Hackers from the notorious group “Anonymous Operations” claim to have taken down the United States Central Intelligence Agency’s website shortly after 3:00 p.m. EST on Friday. “CIA TANGO DOWN: cia.gov,” a member of Anonymous posted to one of the group’s Twitter accounts. Anonymous’s motivation for this most recent cyberattack on the CIA is unclear, but this high-profile hit could be one of the group’s most significant attacks yet. As of the time of this writing, cia.gov was still offline.

Read

A group of hackers demanded that Symantec pay $50,000 to prevent it from releasing stolen source code for several of the firm’s software titles. Symantec reportedly confirmed that it was cooperating with a sting operation while communicating via email with a group of hackers claiming ties to notorious hacktivist group “Anonymous.” Those ties have not been confirmed. The email conversation was posted to Pastebin on Monday, and a Symantec representative confirmed to CNET that the emails were authentic. Read on for more.

A person identifying him or herself as Yamatough contacted Symantec in January and claimed to be in possession of the company’s proprietary source code for its Norton Antivirus and PCAnywhere software. The hacker provided code samples to prove possession of the code in question, and then demanded a payment of $50,000 to prevent the release of Symantec’s code. Conflicting reports suggest Symantec’s initial actions were not part of a sting, however, and the firm attempted to offer a bribe to the hackers in order to prevent them from releasing the company’s source code.

“In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession,” a Symantec spokesperson told CNET in a statement. “Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide.”

Negotiations between Symantec and the hacker reportedly broke down however, culminating with an email on Monday that threatened to release the company’s source code if Symantec didn’t deliver funds within 10 minutes. ”Since no code yet being released and our email communication wasnt also released we give you 10 minutes to decide which way you go,” Yamatough wrote. ”After that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar) 10 minutes if no reply from you we consider it a START this time we’ve made mirrors so it will be hard for you to get rid of it.”

The Symatec employee who had been the point of contact with the hacker made an attempt to delay the code’s release, replying with, “We can’t make a decision in ten minutes. We need more time.” Yamatough was apparently unwilling to afford the company more time, however, as a 1.2GB file titled ”Symantec’s pcAnywhere Leaked Source Code” was posted to the Pirate Bay Monday evening. Symantec has not yet confirmed whether or not the code within the file is authentic.

Read

Over the past week, notorious hacker group Anonymous has launched numerous DDoS attacks that disrupted service to a number of popular websites. The global hacker collective recently took down websites belonging to the Department of Justice, Universal Music, the Record Industry Association of America and the Motion Picture Association of America to protest SOPA, PIPA and the takedown of Megaupload. According to a new video posted on Monday, Anonymous now aims to take down Facebook. It in unclear as to why Facebook is the group’s new target; while the video mentions SOPA as part of its reason for the attack, Facebook openly opposed the controversial bill. In the past, Anonymous has listed potential targets as the United Nations, Xbox Live, U.S. Bank, Twitter and YouTube.

[Via BusinessInsider]

Zappos on Sunday confirmed that hackers breached the company’s servers and accessed personal data belonging to many of its customers. The Amazon-owned shoe retailer known for top-notch service and surprising customers with express shipping at no extra cost confirmed that personal data from 24 million accounts was accessed during a recent security breach. The hackers gained access to range of sensitive data including user names, encrypted passwords, customer names, email addresses, phone numbers and the last four digits of credit card numbers. The company stated that full credit card numbers were not compromised. As a security measure, Zappos reset the passwords of all affected customers and sent out emails alerting them to the situation. The company’s full email to customers follows below.

First, the bad news:

We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).

THE BETTER NEWS:

The database that stores your critical credit card and other payment data was NOT affected or accessed.

SECURITY PRECAUTIONS:

For your protection and to prevent unauthorized access, we have expired and reset your password so you can create a new password. Please follow the instructions below to create a new password.

We also recommend that you change your password on any other web site where you use the same or a similar password. As always, please remember that Zappos.com will never ask you for personal or account information in an e-mail. Please exercise caution if you receive any emails or phone calls that ask for personal information or direct you to a web site where you are asked to provide personal information.

