Scottish police believes that 10% of call centres in Glasgow have been infiltrated by organised crimine, the BBC Newsnight Scotland’s Raymond Buchanan reports.
“Crimeware” is the latest label given to the technology toolkit criminals (and wanna-be kiddies) use to get information on Internet users’ identities for fraudulent purposes — or just for fun and the 15 minutes of fame in the case of kiddies.
A report by the Anti Phishing Working Group (download link) lists common penetrating mechanisms:
- Attachments sent via email or instant message – or in an apparently
discarded hardware devices such as USB keys;
- Piggybacking schemes in which crimeware is embedded into another piece
of software such as an apparent shareware application;
- Internet Worms that exploit vulnerabilities within networks and PCs to
propagate themselves and install back doors and other crimeware
- Web Browser Exploits in which browser vulnerabilities are leveraged to
directly infect PCs from the compromised server by the pages being
viewed or by injecting crimeware code remotely via scripting exploits
into the PC;
- Distribution via Hacking in which crimeware is installed manually by
hackers who have discovered or exploited vulnerabilities that give them
access and control of a PC;
- Distribution via Affiliate Marketing in which marketing programs
provide incentives to 1) install malware on visitors PCs, some of which
can be later exploited to plant crimeware or 2) to directly install
crimeware on visitors’ PCs.
While this does not sound new, really, it report is a truly nice textbook approach explaining how these attacks work, backed up with some nice statistics, too. It makes a good read for people with an intermediate knowledge of Internet technology; and it provides ideas for countermeasures against the featured modes of attack.
Download, read, enaction, … and distribute.
Stop Swiss Police Using Trojans for VoIP Tapping!
Swiss authorities are investigating the possibility of tapping VoIP calls, which could involve commandeering ISPs to install Trojan code on target computers.
VoIP calls through software services such as Skype are encrypted as they are passed over the public Internet, in order to safeguard the privacy of the callers.
This presents a problem for anyone wanting to listen in, as they are faced with trying to decrypt the packets by brute force — not easy during a three-minute phone call. What’s more, many VoIP services are not based in Switzerland, so the authorities don’t have the jurisdiction to force them to hand over the decryption keys or offer access to calls made through these services.
The only alternative is to find a means of listening in at a point before the data is encrypted.
In order to install the application on the target computer, the Swiss authorities
envisage two strategies: either have law enforcement surreptitiously install it locally, or have the telco or ISP which provides Internet access to that computer install it remotely.
The application, essentially a piece of Trojan code, is also able to turn on the microphone on the target PC and monitor not just VoIP conversations, but also any other ambient audio.
Watchfire has published a whitepaper on the most common application-level hack attacks
It lists the most common attacks on web-forms which are used to collect personal, classified and confidential information.
- Manipulating cookie information
- Manipulation of hidden fields
- Changing parameters
- Buffer overflow
- Cross-site scripting
- and many more
The paper also outlines a guideline for developing secure web applications.
By giving away your details you can register to receive this whitepaper at watchfire.com