Founder of ‘revenge porn’ website held for hacking

The founder of a so-called ‘revenge porn website’ has been arrested and charged by the FBI for allegedly hacking into email accounts and stealing nude photographs to post them online without consent.

Hunter Moore, 27, often described as ‘the most hated man on the internet’, was arrested at his home in Woodland, California. A second man, Charles Evens, 25, was also arrested in the Studio City area of Los Angeles. They face charges including conspiracy, computer hacking and aggravated identity theft as part of a 15-count federal grand jury indictment issued this week.

Evens pleaded not guilty before a federal judge. Moore did not enter a plea and remains in custody in Northern California. If found guilty, they could spend decades behind bars.

According to the 13-page indictment, Moore allegedly conspired with Evens to illegally gain access to victims’ computers to obtain explicit photographs for the purpose of revenge. Moore instructed Evens to hack e-mail accounts in exchange for money.

From 2010 to 2012, Moore ran a revenge porn website IsAnyoneUp.com, which allowed visitors to upload pictures of ex-partners or people who have participated in ‘sexting’ and sent nude pictures of themselves.

In an interview with the BBC, Moore said he made as much as $20,000 a month in advertising revenue. Moore sold IsAnyoneUp in 2012 to an anti-bullying organisation.

“I just monetise people’s mistakes that they made, and it’s kind of a shady business, ” he said at the time.” But if it wasn’t me, somebody else was going to do it.”

His arrest comes shortly after a new California law banned revenge porn websites, making it illegal to post identifiable nude pictures online without consent or with the intent of causing emotional distress. The penalty carries a $1,000 (£617) fine and up to six months in prison.

About these ads

Russia hacked hundreds of Western, Asian companies: security firm

A U.S. cybersecurity firm says it has gathered evidence that the Russian government spied on hundreds of American, European and Asian companies, the first time Moscow has been linked to cyber attacks for alleged economic – rather than political – gains.

According to the firm, CrowdStrike, the victims of the previously unreported cyber espionage campaign include energy and technology firms, some of which have lost valuable intellectual property.

CrowdStrike declined to go into detail about those losses or to name any victims, citing confidentiality agreements related to its investigation.

Officials with the Russian Interior Ministry could not be reached for comment early on Wednesday in Moscow.

“These attacks appear to have been motivated by the Russian government’s interest in helping its industry maintain competitiveness in key areas of national importance,” Dmitri Alperovitch, chief technology officer of CrowdStrike, told Reuters on Tuesday evening.

Cybersecurity researchers have in the past said that China’s government was behind cyber espionage campaigns against various corporations dating back as far as 2005, but China has vehemently denied those allegations. Alperovitch said this is the first time the Russian government has been linked to cyber intrusions on companies.

Governments have been using computer networks to spy on each other for more than 30 years in the type of surveillance programs conducted by virtually every nation, according to CrowdStrike. It is only in the past decade that some nations have started using cyber espionage as a platform for gaining data to help promote their national economic interests, according to Alperovitch.

CrowdStrike has been following the activities of the Russian group of hackers, which it dubbed “Energetic Bear,” for two years. The firm believes the Russian government is behind the campaign because of technical indicators, as well as analysis of the targets chosen and the data stolen, according to Alperovitch.

“We are very confident about this,” he said. Victims include European energy companies, defense contractors, technology companies and government agencies, according to the CrowdStrike report.

Manufacturing and construction firms in the United States, Europe and Middle East as well as U.S. healthcare providers were also cited as targets in the report that was posted on the web early on Wednesday morning, here

CrowdStrike described the activities of the Energetic Bear hackers in its annual cyber threat report, released on Wednesday. It also documented attacks by hacking groups in China and Iran and described the activities of the activist Syrian Electronic Army.

Alperovitch, who is of Russian ethnic origin and now lives in the Washington, D.C., area, is an expert on cyber espionage who rose to prominence while working for McAfee Inc. While there he managed a team of researchers who produced a landmark January 2010 report that described how Chinese hackers had launched an unprecedented series of attacks known as “Operation Aurora” on Google Inc and dozens of other companies.

In 2012, he co-founded CrowdStrike, which collects intelligence about the activities of hacking groups around the world and sells software to thwart such attacks.

He told Reuters that the data his firm has obtained about Energetic Bear suggests that authorities in Moscow have decided to start using cyber espionage to promote Russia’s national economic interests.

“They are copying the Chinese play book,” he said. “Cyber espionage is very lucrative for economic benefit to a nation.”

Source : Reuters

Dalai Lama’s China website hacked, infects others: Kaspersky

The Chinese-language website of the Tibetan government-in-exile, whose spiritual head is the Dalai Lama, has been hacked and infected with viruses.