PLEASE CREATE A NEW PASSWORD:

We have expired and reset your password so you can create a new password. Please create a new password by visiting Zappos.com and clicking on the “Create a New Password” link in the upper right corner of the web site and follow the steps from there.

We sincerely apologize for any inconvenience this may cause. If you have any additional questions about this process, please email us at passwordchange@zappos.com.

The Carrier IQ scandal has shifted attention from malicious mobile threats to carrier-sourced spyware over the past month, but a new report suggests the threat of more serious mobile malware continues to intensify. More than $1 million was stolen from Android smartphones alone in 2011 according to Lookout Mobile Security, which pulled data from more than a million apps and 15 million handsets around the world to compile its 2012 Mobile Threat Predictions report. The likelihood of an Android user encountering malware grew from 1% to 4% in 2011, and Lookout expects the trend to continue in 2012. Read on for more.

“2011 was a watershed year in terms of the types threats we saw emerging,” Lookout co-founder and CTO Kevin Mahaffey said in a statement. “Threats had greater sophistication and were deployed using more innovative and efficient distribution methods. In 2012, we expect to see the mobile malware business turn profitable. What took 15 years on the PC platform has only taken the mobile ecosystem two years.”

The firm highlights mobile pickpocketing — malware that steals money by making unauthorized use of carrier billing features — mobile botnets and browser attacks as specific threats that will intensify in 2012. Android users in particular now have a 36% chance globally of clicking an unsafe link, and those odds increase to 40% in the U.S. according to Lookout. The firm’s full press release follows below.

Lookout Unveils 2012 Mobile Threat Predictions: Mobile Pickpocketing, Botnets and Automated Repacking Will Be On the Rise

More than $1 Million Stolen from Android Users in 2011; Likelihood of Annual Malware Infection Rises to 4%

San Francisco – December 14, 2011 – Lookout Mobile Security, the global leader in mobile security, today unveiled its 2012 Mobile Malware Predictions, based on data collected from its Mobile Threat Network, which includes more than one million apps and 15 million user devices worldwide. Mobile threats are on the rise – Lookout estimates that mobile threats successfully stole more than one million dollars from Android users in 2011. In 2012, Lookout predicts that the criminal business of malware will be more profitable than ever before as the possibility of monetizing mobile devices grows and the cost of infecting devices lessens.

In the report, Lookout reveals that the annual likelihood of an Android user encountering malware today has increased to 4% up from a 1% likelihood measured at the beginning of 2011. Web-based mobile threats are also an important component of Lookout’s research, and the company found Android users worldwide have a 36% chance of clicking on an unsafe link in 2011. In the United States, the likelihood of encountering an unsafe link is higher than the global average at 40%. Additionally in the report, Lookout anticipates the methods that would-be thieves will use to target mobile users directly and discusses tips for consumers to protect themselves.

“2011 was a watershed year in terms of the types threats we saw emerging. Threats had greater sophistication and were deployed using more innovative and efficient distribution methods,” said Kevin Mahaffey, co-founder and chief technology officer at Lookout. “In 2012, we expect to see the mobile malware business turn profitable. What took 15 years on the PC platform has only taken the mobile ecosystem two years.”

Mobile Malware Monetization Trends

Mobile Pickpocketing (SMS/call fraud). In 2012, Malware writers will continue to steal money directly from consumers by accessing their mobile devices’ ability to charge phone bills via SMS billing and phone calls. Earlier this year, Lookout identified GGTracker, the first mobile malware that steals money from users in the U.S and earlier this week Lookout identified another Android Trojan, RuFraud, targeting Eastern European users.

Botnets. To date, Lookout notes botnet networks have yet to be used at scale. In 2012, Lookout anticipates malware writers could secretly integrate thousands of mobile devices into extensive botnet-like networks to distribute spam, steal private info, and install other malware. DroidDream and Geimini are examples of botnets.

