Category: News

Facebook Crime – Removal Scam

There is a very real and fundamental problem with buying and selling anything using social media, identifying whether the person you are dealing with is legitimate. Think about it, normally when you find a trader or company they will have premises, registered offices, land lines. You may have responded to an advert or directory listing, all these things take time and money to set up.

Now let’s compare that with a Facebook Company page, which takes two minutes and no verification. In fact, you can set up a Facebook page for a fictitious company and then add hundreds of fake likes and reviews in an hour or so. The result can look extremely legitimate and representative of a well respected, reliable company or tradesman. It’s not hard to do and costs very little money, what is more if you’re reasonably careful almost impossible to trace back.

moving-312082_640

 

 

This is unfortunately what happened to Becky Szenk and her partner Mark Higgins when they moved from their flat in Wolverhampton.

They needed to find a inexpensive removal firm, and like many of us turned to the social media site Facebook to see if they could find someone. They managed to find one of those ‘man with a van’ services and immediately contacted them to book his services. Many of us do exactly the same, only last month I booked a roofing contractor who came up in a Facebook search. My experience was good despite my lack of care, however it was a very different story for Becky Szenk.

The removal guys turned up on time, and two of them quickly and efficiently loaded up their worldly possessions into a large transit van. What was notable was the speed in which they completed the task, loading up in about 45 minutes and driving off to the pub that they had invested their savings in.  Or so they thought, in fact that was the very last time they saw their stuff – the men and their possessions were never seen again.

“I have never cried more in my life than I did on Friday afternoon – I am so distraught that they have taken my engagement ring and my baby’s toys.”
Becky Szenk

It’s not an isolated case, police have reported several similar incidents just within the West Midlands area of the UK.  It is an easy crime to perpetrate, you can easily hide your tracks and the payoff can be extremely large – the possessions lost by Betty Szenk and her partner were estimated in the region of £10, 000.

 

Surprising New Palestine Charity Donors

If you follow the security and hacker world, you’ll know that there is a constant tit-for-tat battle going on across countries, religions and ideologies.  One group will deface a certain web site usually with badly spelt propaganda and  ‘1337 speak’, then a few days later another group will retaliate with an attack on a different web site.  There’s lots of threats and tough talk, and it sometimes seems like there are literally thousands of these groups all over the world fighting their own cyber way.
computercrime

The reality is that it’s been happening for so long it doesn’t really make much impact any more, unless it’s a really big commercial name.  There’s another problem with this attack method, especially due to the minimal impact – it usually takes much more effort than it’s worth.  Of course there are literally thousands of ways to hack a web site – vulnerabilities on the code, the host, bruteforce passwords or pinch user credentials – the list is virtually endless.

However it does take time, and can take an awful lot of effort which is why it often looks like a complete waste of time.  You spend days finding out a web sites vulnerabilities and hack into it, replace it with your leet message – then take a couple of screenshots.  What happens then?  The owner changes all the password, closes the vulnerability and restores the original from backup and it’s all back to normal.  Unless you dash out and advertise the hack, then it’s likely not that many have even noticed and those who do have seen it all before anyway.   Of course if it’s a bank or a big commercial site then there is much more of an impact and of course commercial implications – but those sites are likely to take much more effort and resources to hack into anyway.

Which is why I think this was a rather innovative angle by a group of  pro-palestinian (or perhaps just anti-Israeli) hackers called AnonGhost (not impressed with that name!).  They’re involved in an cyber offensive against the Israeli’s, which sounds a bit more impressive than the reality, and have been for several years in line with other Muslim extremist groups like ISIS.  It all get’s very messy here as you have a ‘free speech’ hacker group like Anonymous, working towards the same target alongside ISIS sympathising hacking groups such as AnonGhost.  Obviously supporting any ISIS related group is kind of a backwards step toward promoting free speech and liberty.

Anyway the point is that instead of just stealing a few user details and posting up a bit of tedious cyber graffiti which is overwritten half an hour later, they did something different.   They stole lots of credit card details from an Israeli based site and posted some of them online, the rest they used to make donations to a Palestinian children’s charity.

anonghostdonate

Well that’s the story at least, there is a little bit of evidence to support it but not enough to be completely sure. The irony of course relies on these being stolen Israeli credit cards. Though whether the payments were completed by the charity site – fundrazr, is also perhaps difficult to believe -especially after the facts were posted all over the web.

