had was a recorded phone message, that would be what Andy would know about.

"So you'd have to say: 'Yes, there's a recorded message.' You go and either play it to him or show him a transcript of it, in order to satisfy him that you weren't going to get sued, that it wasn't made up."

In evidence to a House of Commons select committee last year, Coulson said he could not remember any instance of voicemail being intercepted during his six years at the paper.

He resigned in January 2007 after the tabloid's royal correspondent, Clive Goodman, was jailed for listening to the voicemails of three members of the royal household. "I am absolutely sure that Clive's case was a very unfortunate rogue case," he told the committee.

Channel Four's witness said: "It was fairly common – not so common that everybody was doing it. That wasn't the case at all. But the people who did know how to do it would do it regularly." ...

... Brian Paddick, a former deputy assistant commissioner at Scotland Yard who is also taking the police to court, suggested that his former colleagues' decision to cut short their original investigation may have been influenced by their links with the News of the World.

"That relationship was well worth protecting ... when you have something as big as this, where you're talking about potentially a large investigation involving illegal activity, you can see how potentially pressure could have been brought to bear," he said. ...

Ukrainian police on Thursday arrested five people suspected of orchestrating an international fraud ring that siphoned more than $70m out of bank accounts by infecting computers with the Zeus trojan.

The action by Ukraine's SBU was part of an unprecedented partnership among law enforcement agencies in the US, the UK, the Netherlands, and Ukraine, the FBI said in a press release issued on Friday. “Operation Trident Beach” first came to light on Tuesday with the arrest of 19 people in London in connection to Zeus-related offenses. On Thursday, 11 individuals were charged in Westminster Magistrates' Court, and in New York federal prosecutors announced similar charges against 37.

Most of those suspects were accused of being “money mules” who set up hundreds of bank accounts under fraudulent names to launder money transferred from accounts that were compromised by the crimeware.

The five people arrested in Ukraine, by contrast, are “key subjects responsible for this overarching scheme” the FBI said. In all, the ring attempted to steal $220m and succeeded in getting $70m. ...

The police watchdog believed as far back as a year ago that it should carry out an independent review of the Metropolitan police's handling of the investigation into the News of the World phone-hacking scandal, the Guardian understands.

Senior figures at Her Majesty's Inspectorate of Constabulary decided last summer that there was sufficient public interest in the matter for it to investigate the handling of the case by the Met. The inspectorate eventually decided against undertaking a review because it did not have sufficient resources at the time.

The disclosure of the inspectorate's concerns may increase pressure on the Met, which is facing the threat of a series of legal actions over an allegedly slow response in alerting public figures and celebrities that they may have been targeted by a private investigator employed by the News of the World.

Lord Prescott, the former deputy prime minister, is the most senior political figure seeking a judicial review of the police action. Prescott, whose name was found on papers seized from the office of private investigator Glenn Mulcaire, is demanding damages from Scotland Yard for initially failing to inform him about the documents.

The inspectorate's interest in the case may raise questions about senior figures in the Home Office. The Guardian disclosed last month that Stephen Rimmer, the Home Office director general for crime and policing, had warned last summer that Scotland Yard would "deeply resent" a review of its investigation by the inspectorate. Senior officials at the inspectorate conducted their preliminary inquiry last summer after fresh allegations about the phone-hacking scandal were published by the Guardian in July 2009.

The paper reported that News Group Newspapers paid out more than £1m to settle legal cases that threatened to reveal the repeated involvement of journalists in illegal methods to obtain stories. ...

... Kamkar showed just how simple stalking can be. The first step is to lure the victim to click the attacker's link. Once the victim lands on the baited website, Kamkar showed how to trick and manipulate Google into revealing her location.

After she visited the malicious site, he could impersonate her by making his PC seem like her PC requesting the information. Using JavaScript to remotely scan for her router type and her MAC address, he then utilized Google Street View data to discover the location of her router. He was accurate within 30 feet.

According to Dan Goodin, "If JavaScript is unpalatable for some reason, there are other ways to do this. A few things have to happen for the attack to work. First, the router needs to be set to use the default administrative password, or it needs to be a model that doesn't require credentials to access its system information page. And the router's MAC address must already have been recorded by Google's ubiquitous fleet of Street View cars, which roam the earth snapping pictures and sniffing select Wi-Fi data."