Vulnerable Phones. Due to the difficulty of updating software and patching vulnerabilities on mobile phones, malware writers will continue to exploit iOS and Android OS at a pace greater than vulnerabilities can be resolved.

Mobile Malware Distribution Trends

Automated Repackaging. Malware writers will develop tools that enable the automatic repackaging of malicious applications. Lookout has seen instances where several infected apps were packaged by the same developer within a matter of seconds – quicker than someone could do manually – so the means for automated repackaging may already be in existence.

Browser Attacks. As with PC-based threats in the past, malware writers will attempt to profit via Web-based distribution like email, text messages and fraudulent websites. Even iOS devices have been targeted by websites designed to jailbreak them. In 2012, Lookout expects a continued increase in mobile phishing and messages linked to websites that automatically install malware.

Malvertising. Instances of malvertising (genuine-looking advertisements that link back to fraudulent sites) will continue to increase. Given this method has been successful with Trojans like GGTracker, we expect other malware writers to try similar distribution tactics.

For the in-depth predictions, data and accompanying graphics, please see Lookout’s Mobile Malware Predictions: http://blog.mylookout.com/blog/2011/12/12/2012-mobile-threat-predictions.

A group of developers from Applidium posted a story recently that explains how the group was able to crack Siri so that they could run the virtual assistant on any device. Basically, the group was able to get Siri to analyze voice inputs that were never spoken through an iPhone. It turns out Siri uses TCP to speak to a server at 17.174.4.4 using port 443. Applidium then logged on to a desktop computer, entered in that IP address, and realized that Apple was returning a server named “guzzoni.apple.com” and that Siri was using HTTPS as its protocol. Putting it simply, the group then created a fake guzzoni.apple.com address and tricked Siri into sending commands there instead of to Apple’s own server. Applidium discovered that Siri sends Apple a time stamp for each word spoken, as well as a reply confidence score, and described the software as “very, very chatty.” It is possible to get the software working on an Android device, or any similar gadget, but you’ll need at least one iPhone 4S identifier and some coding know-how. The hackers published a set of tools that it says can be used by anyone to create Siri-enabled applications and is encouraging fellow hackers to try the tools out and see what they can develop. “And let’s see how long it’ll take Apple to change their security scheme,” the group jested.

[Via TNW]

Read

Following a period of peace after weeks of cyberattacks launched against various Sony-run online networks, Sony has confirmed that hackers are once again targeting the company’s digital properties. The electronics giant said on Wednesday that it discovered a “large number” of sign-in attempts on its PlayStation Network, Sony Online Entertainment and Sony Entertainment Network between October 7th and the 10th. According to Sony, approximately 93,000 accounts were compromised when valid log-in details were verified during what appears to have been a brute force attack. The company says it has locked the affected accounts and that credit card data tied to the compromised accounts was not at risk.

Read

The FBI has arrested at least two alleged members of “LulzSec” and “Anonymous,” FoxNews reported on Thursday. One LulzSec hacker was arrested at a technical school in Phoenix, Arizona and is believed to have been behind the infamous attacks on Sony in late May. A second hacker was arrested in San Francisco and manhunts are ongoing in Minnesota, Montana and New Jersey according to an FBI official speaking to Fox News. 32 Anonymous hackers were detained in Turkey in June while another 16 were arrested in the United Kingdom and the United States. A 19-year old LulzSec member named Jack Davis who went by the handle “Topiary” was arrested in July and later released on bail. Anonymous and LulzSec are believed to have been behind a number of high-profile attacks against the U.S. government, Sony, Apple and other targets. Anonymous has egged on the FBI with numerous statements over the past few months and even published a public letter that stated: “Your threats to arrest us are meaningless to us as you cannot arrest an idea … there is nothing – absolutely nothing – you can possibly to do make us stop.”

