How IoT hackers turned a university’s network against itself

While this incident represents one of the first of its kind, the bad news is this form of attack is only going to become more common as more and more everyday items get connected to the internet, providing hackers with greater numbers of potential zombie devices.”

The reason behind it is the issue of default credentials for wireless devices. This is going to bring billions of devices into the fold by 2020, which is only three years away. Whenever it is, there’s going to be so many of these things used by people with very limited understanding of what they are,” says Dine.

Source: How IoT hackers turned a university’s network against itself | ZDNet

The network that IoT devices must use should be isolated and secured by a firewall.  This isn’t that difficult to do.

Krebs pinpoints the likely author of the Mirai botnet

The full story is admittedly lengthy, clocking in at over 8000 words, but worth the time to understand how botnet wranglers make money siccing their zombie device armies on unsuspecting targets. The sources that pointed Krebs to Anna Senpai’s identity were involved in using botnets on behalf of shadowy clients, unleashing them on security companies protecting lucrative Minecraft servers that host thousands of players. When their online gaming is obstructed — say, by repeated and annoying DDoS attacks — players leave, giving servers an incentive to jump ship to whichever security provider can ensure protection…in this case, providers that arranged for the botnet attacks in the first place.

Source: Krebs pinpoints the likely author of the Mirai botnet

MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages

MisoSMS infects Android systems by deploying a class of malicious Android apps. The mobile malware masquerades as an Android settings app used for administrative tasks. When executed, it secretly steals the user’s personal SMS messages and emails them to a command-and-control (CnC) infrastructure hosted in China. FireEye Mobile Threat Prevention platform detects this class of malware as “Android.Spyware.MisoSMS.”

via MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages | FireEye Blog.

Once the app is installed, it presents itself as “Google Vx.” It asks for administrative permissions on the device, which enables the malware to hide itself from the user, as shown in Figure 2.

Right there is a clue that something is not right.

I Flirt and Tweet. Follow Me at #Socialbot.

For some, the goal is increasing popularity. Last month, computer scientists from the Federal University of Ouro Preto in Brazil revealed that Carina Santos, a much-followed journalist on Twitter, was actually not a real person but a bot that they had created. Based on the circulation of her tweets, a commonly used ranking site, Twitalyzer, ranked Ms. Santos as having more online “influence” than Oprah Winfrey.

via I Flirt and Tweet. Follow Me at #Socialbot. – NYTimes.com.

Socialbots are tapping into an ever-expanding universe of social media. Last year, the number of Twitter accounts topped 500 million. Some researchers estimate that only 35 percent of the average Twitter user’s followers are real people. In fact, more than half of Internet traffic already comes from nonhuman sources like bots or other types of algorithms. Within two years, about 10 percent of the activity occurring on social online networks will be masquerading bots, according to technology researchers.

Web Ads Used to Launch Online Attacks

It didn’t take long for the victimized test server to begin struggling under the sudden load. In the first hour of the test, during which only $2 was spent on ads, more than 130,000 connections from browsers swamped the server. It wasn’t much longer until the server began falling offline under the growing load.

via Web Ads Used to Launch Online Attacks | MIT Technology Review.

Microsoft, FBI takedown Citadel botnet

According to Microsoft pirated Windows XP product keys were used to spread the Citadel malware. Redmond isn’t claiming a full take down because of the sheer size of the botnet but, it is optimistic that the seized equipment will help it to strengthen defenses in the future.

via Microsoft, FBI takedown Citadel botnet – ParityNews.com: …Because Technology Matters.

Prior to take down of Citadel, Microsoft has been a key player in take down of other botnets like Bamital, Kehlios and Nitol botnet

Amazon.com website briefly offline, hackers claim credit

The group went on detail how it knocked the front door down (only Amazon.com’s front page was offline), with a large “botnet” or network of thousands of computers working together.

via Amazon.com website briefly offline, hackers claim credit | Fox News.

Interesting.  Looks like a distributed denial of service (DDOS) on the grand daddy of the data center and cloud computing industry.  Amazon was down for only 49 minutes.  It will be interesting to hear the inside baseball techie talk as to how this happened and how Amazon recovered.

Tor network used to command Skynet botnet

Security researchers have identified a botnet controlled by its creators over the Tor anonymity network. It’s likely that other botnet operators will adopt this approach, according to the team from vulnerability assessment and penetration testing firm Rapid7.

via Tor network used to command Skynet botnet – online safety, security, Rapid7, encryption, spyware, malware, privacy, bitdefender, kaspersky lab – Computerworld.

“One countermeasure that companies or ISPs could eventually enforce in their firewall is to drop all packets that originate from known TOR nodes, in order to minimize the amount of potentially malicious traffic they receive,” Botezatu said. “Of course, they might also end up blacklisting a number of legit Tor users looking for anonymity.”

Start-up says 80% of its Facebook ad clicks came from bots

In a Facebook status post as well as a blog posted Monday, Limited Run said it built its own analytics program, which found that 80% of its ad clicks were coming from users with JavaScript turned off, which makes it difficult for analytics software to verify clicks. The company added that in its staff’s experience, only about 1% to 2% of clicks typically come with JavaScript turned off.

via Start-up says 80% of its Facebook ad clicks came from bots – latimes.com.

More info on this here:

BBC News – Who ‘likes’ my Virtual Bagels?.

Ebooks Made of YouTube Comments Invade Amazon Kindle Store

A pair of artist-coders have unleashed a small army of bots designed to flood the Kindle e-book store with texts comprised entirely of YouTube comments. According to the artists, even they have no idea how many books their autonomous bots are posting to the store.

via Ebooks Made of YouTube Comments Invade Amazon Kindle Store – Technology Review.

“The KINDLE’VOKE machinary is based on three major parts. (1) The “Sucker” a clever suction apparatus to gather comments from Youtube. (2) the “Ghost Writer’s Table”: the book compiler that handles generation of books content, book covers, authors at the same time. (3) The “Amazon Kindle Scatter Bots” that make the brand new digital literature available for all of us.