The Commission on the Theft of American Intellectual Property is regarded by the entertainment industry as an independent and bipartisan initiative of leading US representatives from the private sector, public service in national security and foreign affairs, academe, and politics. Apparently, all of those representatives just happen to be very interested in peer-to-peer piracy.
The group has recently prepared an 84 page report saying that it expects Congress to legalize the use of malware in order to punish those users who are suspected of being copying illegally. The content industry wants to develop software that would be then loaded on PCs. The software in question should somehow detect if the user is pirating, and lock up their machine until the person confesses a crime to the police. Actually, this might be a good suggestion, because there is already a working model. The only problem is that it is used by Russian organized crime and deploys ransomware.
As you can see, it seems like after having run out of ideas, in order to fix their business model, the entertainment industry keeps looking to dictators and criminals. Then, more details on the scheme make it amusing reading. For example, they can design software which would only allow authorized users to open the files that contain valuable data. In case an unauthorized user accesses the data in question, the file could be rendered inaccessible and the unauthorized person’s PC could be locked down. The software will also provide the instructions about how to contact the police to receive the password the user needs to unlock the account.
It looks really weird that the entertainment industry is asking the American government (which is at the moment failing to cope with malware on its own infrastructure) for the right to use the same sort of techniques to protect its outdated business model. The industry experts believe that the American government is not that dumb. Moreover, the very fact that such ideas are suggested by the content industry demonstrates how little its representatives really care, or know about online security. Hopefully, ordinary citizens won’t be attacked by trojan horses guided by the movie and music studios in the near future.
Thursday, June 13, 2013
Wednesday, June 12, 2013
US Accused Iran Of Hacking Energy Companies
It seems that Iran is trying to prove it can be almost as menacing as China. The country has apparently hacked a number of the American energy companies. Press reports reveal that the hackers managed to access control system software in a number of oil, gas and power corporations. In response, the US officials went as far as to compare the attacks to cyber reconnaissance missions. The American authorities believe that the small scale attacks could be used to find the way to disrupt services later. In other words, in case of war, it is alleged that Iran would be able to target American infrastructure.
Security experts point out that in theory, attacks on control systems may also inflict crippling physical damage. For example, this may happen if the attack turns off safety features, like automatic lubrication of generators and other essential equipment.
Actually, this isn’t the first time the United States has accused Iran of hacker attacks. Earlier, Iran has allegedly targeted American banks with massive DDoS attacks. In addition, the country is said to be aggressively expanding its cyber warfare capabilities. It seems that Iran started taking cyber warfare more seriously after the country was struck by the Stuxnet virus.
Security experts point out that in theory, attacks on control systems may also inflict crippling physical damage. For example, this may happen if the attack turns off safety features, like automatic lubrication of generators and other essential equipment.
Actually, this isn’t the first time the United States has accused Iran of hacker attacks. Earlier, Iran has allegedly targeted American banks with massive DDoS attacks. In addition, the country is said to be aggressively expanding its cyber warfare capabilities. It seems that Iran started taking cyber warfare more seriously after the country was struck by the Stuxnet virus.
Tuesday, June 11, 2013
Android Malware Forwards Your Messages To Russia
It turned out that the latest malware designed for Android will forward copies of your SMS to Russian criminals. It might appear very interesting for a Russian criminal to find out that you want pizza for dinner or that you cannot speak right now because of the important meeting, but it seems unclear what the hackers hope to achieve with a huge database of useless information.
Anyway, security companies call to admire the coding and tremble with fear at its results. The matter is that once installed, the malware can be used to steal sensitive messages for, say, blackmailing purposes. Worse still, the criminals can learn codes sent to your phone by banks to confirm online banking transactions. The only problem is that the crook would have to install the malware on a specific cell phone manually. This, as you can understand, is not the most efficient way of spreading trojans. Even after doing so, the hackers will then have to sort out the message they are looking for from a huge database created from everyone who had the virus on board.
In the meanwhile, the experts of the Russian security company Doctor Web dubbed the malware in question "Android.Pincer.2.origin". Upon running the trojan, the user will see a fake notification about the certificate's successful installation. However, after that the malware won’t perform any noticeable activities for a while. The security experts found out that the hackers can then send following instructions to the malware – for example, turn it on and off. In addition, the virus can change servers in case the current one is shut down.