Read

Two additional members of Anonymous have been charged in the United Kingdom. The hackers were identified by London’s Metropolitan Police as Christopher Jan Weatherhead (20 years old) and Ashley Rhodes (26 years old), and they were both arrested in January of this year, The Wall Street Journal said. According to London’s Metropolitan Police, Weatherhead and Rhodes are charged with “conspiracy to do an unauthorized act in relation to a computer, with intent to impair the operation of any computer or prevent or hinder access to any program or data held in a computer or to impair the operation of any such program or the reliability of such data.” Rhodes and Weatherhead are out on bail and will appear in court on September 7th. A 22-year old U.K. hacker named Peter David Gibson was also charged for the same crimes on August 22nd. In addition, Jack Davis, a.k.a. Topiary from LulzSec, was arrested and released on bail earlier this month. Anonymous and LulzSec have carried out a number of large-scale DDoS attacks against major corporations, and most recently targeted Apple.

Read

A breach of Dutch SSL certificate authority DigiNotar is reportedly much bigger than initially thought, with more than 200 digital certificates having been stolen in July by hackers who breached the company’s network. Using the stolen certificates, hackers can potentially intercept and even alter data Internet users believe to be secure and encrypted. ”About 200 certificates were generated by the attackers,” Dutch security expert Hans Van de Looy told Computerworld, citing anonymous sources. Van de Looy says certificates for mozilla.com, yahoo.com and torproject.org were among those obtained by the hackers. Mozilla’s Johnathan Nightingale, director of Firefox development, confirmed the breach on Thursday. “DigiNotar informed us that they issued fraudulent certs for addons.mozilla.org in July, and revoked them within a few days of issue,” Nightingale said in a statement. BGR reported on Wednesday that the Iranian government has allegedly been using one of the stolen certificates to spy on Gmail users, and at that time the full extent of the DigiNotar breach was unknown. The compromised certificates have all revoked by DigiNotar, but not all Web browsers check for revoked certificates so the impact of this breach will likely be ongoing for some time.

Read

Hacker groups like Anonymous and LulzSec capture the bulk of mainstream media’s attention when it comes to hackers these days, but it looks like the Iranian government may have recently pulled off an attack that trumps both hacker groups and then some. According to reports, Iranian hackers with ties to the government have managed to executive an MITM attack that compromises Google’s SSL security. An MITM attack, or Man-In-The-Middle attack, is a cyberattack that allows an attacker to covertly intercept or even modify data as it is being transmitted between two computers over the Internet. Using a certificate issued on July 10th by Dutch SSL certificate authority DigiNotar, Iranian hackers have reportedly been able to spy on communications sent via Gmail and other Google services for more than five weeks. DigiNotar revoked the compromised SSL certificate on Monday, however most browsers do not check to see if a certificate has been revoked by default. As such, Mozilla has already released an update to Firefox and Thunderbird that revokes trust for the DigiNotar certificate, and Google said it will soon release a similar update for Chrome. Apple and Microsoft have yet to address the matter publicly or state if and when we can expect updates to Safari or Internet Explorer.

Read

A 22-year old student allegedly associated with the hacking group “Anonymous” has been arrested and charged in the United Kingdom. Peter David Gibson is charged with “conspiracy to do an unauthorized act in relation to a computer, with intent to impair the operation of any computer or prevent or hinder access to any program or data held in a computer or to impair the operation of any such program or the reliability of such data,” the Metropolitan Police said in a statement Thursday. Gibson is out on bail and is scheduled to appear in court on September 7th to stand trial. It is believed that Gibson was involved on a number of Anonymous’s DDOS attacks against large corporations; the “Anonymous Operations” branch of the hacking group most recently attacked Apple. Authorities in the United States and the United Kingdom have arrested a number of hackers believed to be associated with Anonymous and a sub-group called LulzSec. LulzSec spokesperson and hacker Jack Davis, aka Topiary, was arrested earlier this month and released on bail.

