wired – Page 72 – Tech Today w/ Ken May

FBI snares $850 million Butterfly botnet ring with help of Facebook

On Tuesday, the FBI announced that it had arrested ten people connected to a botnet that had spread through Facebook. Spread by a virus targeting Facebook users, the botnet caused over $850 million in losses to financial institutions, infected over 11 million computers, and stole credit card and bank account data. The botnet itself was shut down in October, according to an FBI statement. This is the second major outbreak of botnets based on the Butterfly (aka Mariposa) bot tool. The first incarnation, discovered in December 2008 and shut down a year later, infected over 12 million PCs worldwide and was spread primarily through file-sharing and instant messaging attacks. It also harvested financial information from over 800,000 victims. In the latest incarnation of Butterfly, the botnet spread itself using variants of Yahos, a virus that spreads itself by sending links via social networks and instant messaging. Victims clicked on the link, launching Yahos’ attack. The malware, which in some variants disguised itself as an NVIDIA video driver , then downloaded and installed the botnet controls and browser exploits that captured users’ credit card and bank account information. The spread of viruses like Yahos prompted Facebook to partner with McAfee in 2010 to provide tools to users to clean infected systems. Read 1 remaining paragraphs | Comments

View article:
FBI snares $850 million Butterfly botnet ring with help of Facebook

Why Gmail went down: Google misconfigured load balancing servers

Portions of the Internet panicked yesterday when Gmail was hit by an outage that lasted for an agonizing 18 minutes . The outage coincided with reports of Google’s Chrome browser crashing. It turns out the culprit was a faulty load balancing change that affected products including Chrome’s sync service, which allows users to sync bookmarks and other browser settings across multiple computers and mobile devices. Ultimately, it was human error. Google engineer Tim Steele explained the problem’s origins in a developer forum : Chrome Sync Server relies on a backend infrastructure component to enforce quotas on per-datatype sync traffic. That quota service experienced traffic problems today due to a faulty load balancing configuration change. That change was to a core piece of infrastructure that many services at Google depend on. This means other services may have been affected at the same time, leading to the confounding original title of this bug [which referred to Gmail]. Because of the quota service failure, Chrome Sync Servers reacted too conservatively by telling clients to throttle “all” data types, without accounting for the fact that not all client versions support all data types. The crash is due to faulty logic responsible for handling “throttled” data types on the client when the data types are unrecognized. If the Chrome sync service had gone down entirely, the Chrome browser crashes would not have occurred, it turns out. “In fact this crash would *not* happen if the sync server itself was unreachable,” Steele wrote. “It’s due to a backend service that sync servers depend on becoming overwhelmed, and sync servers responding to that by telling all clients to throttle all data types (including data types that the client may not understand yet).” Read 4 remaining paragraphs | Comments

FCC and mobile carriers commit to nationwide text-to-911 by May 2014

It seems almost stupid that it’s nearly 2013 and we’re still unable to communicate with our emergency services in any way other than picking up the phone and calling them. We can certainly imagine situations where you’d want to be able to send a quick text message to local police. The US is a bit behind here—British mobile phone users have had access to EmergencySMS since 2009. For years, we’ve been covering the slow ascent of text-to-911 . But now, the Federal Communications Commission says that the nation’s Big Four mobile carriers have agreed to “accelerate” text-to-911 capabilities for debut in 2013, with a nationwide deployment by May 15, 2014. “Building on text-to-911 deployments and trials that are already underway, this agreement will accelerate progress and ensure that over 90 percent of the nation’s wireless consumers, including millions of consumers with hearing or speech disabilities, will be able to access emergency services by sending a text message to 911, where local 911 call centers (known as a Public Safety Answering Points, or PSAPs) are also prepared to receive the texts,” the FCC said in a statement Thursday. Read 1 remaining paragraphs | Comments

Continue reading here:
FCC and mobile carriers commit to nationwide text-to-911 by May 2014