As usual, the attackers probably didn’t hide their tracks very well and unless they used some very secure VPNs, like these, have probably now got loads of their details listed on databases compiled by various security agencies like GCHQ and the NSA.  However as a stunt,  it was at least a little bit innovative.

Hacking Your Exam Grades

There’s a scene in the iconic 80’s film Ferris Bueller’s Day Off where the hero logs into his school’s computer system and starts modifying his records.   It’s a dream that’s probably passed through the thoughts of millions of young people over the years.  If only I could just go and change a couple of those grades discretely, no-one would ever know.

ferris-hacker

Unfortunately as with nearly all ‘computer crimes’, committing is much, much easier than getting away with it. The problem is that it’s very difficult to hide your tracks online, one tiny mistake and there’ll be lots of markers pointing your way.

This is exactly what has happened to student Imran Uddin early this year. A bio-science student at the University of Birmingham, Imran decided that his projected 2:2 degree wasn’t quite good enough and decided to try and gain access to the Universities Exam system to modify his grades slightly – changing the scores on five exams in order to boost his grades.

His attack involved installing keyloggers into a selection of the Universities computers in order to steal staff passwords who had access to the exam recording system.
keylogger
These are little hardware devices which you can pick up for a few dollars on the internet, that plug into the back of a computer and record every keystroke made on that keyboard. It’s the easiest way to steal usernames and passwords as it operates at the hardware level and you don’t need to worry about encryption and security. Imran managed to grab a handful of staff accounts including ones that were able to change the exam grades, where he duly modified his own.

Of course, the problem is that these devices have to be installed and can be identified if someone looks carefully enough. Which is what happened in this case, a technician performing an upgrade on some computers in the Bio-Science lab noticed the device. Of course then all the University computers were checked and staff found several more including one on the back of a computer in a staff only area.

After that all roads led back to Mr Uddin and when police checked his own computers they found a huge amount of incriminating evidence. There were ebay searches and purchases of the keylogging devices, evidence of a failed attempt to login to the University marking system plus loads of other forensic evidence incriminating him.

Which is mainly the problem with these computer crimes, although they’re pretty easy to commit, it’s very difficult to hide all this incriminating evidence when people start looking for it. There will be CCTV records of the keyloggers being installed, records of IP addresses and logins and of course simply looking at backups of the exam system will reveal logs of grades being modified. You can route your connection through Russian or Australian proxies but if you leave obvious clues elsewhere it won’t help you.

I once investigated a system where criminal records where accessed by someone who shouldn’t have had access. Looking at the logs of this system it took about ten minutes to find them – although there were hundreds of thousands of records the culprit stood out like a sore thumb. While every legitimate user of the system logged in and performed searches using an account in this format – USR1077672356, one account was logged in as Jamie333 (details slightly modified!). It was the first account checked and despite the individual being cunning (his name was not Jamie) it didn’t take long to find lots more evidence.

Mr Uddin was sentenced to six months and presumably lost his degree completely, he also faces the possibility of legal action from the University too. It’s impossible to know how many people actually get away with crimes like this, but one small mistake or piece of bad luck and it’s very simple to track the culprits down. Still kind of feel sorry for the guy though, but there’s definitely a lesson to be learnt here!

May you Rot in Hell – Ask Toolbar

I don’t swear much, in fact there are only three things that are likely to make me swear at all. In no particular order – my teenage son, printers and the Ask Toolbar.

I try to avoid the first two whenever possible, however I am forever plagued by the scourge that is the Ask Search toolbar.  You’ve probably come across it too, in fact if you don’t stay constantly aware the little bastard will certainly install it on your computer at some point.  In case you don’t know what I’m talking about here’s a reminder and the origin of about 99% of the installs.

asktoolba2r

This screen which most of us skip through in nano-seconds during the install of one of the 100 yearly Java updates is where you’ll get caught.  I know it’s there and it’s always getting me, you click on next and in the corner of your eye you just catch a glimpse of the ‘Add Search App by Ask.’, but it’s too late your mouse has already registered your click and continues.   You have just requested that one of the most pervasive and irritating pieces of adware be installed on your computer and have signed your agreement to whatever horrors are contained in the Ask.com Terms and Conditions.