This hack might be used for stalking or for targeting and attacking specific individuals. From proof-of-concept to his 'How I Met Your Girlfriend' presentation, Kamkar shows how easily a person could meet a guy, find out about his girlfriend, social engineer her to click a link, track her down, knock on her door, deliver pizza and beer. Discovering, meeting, and then stealing your girlfriend out from under you might be one of the less harmful scenarios.

"This is geo-location gone terrible," Samy Kamkar said during his presentation. "Privacy is dead, people. I'm sorry."

I contacted Samy and asked him what he advised for people who are concerned about privacy and security. In other words, what does he do to protect his privacy? Samy replied via email, "To better protect yourself, make sure you're using up to date firmware on your router, that you've changed any default passwords on your router or firewall, and if possible, use additional software such as NoScript to protect your browser from malicious code." ...

And so the Press Complaints Commission sits there, not as King Canute failing to turn back the tide of voicemail hacking, but as the embodiment of all three monkeys, seeing nothing, saying nothing, and doing nothing.

The News of the World now assures us it has "zero tolerance" of phone hacking. Bill Akass, the managing editor, says that if the latest case is proven, the perpetrator will be dismissed for "gross misconduct without compensation". That is an improvement on the position adopted after the convictions of Clive Goodman (the former royal correspondent) and Glenn Mulcaire (a private investigator). Both were paid off, and to this day both remain silent.

After the phone hacking story broke, the PCC, the regulator of the press financed by the press, did nothing.

It continues to do nothing while making noises that "phone message hacking is deplorable". The excuses for doing nothing are varied but the outcome is the same. ...

John Prescott furious over unrevealed link to phone-hacking scandal
Documents held by Metropolitan police suggest News of the World targeted former deputy prime minister
Toby Helm and Jamie Doward
4 September 2010

John Prescott tonight demanded the Metropolitan police reopen its investigation into the News of the World phone-hacking scandal as the Observer revealed that Scotland Yard holds News International documents suggesting that he was a target when deputy prime minister.

Two invoices held by the Met mention Prescott by name. They appear to show that News International, owner of the NoW, paid Glenn Mulcaire, the private investigator at the heart of the scandal, for his help on stories relating to the deputy PM. Lord Prescott spoke of his anger that the information, spelled out in a letter from the Yard's legal services directorate, emerged only after he was given a series of personal reassurances by detectives at the highest level that there was "no evidence" his phone may have been hacked.

The invoices are both dated May 2006, at a time when Prescott was the subject of intense media scrutiny following revelations that he had had an affair with his secretary, Tracey Temple. There is also a piece of paper obtained from Mulcaire on which the name "John Prescott" is written. The only other legible word on this document is "Hull".

The name "Prescott" appears on two "self-billing tax invoices" from News International Supply Company Ltd to Mulcaire's company, Nine Consultancy.

The Yard's letter, obtained by the Observer, states: "One appears to be for a single payment of £250 on 7/5/2006 labelled 'Story: other Prescott Assist -txt.' The second, also for £250, on 21/5/2006 contains the words 'Story: Other Prescott Assist -txt urgent'."

The legal services directorate adds: "We do not know what this means or what it is referring to."

In a statement to the Observer, Prescott said he formed the impression that the police were more intent on withholding information relating directly to him. "I have been far from satisfied with the Metropolitan police's procedure in dealing with my requests to uncover the truth about this case," he said. ...

News of the World faces fresh phone hacking charge

• Calls for judicial inquiry after reporter is suspended
• Latest phone hacking allegation dates from earlier this year
• Four targets poised to sue police over failure to warn them

Nick Davies, Vikram Dodd and Nicholas Watt
Thursday 2 September 2010

The government tonight came under pressure to set up a judicial inquiry into the phone hacking scandal at the News of the World after the paper confirmed that it has suspended a journalist while it investigates new allegations of the unlawful interception of voicemail.

The prime minister's media adviser, Andy Coulson, has denied a report in the New York Times which claimed he freely discussed the use of unlawful news-gathering techniques when he was editing the paper and "actively encouraged" a named reporter to engage in illegal interception of voicemail messages. Coulson has always denied knowing of any illegal activity by his journalists.

