Monday 3 June 2013

DDoS Attack take Eve Online offline

Hackers have taken the Eve Online game offline with a huge denial of service attack.
The Tranquility cluster, which houses EVE Online  and web servers, were taken out over the weekend.
According to Eve Online's Facebook page, the company mobilised a taskforce of internal and external experts to evaluate the situation. It took a couple of hours to realise that the whole system was stuffed and to switch it off while the backup plans were sorted out.
An attempt to reopen Eve Online failed and it was decided to keep the Tranquility servers and its associated websites back down for further investigation - and an exhaustive scan of the entire infrastructure.
The fear is that the hackers might have used the DDoS to try and hit customer records or other key parts of the infrastructure.
This morning engineers were close to finishing, and Eve Online tweeted a thank you to users for their patience.
Some Eve Online users have used their time to clean their bedrooms and some brave souls even ventured outside.

Rahul Tyagi found xss in Sony , Counter-strike websites


Rahul Tyagi , Senior Security Analyst from TechDefence, has identified cross site scripting vulnerabilities in high profile websites including sony, counter-strike.

Earlier Today, we got a notification from the researcher saying he found xss vulnerability in the official blog of counter-strike.  I have confirmed the vulnerability.

He also identified a non-persistent xss in Sony website.  After reporting the vulnerability, he also got appreciation and invitation mail from SONY for the SONY's security conference.

Rahul also claimed to have identified vulnerability in few other famous websites including howstuffworks, forbes, bbc, indiatimes, Indianexpress.


Hackers Breach Turkish State Hospital in Support of OccupyGezi

Hackers of the St0rmyw0rm group claim to have breached the official website of the state hospital in Beypazari, a town and district of the Ankara province in Turkey.
From the website, beypazaridh.gov.tr, the hackers have leaked what appear to be usernames and password hashes, including credentials belonging to the website’s administrators.
The IP addresses from which the site admins connect to the website have also been published on Anonpaste.me.
According to the hackers, the attack is in support of OccupyGezi, a campaign initiated by Turkish citizens in protest against the destruction of Istanbul’s Gezi Park.
Hacktivists have started supporting OccupyGezi after Turkish police used tear gas and high-pressure water hoses to get the protesters to move out of the way of the bulldozers that came to destroy the park

Cyber Attack on ING Bank Again


ING Bank is struggling again with problems in Internet banking. Customers can login on the website, but with money transfer failor.
Also transactions through the payment system iDeal not succeed. The application for the mobile phone works. According to the spokesperson is still unclear what caused the fault,he is not saying when the problems are over again.

