Archives For security

Global Geek News has been Hacked [Announcement]

Jeremy Bray —  June 24, 2012 — 1 Comment

Last night, I noticed it was taking me forever to log in to Global Geek News but didn’t think much of it as I was currently getting slammed by traffic from Reddit for an old post.  It turns out, the massive traffic spike wasn’t the problem.  The real problem was that we have been hacked!

Earlier today, I went to log in to Global Geek News to find it was still taking forever to do so.  The traffic spike from Reddit had died down and while traffic was still higher than normal for a Sunday, things were still very slow.  In hopes of trying to figure out what the problem was, I went to my web hosting’s cpanel page and noticed the CPU usage was pegged at 100%.  This was the point when I knew something was wrong.

I immediately contacted my host’s support and thanks to a little digging from both them and myself, we determined that Global Geek News had been hacked.  I don’t know everything about the hack but I will tell you what I have found out and what it means for you.

The support guy, Brandon, that helped me with this issue noticed some suspicious files in an upload directory for the WordPress theme (Standard Theme by 8Bit) that I use and alerted me to them.  Not knowing all of the innards of the Standard Theme, I didn’t know if I would have an idea what I would be looking at but decided to check out the suspicious files.  And suspicious they were!

It turns out that the upload directory that they were stored in (which I didn’t even realize existed) was used by the theme to store images that I had uploaded for the ad spots on the top and right of the site.  Once in the directory, that was pretty obvious as I recognized all of those files.  Knowing which files I had uploaded (none recently), it made it pretty obvious which files were the problem.

There were 4 files that had been uploaded between June 14th, 2012 and June 22nd 2012 that were the problem.  Being the curious person I am, I decided to download and inspect these 4 files that had been uploaded without my knowledge.

Immediately upon downloading one of the files, Microsoft Security Essentials said it had cleaned a virus from my system.  After looking into it, apparently I ended up getting hit with some kind of Java exploit (luckily I keep Java up to date).  However, that was just the beginning.

The two files uploaded on the 14th turned out to be some sort of PHP injection scripts and the other two files from June 22nd were a couple of trojan viruses.  Luckily, my antivirus (Microsoft Security Essentials and Sophos AntiVirus on my Mac) wouldn’t let me open the files and they were immediately quarantined.

Just how dangerous these files were, I’m not really sure but MSE called them severe and I believe it.  For those curious, it flagged the “Backdoor:Perl/Shellbot.AH” and “Backdoor:PHP/Lollusc.A” trojans.  So when I found this out, I knew it was not good news.

After realizing I had been hacked and these files had been placed on my server, I worked with Brandon to try to find out who did this and how.  Unfortunately, the how is unknown.  We don’t know if it was the theme itself that was exploited, a plugin or WordPress.  We are fairly confident my password wasn’t compromised so we are pretty sure it was one of those three options.

However, he was able to find two IP addresses in the logs pointing to the hackers.  One indicated a hacker was attacking from the city of Jaworzno, Poland, and another from Houston Texas.  Now I don’t know if two people were involved in the hack, a person who travels a lot or just somebody using a proxy to appear to be coming from those places.  Not being a computer forensics person, I don’t really know.

After finding out everything I could, I deleted the files and everything appears to be back to normal.  I wish I knew more but sadly, that is all I know.

As for what this means for you, the reader of Global Geek News, I am really not sure.  I don’t know if you were ever exposed to any of the malicious files or not.  I’ve visited pages on Global Geek News many times since they trojans were placed on the server on Friday and noticed nothing so I would suspect you are fine, however I would highly recommend running your antivirus and antimalware software of choice to make sure that you haven’t been compromised (it is a good idea to do those things routinely anyway).

I sincerely apologize if this has harmed any of our loyal readers and I will do everything I can to keep it from happening again.  If anybody out there likes to pour over code to look for security exploits, let me know as I would love to find the flaw that gave rise to this hack and kill it.

-Jeremy

In Global Geek News, security , , , , ,
 permalink

BREAKING: Playstation Network user account info compromised

Jeremy Bray —  April 26, 2011 — Leave a comment
Logo of the PlayStation Network

Image via Wikipedia

I don’t really do much in the way of general tech/gaming news on Global Geek News anymore but this is important enough that I need to make an exception.  As I am sure most all of you are aware by now, Sony‘s PlayStation Network has been down for several days due to somebody hacking into the popular service.  Although Sony is still really tight lipped about the details of what has happened, they are now saying that the user account information of those with a PlayStation Network account has been compromised including your name, billing information, email address, password and just about all of the other data they may have from you.  Although they don’t think the database of credit card information was accessed, they can’t be certain so they are urging extreme caution.  Below is a snippet of the information they just posted over on the official PlayStation Blog which you need to go read if you have a PlayStation Network account (which is likely if you own a PS3 or PSP).  This is quite the security breach!

