The computer system for a company called RBS WorldPay was hacked. One service of the company is the ability for employers to pay employees with the money going directly to a card, called payroll cards, a lot like a debit card that can be used in any ATM. The hacker was able to infiltrate the supposedly secure system and steal the information necessary to duplicate or clone people’s ATM cards.

Then shortly after midnight Eastern Time on November 8, the FBI believes that dozens of the so-called cashers were used in a coordinated attack of ATM machines around the world.
“Over 130 different ATM machines in 49 cities worldwide were accessed in a 30-minute period on November 8,” Agents Rice said. “So you can get an idea of the number of people involved in this and the scope of the operation.”

Flashmob of ATM crooks scores $9 million in 49 cities

Blitzkrieg is the keyword here. Amazing job. 🙄

Tagged with:
 

I’ve received the following comments on two of my posts and they look like this:

Charles Norrie said…
7:25 pm – February 1st, 2009

But it exploits vulnerabilities in Windows systems, so if you install a Linux system like Ubuntu Intrepid Ibex you won’t suffer malware problems again!

On Downadup/Conficker botnet estimated at 8.9 million according to f-secure

Charles Norrie said…
2:19 pm – February 1st, 2009Ubuntu is quite wonderful. Please reply to all news articles mentioning the Conficker virus saying that if users installed Ubuntu, they’d never have to patch their computers again.

Get the message out. We all benefit by persuading people to move to Linux!

On Backtrack 4 will be a full blown distribution

Now i originally wanted to reply with another comment but since the comment ended up a little bigger than i intended and because it expresses a lot of my views on this issue  i made a post out of it, so here it goes:

I have to disagree with you, because persuading people into using Linux just because it is a less prone to malware platform then Windows, is not the solution for the current security issues that exist nowadays. Malware does exist for Linux but it is not that abundant as for security bugs if we take only Windows in discussion and no other third party application then i really can’t say which one is more buggy, a Linux distro or Windows?Because i’ve seen all sorts of bugs in all kinds of places in both operating systems. And i say a Linux distro because it’s not fair to compare Windows with just the Linux kernel, because Linux is only the kernel after all, a Linux distro is what you can call an OS. Plus that the Linux kernel had and it currently has lots of bugs all over the places and new ones are discovered all the time.  Moreover if we make a comparison of security bugs that were discovered both in only the Linux kernel and the Windows kernel i can assure you that the Linux kernel had way more flaws then the Windows kernel afaik. To sum it up let’s say that a vast amount of the masses start shifting over night to Linux, just as you want, and then Linux becomes the leader in the OS market share, what happens then?All of the guys writing malware will shift their attention to Linux and then you will see the same flow and abundance of malware for Linux. Because it’s the same security unaware target audience, the same buggy code, the same people writing new code with the same security flaws, the same security mistakes made in software logic and design, etc…

Linux for the moment, in my opinion, has these advantages when it comes to being a primary target for malware:

  1. low desktop market share
  2. vast amount of distributions
  3. a big percentage of Linux users are tech savvy

Now let’s dissect those 3 advantages:

1.The market share that Windows currently has means only one thing: Way more people are working, banking, e-mailing, chatting and doing stuff on Windows thus a bigger profit is to be gained from targeting Windows users…it’s all business. And if it’s not business than it’s fun and let me tell you that it’s not fun to spend one week writing a piece of malware for Linux that works on at least 5 most used distros. What is fun, in the script kiddie mentality that flourished out there, is to use a lame .vbs *All in one – Virus Maker* and then share it on file sharing networks and watch people getting pwned. What about binding something like Turkojan on a stupid “Undress me” poker game and sharing it too?!? That is fun nowadays. Oh and if it’s not about fun than it is about 5th grade pride and proving that you are the best l33t haxxor out there. Which only lead to this defacement explosion in the past few years. If you can deface a website than you are a haxor. If you can deface a bunch of websites that your are a leet haxxor. But if you can deface Microsoft’s website while defacing 50 others in the other 50 browser tabs you have opened then you really are the most l333tzoor h@xx out there. Well let me tell you one thing, people who deface in those reasons are just plain stupid. They don’t realise or know how many things can be done with a boxen after pwning it(especially a high profile target :roll:) with a lame public for months exploit ,so they just resume at replacing index.html/.php/.asp with their own “I am teh skillzor and admin sucks! L33t Haxor skeelz pwned your boxen. Secure you website. Gritz to acid_piss, no_life and toilet_face!!!” .html defacement page.

2.The vast amount of Linux distributions out there make it hard to write a portable piece of malware that *works on linux* and that’s about it. Different kernel versions and modules, different library and program versions and choices, design and architectural differences all contribute with a certain level of skill required to write a good portable malware piece.

3.You probably guessed yourself, a big % of Linux users being tech savvy makes it not so easy to target them.