Liberty Reserve suspension and impact on criminal underground

Liberty Reserve is a private currency exchange system issued by Liberty Reserve S.A. Of San José, Costa Rica that was shut down by US law enforcement with a deep impact on cybercriminal underground. The popular money transfer service is used mainly by cyber criminals, it is the most adopted payment services in the Russian underground considered most active criminal community in the cyber space. Liberty Reserve, founded by Arthur Budovsky, is considered a secure payment channel by criminals due the anonymity of the transactions, it is considered the official currency schema for cybercrime.
Let's step back, from 1999 to 2006 was operating the digital currency exchange known as Gold Age, a legal corporate entity registered in Panama, that was closed by regulators in 2006. Following a note from an interesting blog post on the closure of Liberty Reserve published by Idan Aharoni, head of cyber intelligence at RSA:
“The original e-currency that fraudsters adopted – e-gold – was not much different in concept than Liberty Reserve. The company was US-based and offered electronic currency backed by real gold. When prices of gold fluctuated, so did the value of an e-gold. At the time, e-gold reigned supreme in the cybercriminal circles, to the point that fraudsters were trying to defraud funds from one another.”
Following a resume proposed by Wikipedia on the end of Gold Age:
“On July 27, 2006 the New York County District Attorney's office announced the indictment of Arthur Budovsky and Vladimir Kats for allegedly violating Article 13-B of New York State Banking Law, after a six month sting operation that began in January 2006. Budovsky and Kats declared their innocence saying "We believe this is a legitimate business practice, which does not require a state license." Represented by Igor Niman, they were found guilty and sentenced to five years in prison. The sentence reduced to five years probation.
Budovsky left the country for Costa Rica and founded Liberty Reserve renouncing to U.S. Citizenship and became a Costa Rican citizen in 2011 so that Liberty Reserve could remain undetected by law enforcement. On May 27th, 2013 Budovsky was arrested in Spain on charges of money laundering following an investigation which also involved the US, the company website, LibertyReserve.com, only features a message saying it's been seized by U.S. law enforcement. The service was allegedly favored by cybercriminals and mules who took part in the recent Bank robbery of $45 million considered the biggest theft realized by a gang of hackers, the activities laundered cash that was drained from banks via ATMs around the world.
Liberty Reserve web site seized
  The figures related to Liberty Reserve activities are frightening, it had more than one million users and since 2006 until its suspension it processed around 55 million transactions, according to an indictment in U.S. District Court in New York. The indictment states that Liberty is accused of having laundered money for a total amount of $6 billion in criminal earnings, Budovsky and six other individuals ate the defendants. Liberty Reserve allegedly facilitated numerous illegal activities including credit card fraud, drug trafficking, investment fraud and child pornography.
"lying to anti-money laundering authorities in Costa Rica, pretending to shut down LIBERTY RESERVE after learning the company was being investigated by U.S. law enforcement, and moving tens of millions of dollars through shell-company accounts maintained in Cyprus, Russia, Hong Kong, China, Morocco, Spain, and Australia among other places."
The suspension of the payment service has a dramatic impact on the underground considering that majority of sale use the current schema, but according security experts the effect will have a limited impact in the time, a black market in fact is very dynamic and many vendors are also already accepting many other payment methods such as the Bitcoin.
“This is going to be devastating for the underground economy, but it's only going to be devastating for a short period of time,” “It's been around for a long time and it's become a bit of a mainstay of the underground economy.” said Steve Santorelli, director of security research nonprofit Team Cymru, to SCMagazine.
The use of Liberty Reserve was easy, users can open accounts and operate secure and rapid transactions, the indictment defines it as “bank of choice for the criminal underground,”. Liberty Reserve allowed the user’s registration without any verification of information provided, it was enough to provide a name, dates of birth and the email address. The service provided  instantaneous payment transfers and charged them with a maximum of $2.99 (£1.98) for each transaction, it also offered a private messaging facility much more private and secure than "email or instant messenger services". Idan Aharoni, head of cyber intelligence at RSA highlighted the that fraudsters will explore other channels as they have already done in the past. Cyber criminals may brush up old virtual currency schema such as WebMoney despite it doesn’t offer a friendly services such like Liberty Reserve. Another possibility is the migration to Bitcoin currency due its maturity and reliability of its transactions and of course this will cause a further intensification of criminal activities that try to exploit any system to circumvent Bitcoin Users. A serious problem for Bitcoin is the instability of the currency's value, recently its Bitcoin went from $260 to as low as $105 and this is a not auspicable for long period business as declared by Alphonse Pascual, analyst for Javelin Strategy and Research:
"Big time criminals are businessmen, so they want to protect their investments, protect their profits, and Bitcoin is too unstable to do that,".
Following the price related to Bitcoin, an event like the closure of Liberty Reserve could influence Bitcoin final prices, influence not yet evident.
Liberty Reserve as Bitcoin alternative
The shut down of Liberty Reserve has alerted anyway the Bitcoin world, Mt. Gox the world's largest bitcoin exchange is requiring all users to verify their accounts in order to make non-bitcoin currency deposits and withdrawals. Mt. Gox announced the decision on Thursday,  deposits and withdrawals using the bitcoin virtual currency, however, will not require account verification.
Mt. Gox made the policy change to comply with "strict anti-money laundering rules" and to prevent "other malicious activity."
… let’s wait what will happen, for sure the cybercrime industry will not be caught unprepared.
Pierluigi Paganini