[Via Bloomberg]

Read

An alleged member of the notorious hacker collective “Anonymous” has apparently outed himself and quit. The UK-based hacker, who says his real name is Matthew, operated under the pseudonym “SparkyBlaze” during his time with Anonymous. As to his reasons for leaving the group, he points mainly to LulzSec, the AntiSec movement, and Anonymous’ leadership. “When I started with Anon I thought I was helping people but over the past few months things inside anon have changed,” the hacker said in a statement posted to the Web. “I am mostly talking about AntiSec and LulzSec. They both go against what I stand for (and what anonymous says they stand for). Antisec has released gig after gig of innocent peoples information. For what? What did they do? Does anon have the right to remove the anonymity of innocent people? They are always talking about peoples right to remain anonymous so why are they removing that right?” To the Anonymous members he leaves behind, SparyBlaze adds, “You are not helping anyone.” He continues, “Think about the long run. Some thinking now can save you some large legal bills later. And yes i will be there when you get out of court to say: I told you so. There are other ways to help people, just don’t go to anon you are not hurting the governments you are hurting yourselves in the long run.” The hacker’s full statement follows below.

Ok,
So Over The Past Few Days I Have Been At A Cross road With Anonymous. Why? Because I Started To Think.
So When I Started With Anon I Thought I Was Helping People But Over The Past Few Months Things Inside Anon Have Changed. I Am Mostly Talking About AntiSec And LulzSec. They Both Go Against What I Stand For (And What Anonymous Says They Stand For). AntiSec Has Released Gig After Gig Of Innocent Peoples Information. For What? What Did They Do? Does Anon Have The Right To Remove The Anonymity Of Innocent People? They Are Always Talking About Peoples Right To Remain Anonymous So Why Are They Removing That Right?

Now I Could Talk for Hours On Why I Have Came To This Choice But I Don’t Think Anyone Would Or  Read It Or Care. So I Will Just Say Some Key Points:
They Are Removing Peoples Right To Anonymity, A Right Which They Claim To Protect And Uphold.
Sending Some Packets To A Server And Putting Info On-line Is Not Helping Or Solving Anything
Anonymous DOES Have A Leader Ship And They Don’t Give 2 Fucks About Us. Think, When Anons Were Arrested For DDoSing Paypal A While Back Was There A Mass Free Anon Operation?. Did They Put-Out Press Releases And Start Donations For Them?. No They Did One TV Interview And Fed Them To The Lions But When TopIary Was Arrested They Started #FreeTopIary We All Know He Is A “Higher Up” In Anon And They Started A Op For Him. You Think Those Donations Are Going To Topiary? Why Start A Op For Him? Well I Think It Is Because Of 2 Things:
- Press (Anon Is The Biggest Fucking Media Whore I Have Ever Seen)
- TopIary Is A Anon Who They Give A Fuck About
Now You May Think I Am Mad But All The Proof Is There. I Am Not Saying People In Anon Are All Fags, Some Thing They Are Helping. But They Have Been Tricked Into Thinking It. Truth Is Anonymous Hasn’t Brought Down Governments. The People Have. If You Was A Dictator you Wouldn’t Give a Fuck About People Taking Down Your Site. You Would Give A Fuck About The People Rioting And Wanting You Dead.
Anonymous Has Prayed On Peoples Willingness To Help Others. And Most Of Them Are Kids Who Don’t Understand What They Are Doing Can Fuck Up There Lives And The IRC Wont Help Them.
I Could Put More But I Don’t See The Point.

A Message To The Governments:
If You Hate Anon, Don’t Arrest The Kids. Arrest The Leaders. Without Them Everything Will Fall To Shit. All The Recruitment Will Stop And Then The People Will Start To Think And Understand That Anon Is Not Helping Anyone.
A Message To The Leaders Of Anon:
Fuck You Can’t Wait Till You All Get Arrested :D
And If One Anon Sees The Truth Every Week Then Your Time Is Running Out
A Message To The Anon’s:
Quit While You Still Can, You Are Not Helping Anyone And You Need To Think About The Long Run. Some Thinking Now Can Save You Some Large Legal Bills Later. And Yes I Will Be There When You Get  Out Of Court To Say: I Told You So. There Are Other Ways To Help People, Just Don’t Go To Anon You Are Not Hurting The Governments You Are Hurting Yourselves In The Long Run. And No I Am Not Saying I Agree With What The Governments Are Doing But I Also Do Not Agree With Anon.
You Cant Arrest A Idea But You Can Throw A Kid In Jail And Fuck Up Their Life.
Don’t Do The Crime If You Can’t Do The Time.

