h4ck3r _ N3w5

Do you know that your Facebook account can be accessed by Facebook engineers and that too without entering your account credentials? Recent details provided by the social network giant show who can access your Facebook account and when.

No doubt, Facebook and other big tech companies including Google, Apple and Yahoo! are making their services out of reach from law enforcement and spies agencies, but at the same time they itself, at least some employees, have access to your personal data.

Earlier this week, director at the record label Anjunabeats, Paavo Siljamäki, brought attention to this issue by posting a very interesting story on his Facebook wall. During his visit to Facebook office in LA, a Facebook engineer logged into his Facebook account after his permission, but the strange part — they did it without asking him for the password.

ACCESS WITHOUT NOTIFICATION

Facebook even didn’t notify Siljamäki that someone else accessed his private Facebook profile, as the company does when your Facebook account is accessed from any new device or from a different Geo-location.

Siljamäki got in contact with Facebook in order to know how many of Facebook’s staff have this kind of ‘master’ access to anyone’s Facebook account and when exactly they can access users’ private data, and also, how would anyone know if his/her Facebook account has been accessed.

When the social network giant asked about how the employee got access to user’s Facebook account without entering the account credentials, Facebook issued the following statement:

“We have rigorous administrative, physical, and technical controls in place to restrict employee access to user data. Our controls have been evaluated by independent third parties and confirmed multiple times by the Irish Data Protection Commissioner’s Office as part of their audit of our practices.“

WHO CAN ACCESS MY FACEBOOK ACCOUNT?
The company didn’t explain exactly who can access what, but it assured its users that the accounts access is tiered and limited to specific job function. The access to accounts are granted to most employees in order to reply to a customer request for information or error report.

“Designated employees may only access the amount of information that’s necessary to carry out their job responsibilities, such as responding to bug reports or account support inquiries,” Facebook goes on explaining. “We have a zero tolerance approach to abuse, and improper behavior results in termination.“

In short, the social network giant has a customer service tool that can grant Facebook employees access to a user’s account. Facebook runs two separate monitoring systems that generate weekly reports on suspicious behavior which are then reviewed and analyses by two independent security teams, specifically a selected group of employees.

Facebook gives a strict warning when hired employees to use this tool and fired any employee directly who abuse it. So, you need not to worry about Mark Zuckerberg accessing your account, unless you yourself ask Facebook for help with something and have given permission.

Subscribe to Quick News Updates

Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1zoLxvO

TalkTalk, one of the biggest UK-based phone, TV and Internet service provider with 4 million customers, has admitted it suffered a major Data Breach.

TalkTalk said customer information was accessed after a breach at a third-party company, in which names, addresses, phone numbers and TalkTalk account numbers have been stolen.

According to the report, TalkTalk customers began reporting problems on the TalkTalk forums late last year. Whereas, in some cases, hackers used customer details to scam bank information from the victims.

TalkTalk has confirmed that “a small, but nonetheless significant” number of customers have had their account details compromised by hackers, claiming to be from TalkTalk in order to trick them into handing over their banking details.

“At TalkTalk we take our customers’ security very seriously and we take numerous measures to help keep our customers safe,” TalkTalk spokesperson said in a statement. “Yet sadly in every sector, criminal organisations using phone and email scams are on the rise.“

“As part of our ongoing approach to security we continually test our systems and processes … following further investigation into these reports, we have now become aware that some limited, non-sensitive information about some customers could have been illegally accessed in violation of our security procedures.“

So far, it isn’t clear that how many TalkTalk customers’ data have been breached, but the company remains confident and reassure its customers that “no sensitive data“, like a customer’s date of birth, bank or credit card details has been compromised, and also that no TalkTalk Business customers are affected by the breach.

TalkTalk says it has taken “urgent and serious steps” to secure its systems and, meanwhile, warns its customers to be wary of any suspected phone or email correspondence purporting to be from TalkTalk.

A TalkTalk customer, Graeme Smith from County Durham spoke to the Guardian, reporting that the cyber criminals were able to steal almost £3,000 out of his Santander bank account. Smith said it was too late when he realised there was a problem.

The company also says that it has begun legal action against those third-party that had contacted the affected customers to reveal their banking details.

Subscribe to Quick News Updates

Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1MYbMU2

A new Tails 1.3 has been released with support to a secure Bitcoin wallet. Tails, also known as the ‘Amnesic Incognito Live System‘, is a free security-focused Debian-based Linux distribution, specially designed and optimized to preserve users’ anonymity and privacy.