Experts at computer security company Kaspersky Lab warned that the Central Tibetan Administration (CTA) site had been compromised.

It is believed the malicious software could be used to spy on visitors.

Technical evidence suggests the hackers carried out previous cyber-attacks on human rights groups in Asia.

Dalai Lama's Chinese website hacked and infected

Dalai Lama’s Chinese website hacked and infected

Tibet.net is the official website of the CTA, which is based in Dharamshala, northern India.

The organisation’s spiritual leader is the 14th Dalai Lama, who fled Tibet in 1959 after a failed anti-Chinese uprising, and set up a government-in-exile. China considers the Dalai Lama a separatist threat.

Constant threat

Kaspersky says the CTA website has been under constant attack from the same group of hackers since 2011, but previous breaches have been quietly identified and repaired before attracting significant attention.

Other Tibetan organisations, such as the International Campaign for Tibet, have also been targeted.

Kaspersky Lab researcher Kurt Baumgartner says the hackers used a method known as a “watering-hole attack”.

A security bug in Oracle’s Java software might have been exploited, giving hackers a “back door” into browsers’ computers.

“This is the initial foothold,” Mr Baumgartner said. “From there they can download arbitrary files and execute them on the system.”

Kaspersky’s education manager Ram Herkanaidu said the discovery of the attack came after an “email account of a prominent Tibetan activist was hacked“.

Mr Herkanaidu added: “The likely actors behind the sustained campaign against Tibetan sites are Chinese speaking, as in many cases we have seen log files written in Chinese.”

Pirate Bay co-founder charged with alleged hacking and fraud

After sitting in Swedish prison for months following a high-profile arrest and extradition from Cambodia, Gottfrid Svartholm Warg is expected to go to trial in May

The co founder of Pirate Bay Gottfrid Svartholm Warg was charged with having hacked into many Swedish corporations and has been accused of pilfering personal data as well. He has been indicted of hacking into the IBM mainframe system of Logica, which is an Income Tax consultancy firm in Sweden known for providing services to the Swedish government. Moreover, he also faces allegations of trespassing into many other agencies also and of trying to illegally transfer money from a local bank, according to the prosecutor appointed by the Swedish government. Warg, who is already been in Swedish prison for more than six months, is getting into more trouble it seems and his problems are far from ending.

Pirate Bay co-founder charged with alleged hacking and fraud

Pirate Bay co-founder charged with alleged hacking and fraud

Henrik Olin, the public prosecutor, said in an interview to a leading Swedish daily that “A large amount of data from companies and agencies was taken during the hack, including a large amount of personal data, such as personal identity numbers (personnummer) of people with protected identities,” and he commented that “I’d say that Svartholm Warg is the main person and brains behind the hacker attack.”

Gottfrid has been indicted together with three other co defendants, so that brings the total to four people. The four defendants have been charged with charges of serious fraud, attempted fraud, and abetting attempted fraud. Gottfrid himself has been charged on three counts of computer hacking, a case of serious fraud, and another one of attempted aggravated fraud, according to the Swedish news site.

The first count of hacking on the Pirate bay founder corresponds to illegally using the username and password of another person to conduct search on Infotorg, which is a database of private companies, individuals, and properties etc. The second count is the one related to Logica, the IT firm which caters to Swedish government which was attacked in the March of 2012, during which more than personal details of more than 10,000 people were leaked to the public and these two charges are from sometime between 2010 and 2012.

The final charge is for gaining unauthorized access into the machines of Nordic bank Nordea and attempting to conduct and unlawful transaction of transferring money to some other banks, which have been alleged to amount to up to 5.7 million  Swedish kronor, though actually only 27,000 kronor was found to have been transferred.

Gottfrid who is already in prison after he was extradited from Cambodia in September 2012 after he was sentenced for his role in the 2009 leak of copyrighted content on the internet was sentenced heavily initially but later the jail time was reduced by the court in lieu for an increased  fine.

The court has scheduled the hearing of the case during the month of May this year. While Gottfrid’s lawyer has abstained from making any comment, the other co founder of Pirate bay Peter Sunde said that   “I’m not saying that Gottfrid is innocent (or guilty). But I’m seriously questioning the charges.”

Well, the fate of Gottfrid and the extent of his legal troubles will be revealed only at the time of court ruling.

WordPress site under serious botnet attack

Mass WordPress Attacks Spread, Brute-Forcing Admin Passwords

WordPress, the foremost site which serves as the centre of the blogging world, and is home to more than 64 million blogs has been attacked in a widespread attack by cyber miscreants. The cyber criminals have used brute force attacks to target the blogging site by constructing a ten thousand computers strong botnet, which has got many people worried. The attacks have been going on since the last week when WordPress decided to up the level of security measures on their site.

