Category Archives: Google

Today: National Change Your Password Day, Why?

Posted on by

Russian Hackers Have 270 Million Email Logins, Including Gmail and Yahoo Accounts

Gizmodo: A report from Reuters suggests that over 270 million hacked email credentials—including those from Gmail, Hotmail and Yahoo—are circulating among Russian digital crime rings.

Reuters reports that an investigation by Hold Security revealed the huge stash of login details, that are said to be being traded among criminals. Many of the credentials relate to the Russian email service Mail.ru, but the team has also identified details from Google, Yahoo and Microsoft.

Update: There may, however, not be too much cause for concern, as Motherboard points out that the data may in fact be taken from a series of older hacks, which means the credentials are likely useless.

The team from Hold Security was offered a tranche of 1.17 billion email user records in an online forum, and asked to pay just $1 for a copy of the data. The team refused to pay for stolen data, but was given the information anyway when it offered to post positive comments about the hacker online.

The team has since sifted through the data set to remove duplicates, revealing that it contains 270 million unique records. Alex Holden, the founder of Hold Security, told Reuters that the data was “potent,” adding that the “credentials can be abused multiple times.”

Hold Security has apparently alerted all of the affected email providers. Mail.ru, Google, Yahoo and Microsoft are all now investigating the situation.

A Microsoft spokesperson told Gizmodo that “unfortunately, there are places on the internet where leaked and stolen credentials are posted,” adding that it “has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access to their account.”

It may be that the stash is out of date and doesn’t present too much of a security threat—though, of course, it could be a new pool of data, in which case the accounts included in the tranche could be at risk. Initial reports to the BBC from Mail.ru suggest that, from a sample of the records, there may not be many live email-passwords combinations in the data.

But it may be a good time to refresh your password anyway.

****

In a Wednesday statement, Mail.ru said its early analysis suggests many username/password combinations contain the same username paired with different passwords.

“We are now checking whether any username/password combinations match valid login information for our email service, and as soon as we have enough information we will warn the users that might have been affected,” the Russian service said.

The cache reportedly included tens of millions of certificates for Google Gmail, Microsoft Hotmail, and Yahoo Mail, as well as German and Chinese email providers.

“Unfortunately, there are places on the Internet where leaked and stolen credentials are posted, and when we come across these or someone sends them to us, we act to protect customers,” a Microsoft spokeswoman told PCMag. “Microsoft has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access to their account.”

Google declined to comment, while Yahoo did not immediately respond to PCMag’s request.

The junior hacker—either inexperienced in the art of haggling, or just too rich to care—asked for only 50 rubles in exchange for the “incredibly large set of data.” Equivalent to about 75 cents, the payment request did little to boost Hold Security’s confidence in the data’s credibility and value. The move was “similar to an expensive sports car being sold for pennies at auction,” the firm said.

Hold refused to pay and convinced the hacker to trade the data for likes/votes on his social media page.

“At the end, this kid from a small town in Russia collected an incredible 1.17 billion stolen credentials from numerous breaches that we are still working on identifying,” Hold Security said. More from PC Magazine.

*****

In a shocking report from FireEye Inc., a California security firm with top government connections, as well as three other reports, the existence of a Russian-based hacker group, which appears to be a joint effort by the Russian government and the Russian Mafia, has been revealed, The Wall Street Journal reports.

Terming the hacker attack “Safacy” or “APT28,” the computer anti-hacking firm’s report, called “A Window Into Russia’s Cyber Espionage Operations,” notes, “We assess that APT28’s work is sponsored by the Russian government” and is more technically sophisticated than Chinese-hacking efforts earlier detected and exposed by FireEye, the report states.
“I worry a lot more about the Russians” than about China, James Clapper, director of national intelligence, said at a University of Texas forum, the Journal reports. More from NewsMax.

ISIS Caliphate Cyber Army Next Soft Targets

Posted on by

 

Companies could be the next ISIS target

MarketWatch: Companies could become larger targets of pro-Islamic State hackers, according to a security company that analyzes the group’s online activity.

The hacking capabilities of ISIS, which has spread propaganda through online channels such as Facebook and Twitter, remain nascent and relatively unsophisticated, according to researchers at the New York-based intelligence company Flashpoint. But the group has gained supporters with hacking skills who are helping propel the group’s online campaigns, the researchers say.

“These are individuals that are hackers first, ISIS supporters second,” says Laith Alkhouri, cofounder and director of research and analysis for the Middle East and North Africa at Flashpoint. “This is definitely a problem in the U.S. for individual businesses, especially individually businesses that are catering to customers digitally.”

Alkhouri says the pro-ISIS hackers typically deface websites to post messages in support of the group to gain notoriety and spread their propaganda. Flashpoint tracked one pro-ISIS hacking group by the end of 2014 and since then, at least five different groups have emerged, typically by defacing their websites. It’s difficult to know the full scope and number of ISIS-backing hackers because they’re behind computers, he says.

Pro-ISIS hackers have in the last year targeted government agencies, universities, businesses and media outlets of all sizes, according to a report released in August by the Middle East Media Research Institute, a Washington, D.C.-based nonprofit. While ISIS hacking capabilities have been considered relatively unsophisticated and focused on companies that may not have a large security apparatus, some still worry the group could bring on more skilled hackers.