There are hundreds of different versions of this vile search add on, which produce a variety of annoying results.  Depending on which version you have the misfortune to install, you’ll get your search results modified, adverts inserted into your browsing, your home page altered and forced to use the Ask search engine.   I hate it vehemently, it is also a complete bugger to remove as is usually the case.

Finally now though the industry is beginning to act on the sort of hate that this toolbar generates.  It’s only achieved any sort of legitimacy from piggy backing the Java install, and it’s probably done some severe damage to Oracle’s reputation.   Now Microsoft has finally classed it as malware and it’s security products now remove the accursed toolbar.  Well to be more accurate, Microsoft have classified it as ‘unwanted software’ which is like classifying leprosy as an unwanted skin condition.  I presume that’s to prevent legal wranglings and arguments over the definition of ‘malware’ – even though it is.

It’s not perfect, not all versions of the Ask toolbar are included only the earlier advert injecting ones, so you’ll still have to be on your guard. I presume it’s still in the Java Runtime installer but fortunately I’ve cut down on my drinking and haven’t accidentally installed that for a while.

 

 

No Such Thing as a Free VPN – the Hola Price

First of all I’d like to ask, would anyone mind coming round to fix my back fence – it got wrecked in high winds and needs replacing? I won’t pay you or anything, you’ll just do it because you like helping people, reward enough right? I’m not expecting to get inundated with offers, but you never know saves paying someone to do it.

It’s why I get frustrated with everyone always asking me if I know of  free proxies and vpns as if there are thousands of companies across the world who are happy to spend considerable time and money providing a service which you can use for free to watch porn or stream movies. I mean ….why would they do it? What’s in it for them? Please, people is this the way the world works, I think not.

madeasign
There’s always a reason, these things cost money and if you want to see an example of the hidden costs of using something like the adware riddled monstrosity that is Hola then read on.

There are plenty of free services around, but none of them are really free. In lieu of using their servers you have to accept slow speeds, security risks and the fact that they are likely to try and make money out of you. The usual method is by filling your computer and browsing session with lots of adverts (which generate them income). It’s very annoying and personally I wouldn’t let it near any of my computers or devices, but you can at least argue it’s fairly straight forward. You use their connection for free and they make money by bombarding you with adverts – fair enough.

However using a proxy or VPN is more than that, you are in fact handing over your entire online world to these providers and they can do pretty much anything with it. Take for instance the free VPN mentioned – Hola, most of us just thought those adverts were the payback but it appears there’s much more. They are actually hijacking your internet connection and pimping it out for cash via a service called Luminati.

Your Price to Pay for the Free VPN

Luminati is a paid anonymity service which runs on the lines of TOR, that is it encrypts your connection then relays it through a network of exit nodes in order to hide your location. On it’s FAQ page, here’s the first two bullet points –

  • All countries – Luminati is the only network that provides you with IPs in ALL countries in the world! (except N. Korea)
  • Real anonymity – the Exit Nodes in the Luminati network are regular PCs, laptops and phones, and thus are not identified as proxies or as Tor network nodes

Which is all fine and dandy, until you learn that these ‘real pcs’ are ours. Well, that is the pcs of people who use Hola. You install Hola and you are potentially allowing your PC to be sold as an exit node, that is anybody can use your connection to route their traffic to keep themselves anonymous.

Can you imagine what’s being relayed through the connections of these hapless Hola users, your connection could be being used to relay all sorts of material.

That computer sitting in front of you could at this very minute be distributing porn around the planet, hacking in to government servers or perhaps participating in a DDOS attack on a company.

It’s kind of a big price to pay for a free VPN don’t you think.

So if you’ve made it down this far into the post, and you happen to be a Hola user I’d suggest removing that Hola plugin very quickly (I’d actually reformat my drive these things are notoriously difficult to remove!). Learn a lesson that stuff on the net, that costs people money to run/develop and support is never ever going to be free.

I’m still amazed by the sheer greed of some of these people – here’s a link to the cracking summary and a Hola Vulnerability checker and proof of concept code  if you want to read more.

http://adios-hola.org/