Tails operating system came to light when the global surveillance whistleblower Edward Snowden said that he had used it in order to remain Anonymous and keep his communications hidden from the law enforcement authorities.

Tails 1.3 offers new applications, updates to the Tor browser, and fixes a number of security vulnerabilities from previous releases of the software and specially introduces Electrum Bitcoin Wallet.

NEW FEATURES IN Tails OS 1.3

• Electrum Bitcoin Wallet
• Updated Tor Browser Bundle
• obfs4 pluggable transport
• KeyRinger

Electrum Bitcoin Wallet is one of the major changes Tails 1.3 received. Electrum is a new open-source and easy-to-use bitcoin wallet that protects you from losing Bitcoins in a backup mistake or computer failure.

Bitcoin isn’t completely anonymous, however, pseudonymous nature of Bitcoin gives it far more privacy than credit card transactions.

Whereas, Electrum Bitcoin Wallet resolves this issue as it doesn’t download the bitcoin blockchain and the wallet can be recovered entirely from a passphrase, called seed.

You can use your Bitcoin wallet from different devices, which allows you to avoid losing Bitcoins in case of backup mistakes or hardware failures.

Tor Browser Bundle, a privacy oriented encrypted anonymizing web browser developed by the Tor Project, received an important update that brings enhanced security for both your personal data as well as the host operating system by restricting reads and writes to a limited number of folders.

The recently released Tor Browser Bundle 4.0.4 is installed in the latest Tails 1.3, based on Mozilla Firefox 31.5.0 ESR.

SHARE SECRETS AND HIDE YOUR TOR TRAFFIC

Tails 1.3 also added KeyRinger, an encrypted and distributed secret sharing software running from the command line. KeyRinger allows users to manage and share secrets with other people using the Git and OpenPGP technologies in a distributed manner.

In addition, the obfs4 pluggable transport has also been implemented in Tails 1.3, which would allow users to connect to Tor bridges. Pluggable transports specifically transform the Tor traffic between the client and the bridge in order to mask Tor traffic from law enforcement agencies.

UPGRADES AND CHANGES

• The manual installation processes in Tails 1.3 no longer require users to invoke the isohybrid command on GNU/Linux or Mac OS X operating systems. This simplifies the entire installation process.
• The tap-to-click and two-finger scrolling trackpad settings are now enabled by default.
• Support for the Ibus Vietnamese input method has been added.
• Support for OpenPGP smartcards has been improved through the installation of GnuPG 2.

DOWNLOAD TAILS 1.3

You can download the latest version of Tails 1.3 via a direct download from Tails Website.

Subscribe to Quick News Updates

Follow ‘Wang Wei on Google+, Twitter or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1BlvvII

The Federal Communications Commission (FCC) on Thursday approved its strongest Net Neutrality Plan ever, setting new rules to keep broadband Internet in the United States “Fair, Fast and Open.”

Net Neutrality is simply the Internet Freedom — Free and Open Internet. It is the principle that Internet service providers (ISPs) should give consumers access to all and every contents and applications on an equal basis, treating all Internet traffic equally.

NET NEUTRALITY WINS

The regulations were passed in a 3-2 vote by commissioners, with the chairman and two Democratic commissioners voting in favor and the two Republican commissioners voting against,saying they will dampen innovation and investment.

The Federal Communications Commission (FCC) is an independent agency of the United States government, which regulates interstate and international communications by radio, television, wire, satellite and cable.

“It’s a red letter day for the Internet,” said FCC chairman Tom Wheeler just prior to calling the vote. “Today history is being made.“

KEY FEATURE OF NET NEUTRALITY

The new “net neutrality” rules apply to both home broadband connections and the wireless networks that power smartphones. Net Neutrality aims at :

• Banning providers of high-speed Internet access such as Verizon and Time Warner Cable from blocking or slowing Websites they don’t like.
• Banning Internet providers from auctioning off faster traffic speeds to the highest bidders and slower speeds to other services.

The net neutrality rule approved today is an incredible victory in the history of Internet that wouldn’t be possible by protests, Facebook posts, tweets, meetings with Congress and everything else online users have ever done in order to protect their Internet freedom.

BIG TECH ISN’T CELEBRATING

Net neutrality approved is a fantastic news and it’s news we’ve been waiting years to hear, but many big tech companies aren’t celebrating the big news, not at least publicly.

The most controversial part of the FCC’s decision reclassifies fixed and mobile broadband as a telecommunications service, with providers to be regulated as common carriers under Title II of the Communications Act, designed for the telephone industry back in the 1930s.