For example, on Aug. 8, ISIS supporters posted messages saying “i love you Islamic State & Jihad” on the website of a Cincinnati restaurant, according to the Middle East Media Research Institute. French media outlets held an emergency meeting after hack attacks on TV5Monde’s website in April 2015, according to The Guardian.

Small or medium-sized companies with amateur websites should monitor each page to ensure a subsection of the website hasn’t been defaced with pro-ISIS messages, Alkhouri says. Often, he says, companies may not immediately realize a subsection of their website has been taken over by ISIS supporters, and the message could hurt the brand among customers. Alkhouri says the group’s attacks could escalate as the hackers seek more notoriety and publicity for their acts.

One pro-ISIS hacking group claimed it planned to take down Google, according to Newsweek, but instead posted its messages on the website of an Indian company called Add Google Online.

The Pentagon has launched an online offensive against ISIS, according to reports, in an attempt to frustrate the group’s computer and phone networks.

A prominent ISIS hacker was killed in a drone strike last year, The Wall Street Journal reported, after U.S. and British officials determined he played a key role in sharpening the group’s computer skills.

*****

Meanwhile, the FBI is on the trail stemming from the attacks in Belgium where investigations of internet and electronic communications could reveal more on the cyberwar, soft targets.

FBI examining laptops linked to Belgian militants: source

Reuters: The Federal Bureau of Investigation is examining laptop computers linked to suspects in last week’s deadly Brussels bombings as investigators work to unravel the militant network behind the attacks.

The laptops arrived in the U.S. on Friday and now are being examined by FBI experts, a U.S. government source familiar with the matter said on Tuesday.

The Wall Street Journal reported on Monday that Belgian authorities had provided copies of laptop hard drives to the FBI. It is not yet clear whether FBI technicians have recovered any significant data from the equipment the Belgians turned over, the source told Reuters.

U.S. officials have pledged support for Belgian efforts to crack down on militants behind the March 22 suicide bomb attacks at a Brussels Metro station and the city’s Zaventem Airport and other recent attacks.

The death toll from the attack on the airport, and the subsequent bombing of a rush-hour metro train, rose to 35 on Monday, excluding the three men who blew themselves up.

On Saturday, President Barack Obama said the a team of FBI agents was helping investigators on the ground in Belgium.

U.S. officials have said that Belgium’s security and intelligence agencies are overstretched and also hampered by internal political, financial and cultural problems, including a linguistic divide between French and Flemish speaking investigators.

 

Goggle, State Dept and Overthrowing Assad

Posted on by

For reference on how Hillary’s communications were vulnerable and shared.

Clinton email reveals: Google sought overthrow of Syria’s Assad

WashingtonExaminer: Google in 2012 sought to help insurgents overthrow Syrian President Bashar Assad, according to State Department emails receiving fresh scrutiny this week.

Messages between former secretary of state Hillary Clinton’s team and one of the company’s executives detailed the plan for Google to get involved in the region.

“Please keep close hold, but my team is planning to launch a tool … that will publicly track and map the defections in Syria and which parts of the government they are coming from,” Jared Cohen, the head of what was then the company’s “Google Ideas” division, wrote in a July 2012 email to several top Clinton officials.

“Our logic behind this is that while many people are tracking the atrocities, nobody is visually representing and mapping the defections, which we believe are important in encouraging more to defect and giving confidence to the opposition,” Cohen said, adding that the plan was for Google to surreptitiously give the tool to Middle Eastern media.

“Given how hard it is to get information into Syria right now, we are partnering with Al-Jazeera who will take primary ownership over the tool we have built, track the data, verify it, and broadcast it back into Syria,” he said.

“Please keep this very close hold and let me know if there is anything [else] you think we need to account for or think about before we launch. We believe this can have an important impact,” Cohen concluded.

Hillary Emails: Google tried to boost Assad defections More:

The message was addressed to deputy secretary of state Bill Burns; Alec Ross, a senior Clinton advisor; and Clinton’s deputy chief of staff, Jake Sullivan. Sullivan subsequently forwarded Cohen’s proposal to Clinton, describing it as “a pretty cool idea.”

Cohen worked as a low-level staffer at the State Department until 2010, when he was hired to lead Google Ideas, but was tied to the use of social media to incite social uprisings even before he left the department. He once reportedly asked Twitter CEO Jack Dorsey to hold off of conducting system maintenance that officials believed could have impeded a brief 2009 uprising in Iran.

https://wikileaks.org/clinton-emails/emailid/12166#efmAMoAbj

Google Is Not What It Seems, by Julian Assange (must read)

Eric Schmidt, Chairman of Google, at the “Pulse of Today’s Global Economy” panel talk at the Clinton Global Initiative annual meeting, 26 Sept. 2013 in New York. Eric Schmidt first attended the CGI annual meeting at its opening plenary in 2010. (Photo: Mark Lennihan)

The unusual involvement by Google in foreign affairs highlights the difficulty of involvement in the internal politics of foriegn states. While Cohen seemed to consider his company’s effort as helpful to American interests, the effort to overthrow Assad helped spur the rise of the Islamic State, which eventually filled a vaccuum resulting from Assad’s loss of control over of Syria.

The exchange on Syria was highlighted by Wikileaks on Saturday. Earlier in the week, the secret-leaking website posted more than 30,000 emails that Clinton sent or received during her tenure leading the State Department.