Ps:
I Am Not Saying Everything Anon Has Done Is Pointless Things Like Getting Internet To People When Governments Cut It Off I Support. I Am Just Saying Most Of It Isn’t Helping Anyone And Is Just Getting Kids Arrested.

I Would Like to Thank People Like:@th3j35t3r@sambowne@AnonTangoDown@providesecurityAnd Everyone Else Who Has Been Spreading The Truth About Anon.Thanks
SparkyBlaze

For Proof That I Am Not Trolling:
My Name Is Matthew And I Live In The UK, Manchester And No I Wont Post My Address And Phone Numbers Because I Know I Will Have Pizzas And Prank Calls To My House (That In It’s Self Is More Proof That You Are All Kids). If You Want To Know More Then By All Means Dox Me. Remove My Right To Remain Anonymous.

BlackBerry maker Research In Motion has agreed to work with London authorities as they begin their investigation into recent riots. According to some Londoners, rioters were using RIM’s BlackBerry Messenger service, along with social networks such as Twitter, to organize the attacks. “It is clear that technology is being used, including in demonstrations, to direct people and undermine the police,” London’s deputy assistant commissioner Stephen Kavanagh told Bloomberg. “It is not for us to to moan about this, but to adapt policing style and deal with it.” RIM typically prides itself on the security of its BBM service and has denied access to governments worried the chat platform could be used for planning terrorist attacks. “We feel for those impacted by the riots in London,” RIM wrote in a recent tweet. “We have engaged with the authorities to assist in any way we can.” Read on for more.

Despite RIM’s efforts, one Member of Parliament, David Lammy, has called on the Canadian company to suspend BlackBerry Messenger services while the riots continue, Reuters said. “This is one of the reasons why unsophisticated criminals are outfoxing an otherwise sophisticated police force,” Lamme tweeted. “BBM is different as it is encrypted and police can’t access it.”  Twitter isn’t giving up information as quickly. A spokesperson for the social network told Bloomberg that it would require a “subpoena or court order” before giving the police access to private user information. Read on for more on how one group of hackers is reacting to RIM’s cooperation.

A hacker group who calls themselves “Teampoison,” recently broke into RIM’s official BlackBerry blog and warned the company to stay out of the riots. In a letter, the group said:

If you do assist the police by giving them chat logs, gps locations, customer information & access to peoples BlackBerryMessengers you will regret it, we have access to your database which includes your employees information; e.g – Addresses, Names, Phone Numbers etc. – now if u assist the police, we_WILL_make this information public and pass it onto rioters.

Teampoison said it was afraid that “innocent members of the public” carrying BlackBerry smartphones “at the wrong place at the wrong time,” could be “charged for no reason at all.”

Read [Bloomberg] Read [Reuters]

In response to the arrests of LulzSec member Topiary and Anonymous PayPal hackers, members of the AntiSec initiative have infiltrated 50 police departments across the United States and stolen 10GB of data. According to a release put out by the group, which includes members from Anonymous and LulzSec, the data includes “private police emails, training files, snitch info and personal info on retaliation for Anonymous arrests.” It also includes social security numbers, address information, passwords, credit card numbers, training files and more. “We hope that not only will dropping this info demonstrate the inherently corrupt nature of law enforcement using their own words, as well as result in possibly humiliation, firings, and possible charges against several officers, but that it will also disrupt and sabotage their ability to communicate and terrorize communities,” a recent press release said. The data was stored on a single server and the hackers said it took less than 24 hours to infiltrate and copy the information. In a release posted on PostBin, the AntiSec movement called on other hackers to join in and “make 2011 the year of leaks and revolutions.” The group also told the government to give up and said “you are losing the cyberwar, and the attacks against the governments, militaries, and corporations of the world will continue to escalate.”

[Via Gizmodo]

Read