From now on, broadband services will be treated like a phone service, which is strictly regulated where Internet service providers are not allowed to do things such as prioritize a particular website’s traffic to the damage the popularity of its competitors.

Internet service providers such as Verizon, AT&T, Comcast and Time Warner Cable heavily opposed the Title II decision. But Tom Wheeler believes Title II puts the FCC on stronger legal ground.

In 2010, the FCC passed net neutrality rules relying on some of its weaker authority, but a Verizon lawsuit in 2011 led to a judge largely overruling the rules.

PRESIDENT OBAMA APPLAUDED NET NEUTRALITY RULE

U.S. President Barack Obama is a strong supporter of net neutrality and, he personally thinks that the Internet should be left open and free so that the entrepreneurs can succeed. “You want to leave it open so the next Google and the next Facebook can succeed.” President Obama said last year.

The FCC decision fulfills a promise made by President Obama stemming from his days on the campaign trail, when he announced in 2007, that if elected President, he will support for net neutrality to protect a free and open Internet.

A special thank-you message from the President for the FCC decision reads:

Today’s FCC decision will protect innovation and create a level playing field for the next generation of entrepreneurs–and it wouldn’t have happened without Americans like you.

More than 4 million people wrote in to the FCC, overwhelmingly in support of a free and fair internet. Countless others spoke out on social media, petitioned their government, and stood up for what they believe.

I ran for office because I believed that nothing can stand in the way of millions of voices calling for change. That’s the backbone of our democracy–and you’ve proven that this timeless principle is alive and well in our digital age.

So to all the people who participated in this conversation, I have a simple message:

Thank you,

Barack Obama

via The Hacker News http://ift.tt/1DgE0Bo

Tor — a privacy oriented encrypted anonymizing service, has announced the launch of its next version of Tor Browser Bundle, i.e. Tor version 4.0.4, mostly supposed to improve the built-in utilities, privacy and security of online users on the Internet.

Tor Browser helps users to browse the Internet in a complete anonymous way. The powerful Tor Browser Bundle, an anonymous web browser developed by the Tor Project, received some updates in its software.

Tor Browser Bundle is basically an Internet browser based on Mozilla Firefox configured to protect the users’ anonymity via Tor and Vidalia. The anonymity suite also includes 3 Firefox extensions: Torbutton, NoScript and HTTPS-Everywhere.

NEW FEATURES

The latest version, Tor Browser Bundle 4.0.4, has been recently released, with a few number of new features:

• Updated to Firefox to 31.5.0esr with important security updates.
• Update OpenSSL to 1.0.1l
• Update NoScript to 2.6.9.15
• Update HTTPS-Everywhere to 4.0.3

BUG FIXES

• Meanwhile, the new Tor version 4.0.4 also include some bugfixes:
• Bug 14203: Prevent meek from displaying an extra update notification
• Bug 14849: Remove new NoScript menu option to make permissions permanent
• Bug 14851: Set NoScript pref to disable permanent permissions

“A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory,” states the Tor project team.

Tor is generally thought to be a place where users come online to hide their activities and remain anonymous. Tor is an encrypted anonymizing network considered to be one of the most privacy oriented service and is mostly used by activists, journalists to circumvent online censorship and surveillance efforts by various countries.

However, late last year we have seen large scale cyber attack on Tor network that quietly seized some of its network specialized servers called Directory Authorities (DA), the servers that help Tor clients to find Tor relays in the anonymous network service.
On the other end of the side, last month 12 high-capacity Tor Middle relays was launched by the Polaris — a new initiative by Mozilla, the Tor Project and the Center of Democracy and Technology — in order to help build more privacy controls into technology. The addition of high-capacity Tor middle relays to the Tor network helps reduce finite number of Tor connections occurring at the same time.

Subscribe to Quick News Updates

Follow ‘Wang Wei on Google+, Twitter or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1DxxGbk

From now on the users of the Firefox and Opera browsers don’t need to rely on the Chrome browser to access WhatsApp Web client, as the most popular smartphone messaging service has announced that the Web-based version of its service now works on Firefox and Opera too.

WHATSAPP WEB AVAILABLE FOR OPERA & FIREFOX

Almost a month ago, WhatsApp launched the web client of its service but the access was limited only to the Google Chrome users. Now, the company is giving more choices to desktop users by launching WhatsApp Web Today for Opera and Firefox browsers, though you’ll still have to wait a little long if you’re a Safari user.