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

I’m not sure if it is possible to change your password while the PSN is down but if it is, I highly recommend doing it ASAP! I plan on doing it as soon as I get home although luckily I don’t use that password for anything else and can’t even remember it most of the time anyway.

Enhanced by Zemanta
In gaming, security, Sony , , , , , ,
 permalink

Interview with the creators of the first PC virus [video]

Jeremy Bray —  March 14, 2011 — Leave a comment
8-inch, 5,25-inch, and 3,5-inch floppy disks

Image via Wikipedia

Computer security company FSecure recently traveled to Pakistan to sit down and have the first on camera interview with the creators of Brain, the first PC virus.   Brothers Amjad Farooq Alvi and Basit Farooq Alvi created the boot sector virus known as Brain which was transfered from computer to computer via floppy disks.  The 10 minute video below that FSecure posted does a great job asking the brothers about the origins of Brain and why it was created.  I highly recommend watching it.  It is amazing how far we have come since this virus to ones as complex as Stuxnet.

 

Enhanced by Zemanta
In security, Viral Videos , , , , , , , , ,
 permalink

Scammers tell guy hard drive has virus, bill for $6 million

Jeremy Bray —  February 15, 2011 — 1 Comment

In the past, I have been very critical of the idiots at Best Buy’s Geek Squad and their outrageous prices but I think its safe to say I have finally found somebody worse than them.  The picture below posted on failblog has the whole story but apparently an extremely gullible computer owner was convinced that somebody was trying to infiltrate his hard drive and paid $6 million to protect himself.  Its a pretty funny story so I recommend checking out the picture below.  I think its safe to say this guy shouldn’t be allowed to use a computer anymore.

Scammers convince guy his computer is part of a vast conspiracy

Scammers convince guy his computer is part of a vast conspiracy

Enhanced by Zemanta
In computers, Cool pictures, security , , , , , , , ,
 permalink

Thief caught from leaving phone charging in house he burgled

Jeremy Bray —  February 10, 2011 — Leave a comment

I love a good story about stupid criminals and today I get to share one such story.

25-year-old Cody Wilkins was not just desperate for jewelry and money, but he was also desperate for electricity.  Wilkins broke into a house in Silver Spring, just north of Washington DC.  While he was grabbing whatever he could, he put his cell phone on a charger and left it in the house.  I should probably mention that due to a major storm, the area had been without power so he was looking for a charge.  Unfortunately for him, the son of the homeowner came home while he was still in the house.  Although he escaped the house, he forgot to grab his phone on the way out.  The police used the phone to call his girlfriend, find out who he was and were he lived so they could go arrest him.  The police were also able to link him to 10 other break-ins thanks to the fact that he still had all of the stolen loot in his house plus the fact that he used the same boots each time which made it easy to identify him with footprints (tip:  Don’t do illegal activities in the snow, you will be much easier to track.  Also, make sure to password protect your phone).  To read the whole story, check out the original post at The Washington Post.

Below is a picture of the accused thief.  Crime doesn’t pay if you are a stupid criminal.

Make sure to share this story with all of your friends and subscribe using any or all of the subscription options on the right to make sure you never miss out on any of the great content we post!

Stupid Criminal: Cody Wilkins

Stupid Criminal: Cody Wilkins

Enhanced by Zemanta
In Consumer Electronics, security , , , , , , , , , , ,
 permalink

How to stay secure on Facebook by enabling HTTPS [video tip]

Jeremy Bray —  February 1, 2011 — Leave a comment
Image representing Facebook as depicted in Cru...

Image via CrunchBase

Back in November, we posted about the dangers of a new Firefox extension that is available for download called Firesheep and how to protect yourself from it using an extension called HTTPS Everywhere.  To address this threat created that Firesheep exploited, Facebook now has a new security setting that will make you use HTTPS by default so you don’t have to worry about some Firesheep user hijacking your account.  I highly recommend enabling this feature which you can find out how to do in the video below.  The video on how to enable this new feature is thanks to the crew over at Lifehacker.