Scotland Yard, too, found itself in the firing line after the New York Times quoted unnamed detectives alleging they had cut short their investigation because of their close relationship with the News of the World. A group of four public figures, including former deputy prime minister John Prescott, is poised to sue police over a failure to warn them they had been targeted by the private investigator at the centre of the scandal, Glenn Mulcaire.

The Guardian has learned that the Metropolitan police commissioner at the time of the original investigation, Sir Ian Blair, was among those whose names were found in material seized from Mulcaire, raising questions about whether officers who were directly involved in the investigation had discovered that they, too, had been targets of the newspaper. It is understood Blair was assured at the time that his phone had not been hacked.

The former Labour minister Tom Watson today called on the government to set up an inquiry into the relationship between Scotland Yard and Rupert Murdoch's News Group, which publishes the News of the World. In a letter which was addressed to the deputy prime minister, Nick Clegg, in the absence of the prime minister, who is on paternity leave, Watson wrote: "The testimony given to the New York Times is that the police did not share all the relevant information with the Crown Prosecution Service, and that, if they had done, the CPS would have reached a different conclusion. These are clear grounds for a judicial inquiry.

"I think that information should be made available to the people concerned." ...

Algerian web pirates 2,000 miles astray in siege of Belvoir Castle
One of Britain’s best-known castles fell victim to a band of hapless Middle-Eastern “cyber-pirates” last week after they mistook it for a Crusader fortress of the same name more than 2,000 miles away.
By Heidi Blake
01 Sep 2010

Belvoir Castle, the family seat of the 11th Duke of Rutland, was mistakenly targeted by a subversive group of Algerian hackers who confused its website with that of Belvoir Fortress in Israel.

The hackers hijacked the castle’s homepage and replaced images of the stately home nestled in rolling Leicestershire countryside with a black page displaying the Algerian flag and a tirade against the Jewish state in Arabic.

Belvoir Fortress became a stronghold of the Christian military order of the Knights Hospitaller in 1168, when it was erected to fend off Muslim forces attacking the Kingdom of Jerusalem from the east.

It returned to Muslim control in the 13th Century, but was abandoned after a bloody assault by Israeli forces on the surrounding village of Kawkab al-Hawa in 1948.

By contrast, Belvoir Castle was a Royalist stronghold in the English Civil War and now holds an annual teddy bears’ picnic in its 15,000-acre gardens.

An Algerian subversive group called the Dz-SeC claimed responsibility for the cyber attack, which occurred on Friday afternoon, writing in Arabic on the castle’s website: "The cause of this hack is Israel's presence.”

The message added: "Internet law does not protect the ignorant. Thank you to all the pirates of Algeria." ...






The UK Belvoir is pronounced 'beaver' which is also -inducing.

... So, let's get this straight: Palin is more than happy to utilise the contents of stolen emails to score political points when it suits her own cause – in this case, attacking the "radical environmental movement" – but finds it "repugnant" when her own privacy is invaded "for political gain"? Why was she not calling in her article for whoever stole (hacked, leaked, whatever) the UEA emails to face a "just" punishment instead of jumping up and down with glee at their politically convenient content?

Hypocrisy? You betcha.

The cyberattack on Google last year reportedly yielded access to a password system that controls millions of users' access to the company's services including e-mail and business services.

Gaia, which allows users to sign in using their password once for a range of services, was compromised during a two-day attack last December, according to a New York Times report that cited a person with knowledge of an internal investigation. However, Gmail users' passwords do not appear to have been stolen, and the company quickly initiated security changes to its networks, according to the report.

The intrusion began when a Google employee in China clicked on a link sent in an instant message that took the employee to a corrupted Web site, which allowed access to the employee's personal computer and ultimately the computers used by a key group of software developers at the company's headquarters in Mountain View, Calif., according to the report.

Google first disclosed the theft of intellectual property in January when revealed that it and other businesses were the victims of "a highly sophisticated and targeted attack" aimed at gathering information about human rights activists. As a result of the theft, Google announced it no longer intended to censor search results in that country and would consider leaving entirely.

Source code was stolen from more than 30 Silicon Valley companies targeted in the attacks, which Google said originated in China, though it has not revealed the specific people behind them. For its part, the Chinese government has denied any involvement. ..