WhatsApp Web is nothing than an extension of the core mobile WhatsApp application. It syncs conversations from your smartphone devices to your PCs, with everything stored on the mobile device itself.

HOW TO USE WHATSAPP ON PC/DESKTOP

In order to install WhatsApp web in your PC or laptop running Google Chrome, Mozilla Firefox or Opera browsers, you need to follow same steps, as the sign-up process is the same as with Chrome browser:

• Interested WhatsApp users simply need to open Chrome and navigate to http://web.whatsapp.com
• A QR code will appear on the web page, which must be scanned using WhatsApp mobile application to activate the service.
• By scanning the QR code that appears, users will automatically have paired their mobile WhatsApp with the WhatsApp web client, as shown.

For now, WhatsApp Web only works with Android, Windows Phone and BlackBerry devices, but unfortunately, iPhones still don’t have the capability to scan the WhatsApp Web QR code because there’s no web solution at this time for iOS users because of limitations of the platform.

Currently, WhatsApp has 700 million users sending 30 billion messages per day, and is bigger than most of its competitors, including Facebook Messenger, Line and WeChat. Now, this new WhatsApp web client available for a wider range of browsers will definitely increase its market.

Subscribe to Quick News Updates

Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1Eu9zfo

New Generations usually bring new base technologies, more network capacity for more data per user, and high speed Internet service, for which Internet service providers usually advertise. However, it is believed that the fifth generation (5G Technology) of mobile network will be beyond our thoughts.

1TBPS OVER 5G

Security researchers from the University of Surrey have just achieved Record-Breaking data speeds during a recent test of 5G wireless data connections, achieving an incredible One Terabit per second (1Tbps) speed – many thousands of times faster than the existing 4G connections.

After 4G, 5G is the next generation of mobile communication technology that aims at offering far greater capacity and be faster, more energy-efficient and more cost-effective than anything that has seen before. The boffins say 5G will be different – very different.

The 5G test was conducted at the university’s 5G Innovation Centre (5GIC), which was founded by a host of telecoms industry partners including Huawei, Fujitsu, Samsung, Vodafone, EE, Aircom, BT, Telefonica, Aeroflex, BBC and Rohde & Schwarz.

DOWNLOAD 100 MOVIES IN JUST 3 SECONDS

1Tbps of speeds are far faster than previously announced 5G tests – Samsung’s 7.5 gigabits per second (Gbps) record, which was 30 times faster than 4G LTE (Long-Term Evolution) speed and just less than 1% of the Surrey team’s speed.

“We have developed 10 more breakthrough technologies and one of them means we can exceed 1Tbps wirelessly. This is the same capacity as fiber optics but we are doing it wirelessly,” 5GIC director Prof Rahim Tafazolli told the news website V3.

With 1Tbps, it is possible to download a file 100 times the size of a feature film in just three seconds. This incredible speed is over 65,000 times faster than the current 4G download speeds.

5G EXPECTED TO ROLL OUT BY 2020

The test was carried out over a distance of 100 meters using equipment built at the university. The head of the 5GIC said he planned to demonstrate the technology to the public in 2018. It’s believed that 5G could possibly be available in the UK by 2020.

UK communications regulator Ofcom has been supportive of efforts to get 5G to the public. Ofcom previously said it expected 5G mobile should be able to deliver speeds between 10 and 50Gbps, compared with the 4G average download speed of 15 Megabits per second (Mbps).

According to Prof Tafazolli, there were hurdles to overcome before 5G would be ready, he said, “An important aspect of 5G is how it will support applications in the future. We don’t know what applications will be in use by 2020, or 2030 or 2040 for that matter, but we know they will be highly sensitive to latency.“

There is a need to bring “end-to-end latency down to below one millisecond” in order to enable latest technologies and applications which would just not be possible with 4G. Tafazolli mentioned 3D holographic chess games on smartphones, controlling connected cars over 5G and other possible future applications requiring such low latency.

5G – NEW FRONTIER FOR CYBER ATTACKS

5G will, no doubt, provide a high speed Internet connectivity that would be really a great news for all, but that would be a distinction for cyber criminals as well. In Future, by leveraging 5G technology, it would be very easy for hackers and cybercriminals to take down almost any website on the Internet using Distributed Denial of Service (DDoS) attacks.

In Era of expected 50Gbps Internet speed at home or business, there would be no need for cyber criminals to make a critical infrastructure of botnets by compromising hundreds of thousands of devices, rather they only need few devices with 5G Internet connection to launch the ever largest DDoS attack of around 1 Tbps.

