Prosecutors suspect man hacked lottery computers to score winning ticket

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren’t connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

via Prosecutors suspect man hacked lottery computers to score winning ticket | Ars Technica.

The Evidence That North Korea Hacked Sony Is Flimsy

Attribution Is Difficult If Not Impossible

First off, we have to say that attribution in breaches is difficult. Assertions about who is behind any attack should be treated with a hefty dose of skepticism. Skilled hackers use proxy machines and false IP addresses to cover their tracks or plant false clues inside their malware to throw investigators off their trail. When hackers are identified and apprehended, it’s generally because they’ve made mistakes or because a cohort got arrested and turned informant.

Nation-state attacks often can be distinguished by their level of sophistication and modus operandi, but attribution is no less difficult. It’s easy for attackers to plant false flags that point to North Korea or another nation as the culprit.

via The Evidence That North Korea Hacked Sony Is Flimsy | WIRED.

A list of previous Sony Hacks here.

Sony Hackers ‘Completely Owned This Company’

“It’s really a phenomenally awesome hack—they completely owned this company,” Schneier, who is regularly consulted by the federal government on security issues, said. “But, I think this is just a regular hack. All the talk, it’s hyperbole and a joke. They’re [threatening violence] because it’s fun for them—why the hell not? They’re doing it because they actually hit Sony, because they’re acting like they’re 12, they’re doing it for the lulz, no one knows why.”

via Bruce Schneier: Sony Hackers ‘Completely Owned This Company’ | Motherboard.

Unless you know how infiltrators got into Sony’s system there is no way figuring out the who behind the hack.  So far details of this has been lacking and as far as potential culprits targeting Sony, North Korea is probably least capable from an education standpoint and logistics.  Social engineering, getting people inside Sony to cooperate is usually behind successful infiltrations.  Sony’s Playstation network was taken down awhile ago.  I suspect whoever did that probably is behind this despite what movie is about to be released soon.

Hacking Gmail with 92 Percent Success

The researchers monitor changes in shared memory and are able to correlate changes to what they call an “activity transition event,” which includes such things as a user logging into Gmail or H&R Block or a user taking a picture of a check so it can be deposited online, without going to a physical CHASE Bank. Augmented with a few other side channels, the authors show that it is possible to fairly accurately track in real time which activity a victim app is in.

There are two keys to the attack. One, the attack needs to take place at the exact moment the user is logging into the app or taking the picture. Two, the attack needs to be done in an inconspicuous way. The researchers did this by carefully calculating the attack timing.

via UCR Today: Hacking Gmail with 92 Percent Success.

The researchers created three short videos that show how the attacks work. They can be viewed here:

Why would Chinese hackers want hospital patient data?

people without health insurance can potentially get treatment by using medical data of one of the hacking victims.Halamka, who also runs the “Life as a healthcare CIO” blog, said a medical record can be worth between US$50 and $250 to the right customer — many times more than the amount typically paid for a credit card number, or the cents paid for a user name and password.

via Why would Chinese hackers want hospital patient data? | ITworld.

The Hackers Who Recovered NASA’s Lost Lunar Photos

When they learned through a Usenet group that former NASA employee Nancy Evans might have both the tapes and the super-rare Ampex FR-900 drives needed to read them, they jumped into action. They drove to Los Angeles, where the refrigerator-sized drives were being stored in a backyard shed surrounded by chickens. At the same time, they retrieved the tapes from a storage unit in nearby Moorpark, and things gradually began to take shape. Funding the project out of pocket at first, they were consumed with figuring out how to release the images trapped in the tapes.

via The Hackers Who Recovered NASA’s Lost Lunar Photos | Raw File | WIRED.

The resulting framelets had to be individually reassembled in Photoshop. After kluging through countless engineering problems (try finding a chemical substitute for whale oil to lubricate tape heads), the LOIRP team was able to single out and reproduce the famous earthrise image. This proof of concept brought the first NASA funding in 2008, and the team recently completed processing the entire tape collection.

Bitcoin Exchange Mt. Gox Goes Offline Amid Allegations of $350 Million Hack

A coalition of bitcoin businesses — including bitcoin wallet-makers Coinbase and Blockchain — quickly put out a statement as news of the hack spread. “This tragic violation of the trust of users of Mt. Gox was the result of one company’s abhorrent actions and does not reflect the resilience or value of bitcoin and the digital currency industry,” they said. “There are hundreds of trustworthy and responsible companies involved in bitcoin.”

via Bitcoin Exchange Mt. Gox Goes Offline Amid Allegations of $350 Million Hack | Wired Enterprise |

Decoding radio-controlled bus stop displays

I had the opportunity to observe a display stuck in the middle of its bootup sequence, displaying a version string. This revealed that the system is called IBus and it’s made by the Swedish company Axentia. Sure enough, their website talks about DARC and how it requires no return channel, making it possible to use battery-powered displays in remote areas.

Not much else is said about the system, though; there are no specs for the proprietary protocol. So I implemented the five-layer DARC protocol stack in Perl and was left with a stream of fully error-corrected packets on top of Layer 5, separated into hundreds of subchannels. Some of these contained human-readable strings with names of terminal stations. They seemed like an easy starting point for reverse engineering.

via absorptions: Decoding radio-controlled bus stop displays.

Hackers Take Limo Service Firm for a Ride

It’s understandable why the company would decline to comment: Inside the plain text archive apparently stolen from the firm are more than 850,000 credit card numbers, expiry dates and associated names and addresses. More than one-quarter (241,000) of all compromised card numbers were high- or no-limit American Express accounts, card numbers that have very high resale value in the cybercrime underground.

via Hackers Take Limo Service Firm for a Ride — Krebs on Security.