Spying on Computer Spies Traces Data Theft to China
By JOHN MARKOFF and DAVID BARBOZA
Published: April 5, 2010

TORONTO — Turning the tables on a China-based computer espionage gang, Canadian and United States computer security researchers have monitored a spying operation for the past eight months, observing while the intruders pilfered classified and restricted documents from the highest levels of the Indian Defense Ministry.

In a report issued Monday night, the researchers, based at the Munk School of Global Affairs at the University of Toronto, provide a detailed account of how a spy operation it called the Shadow Network systematically hacked into personal computers in government offices on several continents.

The Toronto spy hunters not only learned what kinds of material had been stolen, but were able to see some of the documents, including classified assessments about security in several Indian states, and confidential embassy documents about India’s relationships in West Africa, Russia and the Middle East. The intruders breached the systems of independent analysts, taking reports on several Indian missile systems. They also obtained a year’s worth of the Dalai Lama’s personal e-mail messages.

The intruders even stole documents related to the travel of NATO forces in Afghanistan, illustrating that even though the Indian government was the primary target of the attacks, one chink in computer security can leave many nations exposed.

“It’s not only that you’re only secure as the weakest link in your network,” said Rafal Rohozinski, a member of the Toronto team. “But in an interconnected world, you’re only as secure as the weakest link in the global chain of information.”

As recently as early March, the Indian communications minister, Sachin Pilot, told reporters that government networks had been attacked by China, but that “not one attempt has been successful.” But on March 24, the Toronto researchers said, they contacted intelligence officials in India and told them of the spy ring they had been tracking. They requested and were given instructions on how to dispose of the classified and restricted documents.

On Monday, Sitanshu Kar, a spokesman for the Indian Defense Ministry, said officials were “looking into” the report, but had no official statement.

The attacks look like the work of a criminal gang based in Sichuan Province, but as with all cyberattacks, it is easy to mask the true origin, the researchers said. Given the sophistication of the intruders and the targets of the operation, the researchers said, it is possible that the Chinese government approved of the spying. ...



Ta much, dear Glenn321

Microsoft, Researchers Team Up And Tear Down Major Spamming Botnet
Unprecedented court order helped dismantle Waledac, the second-gen iteration of the Storm botnet; here's how the undercover operation went down

Feb 25, 2010 | 02:54 PM
By Kelly Jackson Higgins
DarkReading

Waledac -- the spamming botnet formerly known as Storm -- was downed yesterday in a sneak attack by a team from Microsoft, Shadowserver, the University of Washington, Symantec, and a group of researchers from Germany and Austria who had first infiltrated the botnet last year.

In an unprecedented move, Microsoft secured a federal court order that, in effect, required VeriSign to cut off 277 Internet .com domains that were serving as the connections between Waledac's command and control (C&C) servers and around 60,000 to 80,000 bots or infected machines it had recruited to spew its spam. Waledac is best-known for its online pharmacy, phony products, jobs, and penny stock spam scams, and has the capacity to send more than 1.5 billion spam email messages per day.

The so-called "Operation b49" effort basically turned the tables on the Waledac botnet operators by systematically hijacking the communications between the botnet and its infected bots. Once Microsoft had the court order in hand from the U.S. District Court of Eastern Virginia in response to its legal complaint, researchers from the University of Mannheim in Germany and the Technical University of Vienna launched a massive attack on the botnet's hybrid peer-to-peer/HTTP communications infrastructure, according to one of the researchers who handled that part of the operation, but declined to be named publicly.

"We were told to push the red button, so to speak, and we started an attack on the P2P network as VeriSign was removing the domains," the researcher said in an interview. The operation was facilitated by the German and Austrian team's existing foothold in Waledac -- last year, the group successfully infiltrated Waledac and was able to leverage their continued undercover presence in the botnet.

They placed fake nodes into the botnet that posed as Waledac "repeaters" -- the second-tier servers that communicate directly with the bots and site between the infected bots and the back-end C&C servers, and redirected the infected machines to safe IP addresses or sinkholes. Within six hours, 90 percent of the botnet had been shut down. Now it's a matter of catching those bots that hadn't phoned home during the initial wave of the attack and alerting ISPs of infected IP addresses in their domains so they, in turn, can alert customers whose machines were part of Waledac.