To resolve such issues in future, High speed Internet service providers and online communications service providers need to setup real time monitoring, reporting, limiting, and mitigation and protection mechanism against DDoS attacks in an attempt to protect online users.

Subscribe to Quick News Updates

Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1AN3gAL

Lenovo.com, the official website of world’s largest PC maker has been hacked.

At the time of writing, users visiting Lenovo.com website saw a teenager’s slideshow and hacker also added song “Breaking Free” from High School Musical movie to the page background.

It appears that Lizard Squad hacking group is responsible for the cyber attack against Lenovo and it could be in retaliation to the Superfish malware incident.

It was revealed earlier this week that Lenovo had been pre-installing controversial ‘Superfish’ adware to its laptops which compromised the computer’s encryption certificates to quietly include more ads on Google search.

The Superfish Malware raised serious security concerns about the company’s move for breaking fundamental web security protocols, because anyone with the password that unlocks that single password-protected certificate authority would be able to completely bypass the computer’s web encryption.

After that Facebook security team also discovered at least 12 more apps using the same “SSL hijacking” technology that gave the Superfish malware capability to evade rogue certificate.

But now Lenovo has admitted their mistake and distributing a Superfish removal tool for cleaning computer.

Subscribe to Quick News Updates

Follow ‘Wang Wei on Google+, Twitter or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1LEC4ah

It seems like the world has declared war against the _____________. On one hand where the U.S. feds are offering $3 Million in Reward for the arrest of GameOver Zeus botnet mastermind, on the other hand British cyber-police has taken down widely-spread RAMNIT botnet.

The National Crime Agency (NCA) in a joint operation with Europol’s European Cybercrime Centre (EC3) and law enforcement agencies from Germany, Italy, the Netherlands, and the United Kingdom has take down the Ramnit “botnet”, which has infected over 3.2 million computers worldwide, including 33,000 in the UK.

Alike GameOver Zeus, RAMNIT is also a ‘botnet‘ – a network of zombie computers which operate under criminal control for malicious purposes like spreading viruses, sending out spam containing malicious links, and carrying out distributed denial of service attacks (DDoS) in order to bring down target websites.

RAMNIT believes to spread malware via trustworthy links sent through phishing emails or social networking sites, and mainly target people running Windows operating systems in order to steal money from victims bank accounts. Moreover, public FTP servers have also been found distributing the malware.

Once installed, the infected computer comes under the control of the botnet operators. The malware inadvertently downloads a virus onto the victim’s computer which could be used by operators to access personal or banking information, steal passwords and disable anti-virus protection.

RAMNIT SHUT-DOWN IN AN OPERATION

In a statement on Tuesday, Europol revealed that the successful take-down of Ramnit botnet involved the help of Microsoft, Symantec and AnubisNetworks. The groups shut down the botnet’s command and control infrastructure and redirected traffic from a total of 300 domain addresses used by Ramnit criminal operators.

“This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime,” said Wil van Gemart, Europol’s deputy director of operations. “We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes.“

NASTY FEATURES OF RAMNIT BOTNET

Symantec says that Ramnit has been around for over four years, first originating as a computer worm. According to the anti-virus firm, Ramnit is a “fully-featured cybercrime tool, featuring six standard modules that provide attackers with multiple ways to compromise a victim.” The features are:

• SPY MODULE – This is one of the most powerful Ramnit features, as it monitors the victim’s web browsing and detects when they visit online banking sites. It can also inject itself into the victim’s browser and manipulate the bank’s website in such a way that it appears legitimate and easily grab victim’s credit card details.
• COOKIE GRABBER – This steals session cookies from web browsers and send them back to the Ramnit operators, who can then use the cookies to authenticate themselves on websites and impersonate the victim. This could allow an attacker to hijack online banking sessions.
• DRIVE SCANNER – This scans the computer’s hard drive and steals files from it. The scanner is configured in such a way that it searches for specific folders which contain sensitive information such as victims’ passwords.
• ANONYMOUS FTP SERVER – By connecting to this server, the malware lets attackers remotely access the infected computers and browse the file system. The server can be used to upload, download, or delete files and execute commands.
• VIRTUAL NETWORK COMPUTING (VNC) MODULE – This feature provides the attackers with another means to gain remote access to the compromised computers.
• FTP GRABBER – This feature allows the attackers to gather login credentials for a large number of FTP clients.