Enhanced by Zemanta
In Facebook, security , , , , , , ,
 permalink

Protect yourself from Firesheep with HTTS Everywhere

Jeremy Bray —  November 24, 2010 — Leave a comment
Picture of notebook screen with Facebook and F...
Image via Wikipedia

As I am sure most everybody that reads sites such as Global Geek News and listens to podcasts like the Global Geek News Podcast, Firesheep is a Firefox extension that can be used to hijack peoples accounts on sites like Facebook and Twitter when browsing on an open wifi hotspot.  It is trivial for anybody to use and if this is used on you, somebody could do a lot of damage by impersonating you.  Unfortunately, it is really the sites like Facebook and Twitter that have to implement HTTPS across their site for everybody to be protected and they are planning on doing that, but for now, you have to take security into your own hands and the best way to do that is with a Firefox extension called HTTPS Everywhere.  This extension was created through a joint effort by the EFF (Electronic Frontier Foundation) and the Tor project.  This extension makes sure that your cookies won’t be sent in the clear for people to grab and pretend to be you as they can with the Firesheep extension.  If you use the internet at open wifi hotspots, it is very important to install this extension if you don’t want people hijacking your accounts.  HTTPS Everywhere works for services like Facebook, Twitter, Dropbox, bit.ly, the New York Times, PayPal, Wikipedia and many others.  If you want to know all the details of how Firesheep works to understand how important it is to use HTTPS Everywhere or something like it, I highly recommend checking out Security Now episode 272.

Enhanced by Zemanta
In security , , , , , , , , , , ,
 permalink

Integrated PDF viewer comes to Google’s Chrome

Jeremy Bray —  November 4, 2010 — Leave a comment
Google Chrome Icon
Image via Wikipedia

Google has announced that their Chrome browser is getting its own PDF viewer.

The awesome new feature doesn’t require anything other than the latest beta build of Chrome.  You don’t need any additional software or plugs ins like Adobe Reader for the feature to work.  That is also a nice thing when it comes to security considering how many security problems that Adobe has, especially with their Reader software.  The viewer also has some extra sandboxing for even more security from malware and other security threats.

It sounds like they still have some work to do before it comes out the to stable version of chrome but if you want to check it out now, go download the beta version of Chrome.

In Google, security , , , , ,
 permalink

7 Free Must Have Programs to Protect Your Laptop

Jeremy Bray —  December 12, 2009 — Leave a comment

This tip comes in from Eric Lo and and is a great list of free software for protecting your laptop or netbook.  If you are getting a new laptop or netbook for Christmas, you definitely need to check out this list.  If you are getting one for somebody, you should link them to this list as soon as they get it fired up!  Eric’s tip:

Traditional computer security measures are not enough to protect your laptop and netbook. You have to pay attention on various laptop related security risks such as insecure public wireless network, laptop theft, laptop search, about which you don’t worry with your desktop computer. Whether your laptop is stolen or not, your privacy can still be at risk by simply traveling with your laptop. The Homeland Security Department and other authority can search your laptop to look for evidences on any illegal activity and illicit materials stored on your laptop such as unlicensed songs, movies, software or unlawful images of children. However, good laptop security does not necessarily cost you money. Here are 7 easy-to-use, useful and free software that can help you protect your laptop, your sensitive data and your privacy.

  1. Encryption. TrueCrypt is a trustworthy encryption program that can protect your data against unauthorized access. www.truecrypt.org
  2. Backup. Cobian Backup is a backup program that can protect your data against loss. www.cobiansoft.com. An alternative is Mozy free edition, which is an online backup software with 2 Gbytes space. www.mozy.com
  3. Antivirus. AVG free edition provides protection against viruses, spyware and other malware. free.avg.com/ww-en/download-free.
  4. Firewall. The built-in Windows firewall can protect your laptop against hackers while you’re online. (but make sure it is configured properly)
  5. Alarm. LAlarm is like a car alarm for your laptop. The software can help prevent your laptop from theft, and can also recover and destroy your data in the laptop in case of theft. www.lalarm.com
  6. Tracking. Prey is laptop tracking software that can locate your laptop if it is stolen. www.preyproject.com
  7. File shredder. Eraser is a data sanitizing program that can permanently delete sensitive data such as passwords, Internet  browse history, personal information from your laptop. www.forensicswiki.org/wiki/Eraser

I have never tried Cobian Backup, but if you are looking for more storage than you can get with Mozy but don’t want to pay a monthly fee, I recommend using Amazon’s S3 data storage.  I find it is far more economical for myself because rather than a monthly fee, it is just $.15/GB transferred.  Considering how much I back up a month, it tends to be the best deal for me.  Also, when it comes to antivirus, I am an Avira AntiVir person but I have always heard great things about AVG.  Anyway, make use of this tip!