"Once the bots have connected to our infrastructure, they can't connect [back to Waledac again]," the researcher says. "We have 90 percent of the botnet taken down." ...

Google runs Microsoft's IE, attacks show
'Why wasn't Google running Chrome?' asks researcher
By Gregg Keizer
January 15, 2010

Computerworld - Google's corporate network was hacked because its workers were running rival Microsoft's Internet Explorer browser, a point that didn't escape the notice of security researchers and Web users.

"More interesting than the IE zero-day, is why wasn't Google running Chrome?" asked Andrew Storms, director of security operations at nCircle Network Security, shortly after Microsoft issued a security advisory that told users of a critical, unpatched bug in Internet Explorer (IE).

Thursday, Microsoft acknowledged that the IE exploit had been used in the attacks against Google and other major corporations. "We have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," said Mike Reavey, director of Microsoft's Security Response Center (MSRC).

In fact, the malware that Microsoft and others researchers have examined was designed to exploit IE6, the eight-year-old browser that's most often used with Windows XP.

Others, in addition to Storms, questioned why Google wasn't "eating its own dog food," the phrase used to describe software development companies running their own products, often in early editions long before they're made public. "I have to wonder, why the hell is Google using IE, and why IE6?" asked a Computerworld reader in a comment appended to a story on the IE bug. "In fact, why Windows-based servers? Eat your own dog food, Google." ...

VeriSign's iDefense security lab has published a report with technical details about the recent cyberattack that hit Google and over 30 other companies. The iDefense researchers traced the attack back to its origin and also identified the command-and-control servers that were used to manage the malware.

The cyber-assault came to light on Tuesday when Google disclosed to the public that the Gmail Web service was targeted in a highly-organized attack in late December. Google said that the intrusion attempt originated from China and was executed with the goal of obtaining information about political dissidents, but the company declined to speculate about the identity of the perpetrator.

Citing sources in the defense contracting and intelligence consulting community, the iDefense report unambiguously declares that the Chinese government was, in fact, behind the effort. The report also says that the malicious code was deployed in PDF files that were crafted to exploit a vulnerability in Adobe's software.

"The source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof," the report says.

The researchers have determined that there are significant similarities between the recent attack and a seemingly related one that was carried out in July against a large number of US companies. Both attacks were apparently managed through the same command-and-control servers.

"The servers used in both attacks employ the HomeLinux DynamicDNS provider, and both are currently pointing to IP addresses owned by Linode, a US-based company that offers Virtual Private Server hosting. The IP addresses in question are within the same subnet, and they are six IP addresses apart from each other," the report says. "Considering this proximity, it is possible that the two attacks are one and the same, and that the organizations targeted in the Silicon Valley attacks have been compromised since July."



WTF, chinastan?
Ta much, dear MSiegel

Accounts invaded, computers infected – human rights activists tell of cyber attacks

• Authorities blamed for hacking into Gmail users
• Phishing scams and malware used as weapons

Tania Branigan in Beijing
Thursday 14 January 2010

Well-known human rights advocates in China and a Tibetan rights activist in the United States have disclosed that their Gmail accounts have been compromised.

They came forward after Google's announcement of a sustained cyber attack on activists and other illicit accessing of accounts, but stressed that the problem goes back much further. Some in China said they had repeatedly suffered from hacking and blamed the authorities .

Ai Weiwei, one of China's best-known contemporary artists, said he detected problems with email accounts two months ago.

Teng Biao, a law professor and human rights lawyer, and Zeng Jinyan, activist and wife of the jailed dissident Hu Jia, both said their email had been hacked as long ago as 2007. They realised the issue had recurred when they checked their accounts in light of Google's statement.

However, a Chinese foreign ministry spokeswoman, Jiang Yu, told a press conference in Beijing: "Chinese laws prohibit any form of cyber attacks including hacking."

On Tuesday, Google said hackers had gained limited access to two accounts in December's attack. It is understood the firm contacted the account holders.

Tenzin Seldon, 20, a US student whose parents are Tibetan exiles, said Google had checked her computer and confirmed an intrusion. "My email account was likely hacked because I am a Tibetan activist," she said.