WHY BOTNET RE-EMERGE AFTER TAKEDOWNS ?

According to the authorities, Ramnit botnet has been taken down, but is it guaranteed that the botnet will not re-emerged again? We have seen the took down of GameOver Zeus botnet by FBI and Europol as well, but what happened at last? Just after a month, GameOver Zeus botnet again came into operation with more nasty features.

So, What went wrong? Why Botnet take downs are ineffective? One reason could be that the organisations grab and take-down only a small fraction of command-and-control domains that build up the Botnet critical infrastructure, but leaves a majority of fraction active. This takes some months for a botnet operator to recover.

As more and more botnet networks are taken down by Law Enforcement, cyber criminals are increasingly using secondary communication methods, such as peer-to-peer or domain generation algorithms (DGA).

One of the main reasons that the Botnet re-emerged is because the author of the malware didn’t get arrested. No matter how many domains are taken down or how many sinkholes researchers create, if the attackers are not arrested, nobody can stop them from building new Botnet from zero.

On this we really appreciate the FBI step to reward $3 Million for the information leading to the direct arrest or conviction of Evgeniy Mikhailovich Bogachev, the alleged author of GameOver Zeus botnet that was used by cybercriminals to steal more than $100 Million from online bank accounts.

Subscribe to Quick News Updates

Follow ‘Mohit Kumar’ on Google+, Twitter or Facebook or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1GvJzQ6

The US State Department and the Federal Bureau of Investigation announced Tuesday a $3 Million reward for the information leading to the direct arrest or conviction of Evgeniy Mikhailovich Bogachev, one of the most wanted hacking suspects accused of stealing hundreds of millions of dollars with his malware.

This is the highest bounty U.S. authorities have ever offered in any cyber case in its history. The 30-year-old Russian man who, according to bureau, is an alleged leader of a cyber criminal group who developed the GameOver Zeus botnet.

STOLE MORE THAN $100 MILLION

Evgeniy Mikhailovich Bogachev, also known under the aliases “lucky12345,” “Slavik,” and “Pollingsoon,” was the mastermind behind the GameOver Zeus botnet, which was allegedly used by cybercriminals to infect more than 1 Million computers and resulted in more than $100 Million in losses since 2011.

GameOver Zeus makes fraudulent transactions from online bank accounts once installed in a target system with the capability to conduct Distributed Denial of Service, or DDoS, attack using a botnet, which involves multiple computers flooding the financial institution’s server with traffic in an effort to deny legitimate users access to the site.

SAME MASTERMIND BEHIND CRYPTOLOCKER

Not just GameOver Zeus botnet, the alleged suspect is also accused of masterminding the CryptoLocker Ransomware, which is designed to extort money from computer users by holding computer files hostage until the computer user pays a ransom fee to get them back.

CryptoLocker encrypts victims’ hard drives with strong AES-256-bit encryption before it demands money. The ransomware was widely distributed on the Gameover ZeuS botnet and, as a result, has infected hundreds and thousands of computers.

Gameover ZeuS botnet was disrupted by the feds last year but remains operational. “Although we were able to significantly disrupt the Gameover ZeuS and Cryptolocker criminal enterprise, we have not yet brought Bogachev himself to justice,” Assistant Attorney General Leslie Caldwell said in a statement.

MOST WANTED CRIMINAL

Joseph Demarest Jr., assistant director of the FBI’s cyber division, described Bogachev as both “one of the world’s worst” and “brilliant at what he did.” The authorities charged Bogachev with conspiracy, computer hacking, wire fraud, bank fraud and money laundering under a 14-count indictment last year.

“We are turning to the world again for assistance in locating Bogachev,” said FBI assistant director Joseph Demarest. “While he is known to reside in Russia, he may travel. With this $3 million reward incentive, someone, somewhere may see him and let the authorities know his whereabouts.“

CALL FBI TO BE REWARDED IN $3 MILLION

In appearance, Bogachev is 5’9″ tall, weighs around 180lbs, with brown eyes and brown hair. Last time he was seen in the Russian seaside resort of Anapa. He is believed to be still in Russia, although “he may travel,” according to authorities.

Bogachev is on the FBI’s Most Wanted cyber list. Anyone spotting him and wishing to be rewarded by the Federal Bureau of Investigation can call the feds at 1-800-225-5324, or can do the same online by visiting tips.fbi.gov.

Subscribe to Quick News Updates

Follow ‘Wang Wei on Google+, Twitter or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1BcFKyY