Anyway, security companies call to admire the coding and tremble with fear at its results. The matter is that once installed, the malware can be used to steal sensitive messages for, say, blackmailing purposes. Worse still, the criminals can learn codes sent to your phone by banks to confirm online banking transactions. The only problem is that the crook would have to install the malware on a specific cell phone manually. This, as you can understand, is not the most efficient way of spreading trojans. Even after doing so, the hackers will then have to sort out the message they are looking for from a huge database created from everyone who had the virus on board.
In the meanwhile, the experts of the Russian security company Doctor Web dubbed the malware in question "Android.Pincer.2.origin". Upon running the trojan, the user will see a fake notification about the certificate's successful installation. However, after that the malware won’t perform any noticeable activities for a while. The security experts found out that the hackers can then send following instructions to the malware – for example, turn it on and off. In addition, the virus can change servers in case the current one is shut down.
Friday, June 7, 2013
Large-Scale Analysis on Digital Piracy
Large-Scale Analysis on Digital Piracy
The latest report on sharing computer games through BitTorrent’s networks revealed a number of interesting aspects of the digital piracy problem. The unauthorized sharing of digital material (via P2P technology) has led to heated debates and media headlines. While one side is claiming that Internet piracy kills American jobs and deprives content industry of billions of dollars in revenue, the other one stands for freedom of speech and online freedom.
The latest report is focused on game piracy and used open methodologies to collect information which covered a 3-month period in 2010 and 172 games. The interesting fact is that the results tore down all the myths surrounding Internet piracy. For instance, “shooter” games aren’t the most pirated ones – instead, children’s and family games are. In addition, the report points out that the real figure of unauthorized copies which are being accessed via P2P networks is lower than the entertainment industry claims to be.
It turned out that 12.6 million unique peers from over 250 countries/areas shared pirated games. In the meanwhile, of the 173 sampled games, the 10 top popular titles drove over 40% of unique peers on BitTorrent, and 20 of the countries made up over 3/4 of the total file-sharing activity.
Overall, over 500,000 unique peers from all over the world sharing the most popular games titles through P2P were acknowledged in the research. The most dedicated peers were from the following countries: Ukraine, Poland, Romania, Croatia, Greece, Italy, Armenia, Serbia, and Portugal. In addition, mass-media’s positive game reviews attract the most attention on file-sharing networks.
Anders Drachen and Robert Veitch, the researchers from Denmark, explained that first and foremost, BitTorrent game piracy was extraordinarily prevalent and geographically distributed – at least within the period covered by the research. Nevertheless, the numbers in their investigation proved that previously reported scale of game piracy was far too high. Moreover, the researchers point out that some common myths were also wrong, like it was with the belief that it was only shooters that got pirated – instead, the researchers saw a lot of activity for children’s and family games on file-sharing networks within the investigated period.
It turned out that 12.6 million unique peers from over 250 countries/areas shared pirated games. In the meanwhile, of the 173 sampled games, the 10 top popular titles drove over 40% of unique peers on BitTorrent, and 20 of the countries made up over 3/4 of the total file-sharing activity.
Overall, over 500,000 unique peers from all over the world sharing the most popular games titles through P2P were acknowledged in the research. The most dedicated peers were from the following countries: Ukraine, Poland, Romania, Croatia, Greece, Italy, Armenia, Serbia, and Portugal. In addition, mass-media’s positive game reviews attract the most attention on file-sharing networks.
Anders Drachen and Robert Veitch, the researchers from Denmark, explained that first and foremost, BitTorrent game piracy was extraordinarily prevalent and geographically distributed – at least within the period covered by the research. Nevertheless, the numbers in their investigation proved that previously reported scale of game piracy was far too high. Moreover, the researchers point out that some common myths were also wrong, like it was with the belief that it was only shooters that got pirated – instead, the researchers saw a lot of activity for children’s and family games on file-sharing networks within the investigated period.
Thursday, June 6, 2013
US Authorities Targeted BitCoin Exchange Service
The Department of Homeland Security seized assets from Mt. Gox Dwolla account a few days ago and accused it of violating money transfer regulations. As everyone knows, BitCoin is growing rapidly today, and some companies invest thousands of dollars on the venture. One of the largest BitCoin exchange services was the Japanese startup Mt. Gox. It allowed people to convert US dollars to BitCoins and vice versa, with their most popular service being Dwolla – an electronic wallet providing real time transfers between people and businesses.