Wordpress site attacked by cybercriminals

WordPress site attacked by cybercriminals

The attacks were spotted by CloudFlare and Hostgator, two web optimization firms who also specialize in cyber security and they concluded that the attacks had been on for some time now and that a massive botnet was being used to perpetrate the attacks. Moreover, the culprits are also attacking other similar sites such as Joomla.

The attackers are using the conventional brute force, just on a bigger scale this time. They are trying to target usernames such as ‘admin’ while using thousands of various passwords to gain access to user accounts. CloudFare said in its blog that, “The attacker is brute-force attacking the WordPress administrative portals, using the username ‘admin’ and trying thousands of passwords,” and that “It appears a botnet is being used to launch the attack and more than tens of thousands of unique IP addresses have been recorded attempting to hack WordPress installs.”

This means that the millions of users are at risk of having their accounts hacked and accessed.  About this development, the founder of WordPress Matt Mullenweg said that “Here’s what I would recommend: If you still use ‘admin’ as a username on your blog, change it, use a strong password,”

He further added that, “Most other advice isn’t great – supposedly this botnet has more than 90,000 IP addresses, so an IP-limiting or login-throttling plugin isn’t going to be great (they could try from a different IP [address] a second for 24 hours),”

The method the attackers have used to hack into the WordPress systems is not unique in any way. Experts refer to  such attacks in which a botnet attempts to access accounts by punching in random passwords as a dictionary attacks

However, the fact that is baffling most people is the choice of WordPress as a target, as it seems an unlikely one. But the experts are of the opinion that the actual aim of this attack could be nothing ordinarily seen but it could be to amass a botnet of a much stronger proportions.

Matthew Prince, CEO of CloudFare, has suggested that , “One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much large botnet of beefy servers in preparation for a future attack,” wrote Matthew Prince, CEO of CloudFare.

“These larger machines can cause much more damage in DDoS [Distributed Denial of Service] attacks because the servers have large network connections and are capable of generating significant amounts of traffic.”

Well, all WordPress users must immediately switch to passwords of higher strengths so as to stay clear of this imminent threat while the experts tackle with the situation.

Perth gamer caught in cyber crime raid

A PERTH man’s house has been raided by police after he allegedly tried to sell a prototype of Microsoft’s new Xbox gaming console on the internet.

The house of a person living in Perth was raided by the local police on grounds that he was trying to auction off the development kit of the upcoming next-generation gaming console in the Microsoft Xbox series on the online auctioning site eBay. The new Xbox console, codenamed Durango is due to be launched by Christmas this year. The person is a teenager, referred to as SuperDae whose real name is Dan ‘Dylan’ Henry, who had his house raided on February 19th after the police furnished a search warrant and apprehended him as he attempted the sale of the prototype of the to be launched Durango console. Moreover, the Federal Bureau of Investigation was also involved in the raid and confiscation of items and is charging him with international corporate espionage.

The raid was carried out a few months after the teenager discussed about the upcoming console on his Twitter account which happens to be quite popular and which he auctioned the development kit on eBay. A spokesperson for the West Australian police did mention that  ‘Technology Crime Investigation unit is currently conducting a multi-jurisdictional investigation into computer-related offences,’ and that ‘A search warrant was conducted Tuesday the 19th of February 2013 in relation to this investigation where items were seized.’ However the spokesperson did not make any comment on the involvement of FBI in the relevant raid. During the raid, items the police confiscated include computers, Blackberry, VISA cards, and banking records etc.

SuperDaE did tweet about the raid in his house tweeting ‘police raided me’ and said that ‘an FBI agent and 7-8 police in your house and also that , ‘I don’t even have bank cards to buy or pay for a lawyer or a phone,’.  He even published the police search warrant online and said that the mention of Microsoft, PayPal and eBay was funny. Microsoft, in the meanwhile has denied allegations that they were behind sponsoring the raid in any manner and they have nothing to do with all this, “Microsoft did not initiate this FBI investigation with this individual, as has been asserted in some of the articles in the media,” and that “We take security very seriously and have no evidence of any compromise of our corporate network. We have no further comment on this matter.”  However, the truth in this statement is disputed as is the involvement of the FBI.

All this controversy and hype surrounding the case has made people curious about this man and who he is actually. Well, SuperDae is an active and persistent video game hacker who has a record of infiltrating giant video game companies such as Epic, Blizzard and Sony and claimed to have obtained versions of games which were yet to be released. Moreover, he also claimed that he did not commit any hack for any personal gain or commercial profit but just as a curious hacker who wanted to expose security fallacies even thinking of himself as a cyber security consultant. Whether he is just a curious teenager caught in the act, or a cyber criminal will be clear only after further investigation.