AMD puts brakes on chip manufacturing as sales plummet

Windows 8 and the holidays have failed to give PC makers the usual yearly bump in sales, and now Advanced Micro Devices is paying the price. The company announced yesterday that it has reduced its chip manufacturing orders for the last three months of the company’s 2012 fiscal year by more than 75 percent, and it will pay a heavy penalty for the changes. In a new agreement signed with manufacturing partner GlobalFoundries , AMD reduced its promised silicon wafer purchases to just $115 million, down from $500 million, while agreeing to pay a $320 million penalty for the order change over the next year. AMD spun off GlobalFoundries in 2009, and in March of 2012 it sold off its remaining stake in the company , leaving an investment arm of the government of the United Arab Emirates as the company’s sole owner. The move is part of an emergency plan to keep AMD’s cash on hand up as revenues continue to slide. On a conference call yesterday, AMD interim Chief Financial Officer Devinder Kumar said, “Liquidity and cash management remain a key focus for AMD.” The chipmaker is still looking for a permanent CFO to fill the gap left by Thomas Seifert, who bailed on the company in September “to pursue other interests.” Read 4 remaining paragraphs | Comments

iTunes (temporarily) serves porn images to Russian users

iTunes users in Russia got an eyeful on Wednesday (hat tip to Wired ) when a newly released version of the app displayed graphic images of porn instead of the foreign films they were expecting. The bug, reported to be present in the iTunes Store shown to users in Russia, is most likely the result of images that were linked to xxx.xxx. Security experts speculate it was an oversight by Apple developers, who put the address in as a placeholder and then forgot to revise it. The site happens to be the official search directory for domains that carry the .xxx top level domain, which was created last year. As a result, the iTunes section briefly featured a smorgasbord of pornographic images. Apple quickly fixed the mishap, but has yet to explain how it happened. Read on Ars Technica | Comments

See the original post:
iTunes (temporarily) serves porn images to Russian users

SpaceX gets its first military contract

The iconic “blue marble” picture of Earth, taken during the Apollo missions, will be a regular feature of the DSCOVR hardware NASA SpaceX announced that it had won two big US Air Force launch contracts Wednesday. If successful, the two demonstrations would help them qualify to compete for Air Force business against launch provider ULA (United Launch Alliance), which currently has a stranglehold on the largest Air Force launches. The first launch, planned for a Falcon 9, will send up the long-awaited NASA DSCOVR satellite to a distant point between the Sun and the Earth, where it can look at the Earth with the Sun behind it. The second, a Falcon Heavy launch, will put up several satellites and a 5 metric ton ballast, in an effort to demonstrate the Falcon 9 Heavy for the Air Force. Both contracts fall under the Air Force’s OSP-3 (Orbital/Suborbital) program, an Air Force program specifically designed to bringing in new launch companies. “GoreSat” rises from storage DSCOVR, NASA’s Deep Space Climate Observatory , has been in deep storage since 2001, when it was imprisoned by the incoming Bush Administration. DSCOVR is designed to measure the Earth’s albedo by tracking sunlight reflected back from the Earth from a distant vantage point. Former Vice-President Al Gore suggested that a video camera be installed on the satellite, with the hope that the constant video feed of the distant Earth would provide the same kind of ” Blue Marble ” perspective that the first pictures from Apollo did. The original Blue Marble picture is probably the most-circulated picture in human history, and is widely credited with contributing to the start of the modern ecology movement. Read 9 remaining paragraphs | Comments

Read the original post:
SpaceX gets its first military contract

How Windows tech support scammers walked right into a trap set by the feds

Aurich Lawson Three weeks ago, Jack Friedman got a call from a man with an Indian accent claiming to be from the Windows technical team at Microsoft. Friedman, a Florida resident who is my friend Elliot’s grandfather, was told by “Nathan James” from Windows that he needed to renew his software protection license to keep his computer running smoothly. “He said I had a problem with my Microsoft system,” Friedman told me. “He said they had a deal for $99, they would straighten out my computer and it will be like brand new.” Friedman’s three-year-old Windows Vista computer was running a bit slow, as many PCs do. Friedman is often suspicious of unsolicited calls, but after talking with Nathan on the phone and exchanging e-mails, he says, “I figured he was a legitimate guy.” Friedman handed over his Capital One credit card number, and the “technician” used remote PC support software to root around his computer for a while, supposedly fixing whatever was wrong with it. “I could see my arrow going all over the place and clicking different things on my computer,” Friedman said. But that $99 Capital One credit card charge turned into a $495 wire transfer. Then Bank of America’s fraud department called Friedman, and said, “somebody is trying to get into your account.” Whoever it was had entered the wrong password multiple times, and as a precaution Friedman’s checking account was shut down. Read 35 remaining paragraphs | Comments