A few days ago the US authorities have seized all of the assets in the Mt. Gox Dwolla account for infringing money transfer regulations. Dwolla had nothing else to do but to acquiesce to the request. The problem is that as a currency exchange service, Mt. Gox set up a Wells Fargo business account for Mutum Sigillum LLC and was asked to complete a document stating whether the company planned to provide money services. The authorities point out that the document listed Mutum Sigillum LLC as a company which didn’t engage in money services. Indeed, the business answered “no” to those important questions: “Do you deal in or exchange currency for your customer?” and “Does your business accept funds from customers and send the funds based on customers’ instructions (Money Transmitter)?”
Moreover, in order to limit fraudulent activity, the company also needed to register with FinCEN like any money services in the United States. For people who use the exchange service, this move will only affect BitCoin traders using Dwolla to fund their trades. In the meanwhile, other traders in the United States may still use bank wires to send and receive money from Mt. Gox trades. Those traders with Dwolla accounts won’t be affected, only their ability to transfer directly to the company with Dwolla will. Finally, all these limitations only apply to the traders from the United States.
Industry experts point out that for those that have utilized Dwolla, there was still a lot of other BitCoin options, including BitInstant. The latter allow people to make deposits by cash. In the meanwhile, BitInstant still accepts Dwolla and is able to make transfer to different exchange services.
A few days ago the US authorities have seized all of the assets in the Mt. Gox Dwolla account for infringing money transfer regulations. Dwolla had nothing else to do but to acquiesce to the request. The problem is that as a currency exchange service, Mt. Gox set up a Wells Fargo business account for Mutum Sigillum LLC and was asked to complete a document stating whether the company planned to provide money services. The authorities point out that the document listed Mutum Sigillum LLC as a company which didn’t engage in money services. Indeed, the business answered “no” to those important questions: “Do you deal in or exchange currency for your customer?” and “Does your business accept funds from customers and send the funds based on customers’ instructions (Money Transmitter)?”
Moreover, in order to limit fraudulent activity, the company also needed to register with FinCEN like any money services in the United States. For people who use the exchange service, this move will only affect BitCoin traders using Dwolla to fund their trades. In the meanwhile, other traders in the United States may still use bank wires to send and receive money from Mt. Gox trades. Those traders with Dwolla accounts won’t be affected, only their ability to transfer directly to the company with Dwolla will. Finally, all these limitations only apply to the traders from the United States.
Industry experts point out that for those that have utilized Dwolla, there was still a lot of other BitCoin options, including BitInstant. The latter allow people to make deposits by cash. In the meanwhile, BitInstant still accepts Dwolla and is able to make transfer to different exchange services.
Wednesday, June 5, 2013
Google Deployed Person Finder after Boston Explosions
Just like after Japan and New Zealand earthquakes, the search giant has deployed its Person Finder tool in the aftermath of the Boston marathon bombings. The instrument called Person Finder combines available records allowing to track down your close ones in the wake of disaster, and now Google decided people need it again.
The tool dubbed Person Finder was first deployed in response to the Haiti earthquake three years ago. It was also available for Japan’s 2011 tsunami, as well as the Christchurch – New Zealand earthquake.
All gathered data becomes publicly available. The company explains that it cannot and does not verify the accuracy of the collated data. However, it provides room for status updates which may contain information saying whether people have been confirmed alive and well. There is also a space for notes on each page you may use to leave your tips. The service allows to search for people’s names or parts of their names. Person Finder will bring up search results including their status. For instance, the search for “Mary” would result in a list of people with that name and updates to each of them like “someone has received information that this person is alive”.
The webmasters are free to embed the Google’s tool into their websites, and the web developers are encouraged to help improve this open source initiative of the search giant. Google revealed that after a limited time Person Finder won’t be publicly available, in order to assuage privacy concerns. The tool is known as a part of the company’s Crisis Response department.
The tool dubbed Person Finder was first deployed in response to the Haiti earthquake three years ago. It was also available for Japan’s 2011 tsunami, as well as the Christchurch – New Zealand earthquake.
