Sunday, April 10, 2016

41 foreigners arrested in cyber crime syndicate probe

“According to their passports, they had been given three month tourist visa. What they are doing is not in line with tourism,” he said. “We are yet to know what they were up to"/MIKE KARIUKI
Detectives on Friday arrested 41 foreigners who were in the process of setting up a sophisticated communication centre in a house within Runda Estate in Nairobi.

Nine were women and 32 men, with 22 of them being Chinese and 19 Taiwanese.

Security officers led by the Director of Criminal Investigations Ndegwa Muhoro raided the house, where they recovered several communication equipment among them 14 laptops and eight mobile phones among other gadgets.

Muhoro said police are pursuing the owner of the house and a Kenyan who brought them to the country.

“According to their passports, they had been given three-month tourist visas. What they are doing is not in line with tourism,” he said. “We are yet to know what they were up to.”

The first foreigner in the batch arrived in the country on February 18 this year while the latest arrived on April 1, 2016.

Police acted on a tip off from members of the public who had noticed “suspicious activities going on within the compound hosting them.”“According to their passports, they had been given three month tourist visa. What they are doing is not in line with tourism,” he said. “We are yet to know what they were up to”
Read more:    http://www.capitalfm.co.ke/news/2016/04/41-foreigners-arrested-cyber-crime-syndicate-probe/

Wednesday, March 30, 2016

FBI unlocks iPhone without Apple's help

The US Department of Justice has cracked the iPhone of one of the San Bernardino shooters without Apple's help  and has abandoned its attempt through the courts to force the company to assist.

Prosecutors withdrawing (PDF) the court motion for Apple to help crack shooter Syed Farook's iPhone 5C said: "The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc".

The unlocking by the department, which has been acting on behalf of the FBI, comes after more than six weeks of growing tensions between technology companies and the law enforcement agencies. Led by Apple, tech companies and civil liberties groups have argued that the case represented a "dangerous precedent".

As a result of the FBI's claim that it had unlocked the iPhone, Apple said the "case should never have been brought". A statement issued by the company said it would continue to help law enforcement agencies with investigations where it could but it would also "continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated."

The security agency had asked Apple to create a new operating system -- dubbed GovtOS by the Californian company -- to allow electronic, rather than manual password submission, remove time delays between password entry attempts and bypass the erase data function on the phone. The US government had argued the court motion was essential and it needed Apple's help to access the iPhone.

Withdraw of the order to compel Apple to create a new operating system for the US government follows reports that the FBI was helped by a private security company; the day before the two sides were due to face off in court the DoJ filed a motion to postpone the hearing, as it had purportedly been made aware of a potential way to access the data on the phone of the killer.
 

Tuesday, March 29, 2016

Hackers are using “USB Thief” named Trojan to steal data

A new Trojan has been found by the security researchers of security company ESET. The Trojan found by them is a USB based Trojan. This is a widely used Trojan by hackers to steal the sensitive data of users these days. It is an insidious data stealer. It relies in USB devices to spread itself.

How it works?

It is not easily detectable Trojan. A special multi staged encryption process has been used by developers of this Trojan, which can protect this Trojan from Antivirus Tools. “USB-thief” is also capable to infect air gapped (that systems which are protected by Network Firewall or other security equipment) systems. From here you can guess, how much dangerous this Trojan is. This is a special designed Trojan, which could save itself inside the USB with file name “Win32/PSW Stealer.NAI”. When user attached the infected USB with his system, this Trojan will automatically run and start tracing all the activities done by user on his computer system.

Thomas Gardon is a malware analyst at ESET. According to him this is a new type of malware which he has noticed recently. This is a hard coded Trojan, which is using different methods to steal information as compared to all other Trojans. This Trojan has been intelligently coded by its developers because it does not leave any type of evidence behind it the hacked system. This Trojan is using only USB devices to do its works and it do not copy any type of file in victim’s computer system.

How “USB-thief” is storing itself?

It can store itself as a .DLL file. Dynamically Library Linked (DLL) files has been used by application as their plugins. These files works as a driver for the applications. In case of Mobile devices, this Trojan can modify itself and could store itself as program files of commonly used mobile applications such as Notepad++, TrueCrypt and Firefox. When user will launch these applications, this Trojan will automatically turn it on in background.

How to trace this Trojan?

According to Malware Analysts of ESET, it is very difficult to trace this Trojan. Even best tools are unable to detect it. The only reason behind this is, this Trojan resides on the USB device only and it will not do work by going outside the USB. This is a smart Trojan and does not leave any evidence behind. People should avoid to use that USB devices which were attached with untrustworthy third party computer systems and sources. This is the only way to protect your system from this dangerous Trojan.

Security Tips for Users to Avoid this Trojan

  • Organise cyber security programs to aware your employees. More knowledge they will have, more secure their systems will.
  • If the USB ports which are not in use, disable them. Hackers can use these ports to spread malware in to your systems.
  • Do not attached that USB devices, which were attached with public systems. For example computer systems of a Cyber Café.
  • Make some special rule sets in their systems to avoid malicious entries.