Thanks Eric!

If you would like to send in your own tech tips, e-mail them to me at pcnerd37@globalgeeknews.com

Follow Global Geek News on Twitter and listen to the latest Global Geek News Podacast!

In security, Tech Tips , , , , , , , , , , , , , ,
 permalink

The PlayStation Network Terms of Service: Revisited!

Jeremy Bray —  October 21, 2008 — Leave a comment

Greetings Readers!

After the huge response I have received from my post yesterday about Sony’s updated Terms of Service/User Agreement for the PlayStation Network, I have decided that I should write a follow-up post addressing some of the points that have been brought up.  I was trying to get in contact with somebody at Sony who could respond, but like Gamespot, I have not had any luck.  Before I get into this post, I would like to thank everybody that shared the link for yesterday’s post as it is now the third most viewed post on the Global Geek News Blog behind the Twitter Etiquette and Twitter Etiquette 2 posts.  OK, here we go.

Probably the biggest comment I have received so far is in regards to the protection of children from online predators.  This is certainly a valid point, which lead to Sony adding the following statement to the new Terms of Service.

You may not provide anyone with your name or any other personally identifying information other than your own Online ID, or the name, password or personally identifying information of any other person or business through any means, including messaging, chat or any other form of PSN communication.

While I agree with the purpose behind this statement, I think it goes a bit too far.  I think giving this information should be up to the users and their own personal judgment or that of their guardians.  I have met countless people online, and if I was restricted by this rule, I would not have many of the great friends I have today.  I also play online with friends, and I don’t to risk banning because I refer to somebody by their actual name rather than their Online ID.  Protecting the children is a honorable goal, but restricting everybody to protect a few is going too far.

Another popular opinion that I have seen is that this Terms of Service is no worse than most of them that are out there.  When I am bored, I am known to read Terms of Service type documents, so I know this is not the case.  While I will agree that many Terms of Service are overly restrictive and often rarely enforced, to say this is no worse than others is just plain wrong.  When Google did something very similar when they launched Chrome, trying to say that everything created through their browser was essentially theirs, they were immediately called out on it and they backed off.  That is what needs to happen here.  It is time that Terms of Service are not so one sided, and many such documents are beginning to reflect that as technology becomes more open.  I know that my legal section for this site is nowhere near as ugly as this terms of service.  In the interest of fairness and to show that I am not out to destroy Sony, I will be reviewing the ToS of the other consoles and writing about them later this week.

Another hot button topic seems to be the giving of information to third parties.  From what I have read, many people seem to be against it, especially when they realize that it is personal information that is being given.  Personally, I generally don’t much care if companies gather anonymous usage statistics on things I do.  As long as no personally identifying information about me is not sent, especially in an insecure manner, I don’t mind contributing to make a product better by allowing companies to see how I am using a product for future improvements or what bugs I am running into that need fixed.  When my personal information is sent, especially to third parties who can also distribute it to whomever they choose, that is when I have a problem.  It is even worse when there is no way to opt out of such a policy.  With the way it stands now, if I don’t agree, I don’t get to use my PS3 or PSP, and that is that.  Giving personal information out in such a manner is a huge security and privacy problem.  The more people that have your information, the higher your chances of identity theft.  Also, such information transfer is illegal in some places.

The last major point that has been made that I want to talk about is that these are just meant to cover Sony’s butt if somebody decides they want to sue them.  While I will agree with that, I believe they went much farther than that, especially when they refuse to do anything about lost data purchased from the PlayStation Store, even when they are the one to have caused the problem.  As I stated before, protecting children and stupid people in general is certainly an admirable goal, but there are better ways to go about it than doing something like this.  Courts have thrown out Terms of Service in the past because they are overly restrictive and just plain bad that no reasonable person would accept them, something that could very easily happen in this case.  A balance must be struck between Sony protecting its hardware, network, and contracts and the consumer and allowing them to use their system in the way that they choose.

Don’t forget to check back later this week as I will talk bout the Terms of Service that come with the other consoles and the possibility of comment from Sony on this issue!  I am also likely to talk about this on the next Global Geek News Podcast, so keep an eye on that!  Like always, follow me on Twitter or Friendfeed if you want to be notified of when new posts go up.  Until next time, don’t forget to comment (And be a constructive commenter)!

Follow me on Twitter!

-Jeremy “pcnerd37″ Bray

In gaming, security , , , , , , , , , , , ,
 permalink