All gathered data becomes publicly available. The company explains that it cannot and does not verify the accuracy of the collated data. However, it provides room for status updates which may contain information saying whether people have been confirmed alive and well. There is also a space for notes on each page you may use to leave your tips. The service allows to search for people’s names or parts of their names. Person Finder will bring up search results including their status. For instance, the search for “Mary” would result in a list of people with that name and updates to each of them like “someone has received information that this person is alive”.
The webmasters are free to embed the Google’s tool into their websites, and the web developers are encouraged to help improve this open source initiative of the search giant. Google revealed that after a limited time Person Finder won’t be publicly available, in order to assuage privacy concerns. The tool is known as a part of the company’s Crisis Response department.
7 Hackers & A Great Bank Robbery
The US prosecutors announced that a cybercrime ring managed to steal $45 million from a couple of Middle Eastern banks in one of the largest bank robberies ever. The group coped with hacking into credit card processing companies and withdrawing money from ATMs in more than two dozen countries.
8 individuals were alleged to form the NY-based cell of the group, 7 of which are already in custody, while the 8th, allegedly a leader of the gang, was reported to have been murdered in the Dominican Republic this past April.
According to the prosecutors, the ringleaders were outside the US, but the investigation is still continuing. Anyway, it seems that the crooks somehow managed to do some serious damage in short time. For instance, during one of the 10-hours attacks, they raided $40 million from ATMs in two dozen countries through 36,000 transactions.
It turned out that the cybercrime group used laptops and the worldwide web instead of guns and masks. The outfit managed to work its way from the computer systems of large companies to the streets of New York City. Thus, you can see how cybercrime poses a huge threat to the international banks and how tech-savvy criminal gangs are now.
So, within the last 5 months, the collective hacked into the computers of a couple of credit card processors – one in India and the other in the US. They then increased the available balance and withdrawal limits on prepaid MasterCard debit cards issued by banks of Oman and the United Arab Emirates. Finally, they distributed counterfeit debit cards to their people across the globe, enabling them to extract millions of dollars out of ATMs in a matter of hours.
In the meanwhile, MasterCard announced that it did cooperate with law enforcement in the investigation but its systems weren’t involved or compromised. Experts believe that the robbers targeted Middle Eastern banks because those usually allow people putting larger sums on cards. In addition, they don’t monitor them as closely as other banks. Although it was only a matter of time before the Eastern banks were considered an easy target for cyber criminals, security experts remind that the attack mirrored a similar case four years ago, which targeted the prepaid debit-card unit of Royal Bank of Scotland. In the time, the bank lost over $9 million in just 12 hours.
8 individuals were alleged to form the NY-based cell of the group, 7 of which are already in custody, while the 8th, allegedly a leader of the gang, was reported to have been murdered in the Dominican Republic this past April.
According to the prosecutors, the ringleaders were outside the US, but the investigation is still continuing. Anyway, it seems that the crooks somehow managed to do some serious damage in short time. For instance, during one of the 10-hours attacks, they raided $40 million from ATMs in two dozen countries through 36,000 transactions.
It turned out that the cybercrime group used laptops and the worldwide web instead of guns and masks. The outfit managed to work its way from the computer systems of large companies to the streets of New York City. Thus, you can see how cybercrime poses a huge threat to the international banks and how tech-savvy criminal gangs are now.
So, within the last 5 months, the collective hacked into the computers of a couple of credit card processors – one in India and the other in the US. They then increased the available balance and withdrawal limits on prepaid MasterCard debit cards issued by banks of Oman and the United Arab Emirates. Finally, they distributed counterfeit debit cards to their people across the globe, enabling them to extract millions of dollars out of ATMs in a matter of hours.
In the meanwhile, MasterCard announced that it did cooperate with law enforcement in the investigation but its systems weren’t involved or compromised. Experts believe that the robbers targeted Middle Eastern banks because those usually allow people putting larger sums on cards. In addition, they don’t monitor them as closely as other banks. Although it was only a matter of time before the Eastern banks were considered an easy target for cyber criminals, security experts remind that the attack mirrored a similar case four years ago, which targeted the prepaid debit-card unit of Royal Bank of Scotland. In the time, the bank lost over $9 million in just 12 hours.
Subscribe to:
Posts (Atom)