More:
How Windows tech support scammers walked right into a trap set by the feds

Sophisticated botnet steals more than $47M by infecting PCs and phones

Behold—the Eurograbber, visualized. Aurich Lawson / Thinkstock A new version of the Zeus trojan—a longtime favorite of criminals conducting online financial fraud—has been used in attacks on over 30,000 electronic banking customers in Europe, infecting both their personal computers and smartphones. The sophisticated attack is designed to circumvent banks’ use of two-factor authentication for transactions by intercepting messages sent by the bank to victims’ mobile phones. The malware and botnet system, dubbed “Eurograbber” by security researchers from Check Point Software and Versafe, was first detected in Italy earlier this year. It has since spread throughout Europe. Eurograbber is responsible for more than $47 million in fraudulent transfers from victims’ bank accounts, stealing amounts from individual victims that range from 500 Euros (about $650) to 25,000 Euros (about $32,000), according to a report published Wednesday (PDF) . The malware attack begins when a victim clicks on a malicious link, possibly sent as part of a phishing attack. Clicking on the link directs them to a site that attempts to download one or more trojans: customized versions of Zeus and its SpyEye and CarBerp variants that allow attackers to record Web visits and then inject HTML and JavaScript into the victim’s browser. The next time the victim visits their bank website, the trojans capture their credentials and launch a JavaScript that spoofs a request for a “security upgrade” from the site, offering to protect their mobile device from attack. The JavaScript captures their phone number and their mobile operating system information—which are used in the second level of Eurograbber’s attack. Read 3 remaining paragraphs | Comments

Visit site:
Sophisticated botnet steals more than $47M by infecting PCs and phones

Windows 8 takes 1 percent of Web usage as Internet Explorer gains

Enlarge Net Marketshare November saw Firefox climb back up above 20 percent, Internet Explorer grow further still, and Chrome apparently suffer a surprisingly sharp drop. Enlarge Net Marketshare Enlarge Net Marketshare Internet Explorer was up 0.63 points at 54.76 percent, its highest level since October 2011. Firefox was up 0.45 points to 20.44 percent, all but erasing the last six month’s losses. Chrome, surprisingly, was down a whopping 1.31 points to 17.24 percent, its lowest level since September 2011. We’ve asked Net Applications, the source we use for browser market share data, if it has made any change in its data collection that might account for this large Chrome drop. The company attributed this in part to the exclusion of Chrome’s pre-rendering data. It estimates that 11.1 percent of all Chrome pageviews are a result of pre-rendering (where Chrome renders pages that aren’t currently visible just in case the user wants to see them) and accordingly excluded this from its figures. Read 4 remaining paragraphs | Comments

View the original here:
Windows 8 takes 1 percent of Web usage as Internet Explorer gains

Google, Microsoft, PayPal, other Romanian sites hijacked by DNS hackers

For a brief time, people trying to visit google.ro on Wednesday were connected to this page instead. Kaspersky Labs Romanian websites for Google, Microsoft, Yahoo, PayPal, and other operators were briefly redirected to a rogue server on Wednesday. The redirect is most likely a result of a decade-old hacking technique that underscores the fragility of the Internet’s routing system. For a span of one to several hours on Wednesday morning, people typing Google.ro , Yahoo.ro , and Romanian-specific addresses for other sites connected to a website that was purportedly run by an Algerian hacker, according to numerous security blog posts, including this one from Kaspersky Lab. Researchers said the most likely explanation for the redirection is a technique known as DNS poisoning, in which domain name system routing tables are tampered with, causing domain names to resolve to incorrect IP addresses. DNS poisoning first came to light in the mid-1990s when researchers discovered that attackers could inject spoofed IP addresses into the DNS resolvers belonging to Internet service providers and large organizations. The servers would store the incorrect information for hours or days at a time, allowing the attack to send large numbers of end users to websites that install malware or masquerade as banks or other trusted destinations. Over the years, DNS server software has been updated to make it more resistant to the hack, most recently in 2008, when numerous providers introduced fixes to patch a DNS cache poisoning vulnerability discovered by researcher Dan Kaminsky. Read 3 remaining paragraphs | Comments

Continue reading here:
Google, Microsoft, PayPal, other Romanian sites hijacked by DNS hackers