Google said its investigation also showed that the accounts of dozens of Gmail users in the US, China and Europe who are advocates of human rights in China had been routinely accessed by third parties. This had not happened through an intrusion into its infrastructure, but probably through phishing scams or malware placed on the users' computers. ...

... Earlier last year researchers at the ­University of Toronto said they had discovered a vast electronic spy network which seemed to have targeted embassies, media groups, NGOs, international organisations, government foreign ministries and the offices of the Dalai Lama, the leader of the Tibetan exile movement.

Computers were infected when users clicked on links in emails or documents attached to them.

The team said the "GhostNet", which had infiltrated hundreds of computers and stolen documents, was apparently controlled from computers in China. But they added that they could not identify who was behind it.



WTF, chinastan?

Adobe predicted as top 2010 hacker target
McAfee's crystal ball also reveals Google Chrome dangers
By John Leyden
29th December 2009

Adobe will overtake Microsoft as the primary target for hackers and virus writers in 2010, net-security firm McAfee predicts.

Attacks targeting vulnerabilities in Acrobat Reader and Flash are already commonplace, driven in part by that software's widespread use. The often-tricky update process and lack of user awareness that apps as well as browsers and Windows need updating further compounds the problem of PDF-based malware - which McAfee reckons will only increase next year.

The security firm also predicts an increase in the severity and power of hacking attacks aimed at users of social networking websites such as Twitter and Facebook. Mystic McAfee also predicts that banking Trojans will become even more sophisticated, perhaps by gaining the ability to interrupt legitimate transactions and make unauthorised withdrawals without being detected. Malware in email attachments, a common ploy in targeted attacks, is also expected to increase.

Meanwhile, botnets - the main currency of cyberattacks - are likely to move further away from reliance on command and control servers towards a peer-to-peer architecture that's more resilient against takedown efforts.

All these predictions more or less follow on from current trends. The one new highlight in McAfee's threat report is the prediction that HTML5 will give "cybercriminals new opportunities to write malware and prey on users."...

US hacker charged with stealing 130m credit card IDs

Former secret service worker in jail in New York accused of record scam against retail companies

Ed Pilkington
Tuesday 18 August 2009

A serial hacker has been charged with carrying out the largest theft of credit card identities ever recorded in the US, in a sophisticated scam in which he and accomplices allegedly stole at least 130m accounts from big retail companies.

Albert Gonzalez, 28, of Miami, who once worked with the US secret service, is accused of working with two unidentified Russian conspirators to hack into the databases of retail chains, selling the information around the world. According to a 14-page indictment, the hackers stole credit card numbers from Heartland, a New Jersey-based company that processes payments, from the store 7-Eleven, and the supermarket chain Hannaford.

The three also targeted two other, unnamed corporations, according to the US attorney's office in New Jersey.

Heartland Payment Systems and Hannaford Brothers had separately acknowledged the breaches, but the scope of the fraud had not been known. ...

A lace card is a punch card with all holes punched (also called a whoopee card, ventilator card or IBM doily). Card readers tended to jam when a lace card was inserted, as the resulting card had too little structural strength to avoid buckling inside the mechanism. ...



Old school, yo.

I effing hate flash (AdBlock and flashblock = Yay!), and don't even bother with adobe's massive fricken pdf reader - I use Foxit instead. It took a tenth the time to download, and it loads pdfs much more quickly too, also. No other vast programs are forcibly bundled into it, nor does it hassle me every fifteen minutes to perform an update which takes four hours.

Nice how they've blown this off for months on end, too, huh?

You know, Chinastan, yo' ass sho ain't been givin' me no good reason to quit despising yo' ass. Quite th' opposite, sink meh.

... In spite of the quick actions of WGN-TV engineers, Chicago had not yet seen the last of of this new signal-plundering pirate. Almost exactly two hours after the first unplanned detour from normality, at 11:15pm, viewers of the PBS affiliate WTTW were absorbing an episode of the British sci-fi series Doctor Who when their TV pictures danced sporadically for a moment. With a randomly gyrating panel of corrugated metal used as a backdrop, the unnerving Max Headroom doppelganger launched into an eccentric diatribe in a highly distorted voice. With no engineers on location at the transmission tower, WTTW employees looked on helplessly as the intruder seized control of their broadcast...




Brucking filliant! Bless your soul!