In conclusion “Use Linux and you’re malware and pwn free” is not the solution nor entirely true. I hate it when people push this kind of things to the public and it’s the same with the recently flowing bullshit that “Linux just works now!” or “Ubunt jost works!”. Bullshit. It doesn’t, unless you are a hacker(in the good sense) and like to get down with stuff. For the average human beeing that doesn’t know or want to know about computers or how they work  and they just want things like chatting and browsing and file sharing then Linux might actually stay in their way and make them unhappy and uncomfortable and thinking they’re stupid. If we take Ubuntu’s case then “Ubuntu is just working” is only bandwagon fantasia bullshit and not even Mark Shuttleworth has the courage to say that relating to the desktop market. So just leave it at that…Linux is Linux and Windows is Windows each one with it’s ups and downs. 🙂

Tagged with:
 

bt4_logo

Yes that’s right, a full blown Linux distribution. It will be based on debian base packages with ubuntu repositories integration. I am pretty glad about this because it will make Backtrack much more comfortable to use as an installed Linux distribution on hdd. What exactly do i mean by comfortable:

  • up-to-date kernel
  • package updates
  • security updates
  • easy installation of new packages/applications

All of this summarizes in just two words package-management which is very important for a day to day usage of an installed on disk Linux distribution and keeps you mentally and physically in great form. 😈

You can read more about this transition to a full blown distribution here and here and yes it’s “official” because it comes from muts.

Finally for your enjoyment a collection of Backtrack4 wallpapers from the remote-exploit forum:

Tagged with:
 
lamo-mitnick-poulsen

Adrian Lamo, Kevin Mitnick, Kevin Poulsen

In case you have been living on the moon:

Kevin David Mitnick (born August 6, 1963) is a computer security consultant and author, who was incarcerated for more than four years without trial or a bail hearing.

He was a world-famous controversial computer hacker in the late 20th century, who was at the time of his arrest, the most wanted computer criminal in United States history. more…

Ever wanted to see Kevin in action?

See him as he types?

See him as he hacks/cracks?

Then you have clicked to the right place.

Some of the network data gathered(sniffed or logged) for prosecution before Kevin’s apprehension by telco’s and other parties involved in the investigation with the help of Tsutomu Shimomura, has been released to the public a long time ago. Shimomura used a custom version of tcpdump in his sniffing sessions on Mitnick and eventually he made a program to convert the gathered data into an interactive application that matches exactly what Mitnick was seeing and doing during his telnet sessions(it sounds more complicated than it is, a little understanding of the telnet protocol, which dominated the internet back then, and the fact that a tcpdump session on a host between mitnick and he’s other peers contains all the needed information to recreate with precise accuracy exactly what happened,when and how it looked).

They have been hosted at the evidence section on a site called Takedown(like the book by Shimomura&John Markoff and the movie) along with the prank calls made to Shimomura’s voicemail and other related stuff.

If you’re not familiar with Kevin’s story and a little bit of unix/linux i don’t think you will be making much sense out of the transcripts,except for the chatting sessions. Although this looks like a great motivation to start learning/using linux/unix just because you wanted to understand what is the stuff Kevin types while he hacks. 😈

If you want to know more about Kevin’s story just press the magic button or roll your eyes over news/articles on takedown.

For the Mitnick familiar and hackers out there i present Tsutomu’s January 25 Post to Usenet which explains with some level of detail the IP source address spoofing and TCP sequence number prediction attacks that were used by Kevin to pwn Shimomura’s diskless X terminal and from there using a loadable kernel STREAMS module an existent connection to Shimomura’s real box was hijacked thus leading to the pwnage of Tsutomu’s goodies treasurechest.It was interesting the way Tsutomu wanted to make sure the world understands how his box got owned. 😳

You will be needing telnet to view the sessions. For each session you will have to telnet on a different port on the same machine as each transcript is served through a different port.

➡  The site
➡  Telnet transcripts
➡  Voicemail pranks to Shimomura

kevin_mitnick

They always use the ugliest picture possible,so that he looks like a pedofile and everyone is happy.

I am eager to see Kevin haaack, i want to see some stuff right now! Gimme teh box and it’s hole!

Well select one from bellow based on the summary of the transcript, then open a shell and type/paste the corresponding telnet command:

This is the chat session in which Kevin asks his friend jsz at Ben-Gurion University in Israel for tools. He asks over and over again until he gets satisfaction. Since we are seeing what Kevin saw, in the talk session the top half of the window (above the dashed line) is what he was saying; the bottom is what jsz was saying.  —>

telnet kevin-on-demand.takedown.com 4009

Nobody speaks better for Kevin Mitnick than Kevin himself. Here we learn that we are indeed dealing with Mitnick, as well as good many other   things.   Do these sound like nice people to you?Discussion of Tsutomu, Markoff, Dan Farmer, a “picture on the front page of the New York Times.” —>

telnet kevin-on-demand.takedown.com 4010

Kevin breaks into Dan Farmer’s machine(creator of SATAN security scanner), fish.com, and peruses his files and mail looking for information about himself, Tsutomu, security holes, and the FBI. Breaks into Sun, confirming that the “access1” in the talk session that afternoon really did refer to access1.sun.com. Kevin also has a fascination with looking through the command histories of system administrators, presumbaly to see if they are on to him. —>

telnet kevin-on-demand.takedown.com 4013

This is the first session where a possible reference to “Mitnick” was seen. —>

telnet kevin-on-demand.takedown.com 4008

Many more here.

Dude??!? What’s a shell?!?! 🙄

This will do just fine for you:

(have nice wank at the pretty hackish white blinking cursor..white…black…white…black)  😈

Tagged with:
 

Hmm neural networks in  JS…nice!

You can find it here: http://userscripts.org/scripts/show/38736

Tip: You must have Greasemonkey Firefox Addon in order to install the script.After that just visit a megaupload.com download page and the captcha will be filled in automatically and the Download button “pressed”(explanation for noobs).

Get it while it still works 😳

LE: How it works – http://ejohn.org/blog/ocr-and-neural-nets-in-javascript/

Tagged with: