Posted by Kevin Huffman
Tech
Thursday, March 18th, 2010
&h=&q=90&w=90&h=65&zc=1" class="alignleft" alt="">
Now here’s a delightful story. A gentleman in Austin, Texas was laid off from his job as a car mechanic. The thing is, he was “pretty good with computers.” So, in order to get petty revenge on his former employers, he used a system to remotely disable more than 100 cars . Fun! The man, one Omar Ramos-Lopez, 20, didn’t take kindly to behind laid off. Hey, it’s tough out there, so I can understand that he’d be upset. The shop where he worked used a system that can be used to remotely disable the ignition system or cause the horn to honk uncontrollably. (It can’t be used to disable an already on car.) So, activate the system! And he did, causing the cars to either not start or, more hilariously, honk until the battery was removed. The system used a Web interface to remotely control the cars. Its original, non-prank intention was to kindly remind people to make their car payments. Police were able to trace the “attacks” to Ramos-Lopez by examining the site’s logs. The logs pointed right to his IP address. You’d think he’d at least run the attacks through a proxy server or whatever…
Posted by Kevin Huffman
Tech
Tuesday, March 9th, 2010
&h=&q=90&w=90&h=65&zc=1" class="alignleft" alt="">
From now on, any story about “hackers” or “hacking” will be accompanied by a link to the song “ Halcyon And On And On ,” as made famous by the movie Hackers . With that in mind: who made more money last year, Wall Street fat-cats or hackers? The U.S. FDIC says that online scams cost businesses $25 million last year . These scams include phishing and other associated nonsense, which you really ought to be smart to nowadays. The most common way for people to be bilked out of their money is that they’re tricked into giving away the bank account info. You get an e-mail from “Citybank” that says something is wrong with your account, or that it needs to be “verified” or whatever. So you put your info in, and now some punk kid in St. Peterberg or Kazan has your bank info. Have fun dealing with that! I’ve said it at least 80 million times in the past year: do not go around giving your info to anybody. Nobody!
Posted by Kevin Huffman
Tech
Sunday, February 28th, 2010
&h=&q=90&w=90&h=65&zc=1" class="alignleft" alt="">
Here’s some troubling news for my fellow World of Warcraft players. It seems that hackers, account thieves, and other miscreants have now embraced man-in-the-middle (MITM) attacks to further their evil ways. Blizzard says it’s not a widespread issue, and it’s rather difficult to pull off, but it’s something y’all should be aware of. The deal is that WoW hackers are able to infect your PC—this is a PC-only problem, mind you, so Mac players can more or less ignore all of this—with a bit of malware that’s then able to initiate the MITM attack. The purpose of this is to intercept your login name, password, and authenticator number so that they can log into your account. Once online, they can do whatever it is you’d be able to do inside the game world: sell items, mail gold to other players, etc. They cannot, it should be noted, delete your actual account or anything like that. Still, it’s potentially devastating, selling all your epics for fast gold, then turning around and selling that gold for real money to someone else. MITM attacks aren’t new or anything. There’s plenty of programs out there can initiate them rather easily, letting people intercept passwords, instant messages, you name it. They work in that they sit in between your PC and the server you’re trying to connect to. So, if you’re playing WoW , instead of your username and password and authenticator number going directly to Blizzard’s servers, they first go to the hacker’s rogue server, which then passes the info onto your intended server, capturing the information in the process. It’s essentially invisible to you, the end-user, which is why the attacks are so dangerous. Blizzard has already identified the piece of malware that initiates the MITM attack, so be on the lookout for emcor.dll. Be sure to keep your anti-virus software up to date. One final bit: the odds of you being a victim of such an attack are quite low, if only because it requires so much work for the hacker to pull off; you’d have to be hacked a the very moment he wants to break into your account, and that’s something that simply doesn’t happen. Rather, your account will be compromised on, say, Monday, but it won’t be until the following Saturday that the hacker actually access your account. And again, the worst thing that could happen with this kind of attack would be for someone to sell off your character’s items and gold, then, for good measure, delete your character—your actual account cannot be tampered with. That may be a distinction without meaning, yes. So yeah, just be sure to keep your anti-virus software up to date, and keep your wits about you. Stay away from the shady parts of the Internet! via wow.com